www.baltana.com Open in urlscan Pro
95.211.152.187 Public Scan

URL:
http://www.baltana.com/
Submission: On May 04 via manual (May 4th 2021, 7:27:04 pm UTC) from CA

Summary HTTP 185 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 56 IPs in 7 countries across 44 domains to perform 185 HTTP transactions. The main IP is 95.211.152.187, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is www.baltana.com.

This is the only time www.baltana.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	95.211.152.187 95.211.152.187	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:9000:20c... 2600:9000:20c8:3600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::ac43:4597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:9c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:3a00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.122.26.231 3.122.26.231	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
4 5	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
7 8	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 13	2606:4700:20:... 2606:4700:20::681a:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5 5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
3 17	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
4 4	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.194.148.31 34.194.148.31	14618 (AMAZON-AES) (AMAZON-AES)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1 1	52.21.63.28 52.21.63.28	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.170.231.210 35.170.231.210	14618 (AMAZON-AES) (AMAZON-AES)
1	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1	23.59.71.246 23.59.71.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
185	56

41 95.211.152.187 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

www.baltana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:3600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4597 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:9c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:3a00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.26.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.144.59.88 (Secaucus, United States) 4 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.13 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:24e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.108.145.8 (Berlin, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.19 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.63.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.186 (United States)

ASN32748 (STEADFAST, US)
PTR: ip186.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.94.232.32 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.148.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.63.28 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-63-28.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.231.210 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-231-210.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.71.246 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-71-246.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	baltana.com www.baltana.com	803 KB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com	333 KB
18	doubleclick.net 5 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	179 KB
16	casalemedia.com 3 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com ssum.casalemedia.com	17 KB
13	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	6 KB
10	adnxs.com 7 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	25 KB
9	yahoo.com 4 redirects c2shb.ssp.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	7 KB
8	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com	363 KB
7	googletagservices.com www.googletagservices.com	174 KB
6	google.com 1 redirects adservice.google.com www.google.com	860 B
5	a-mo.net 4 redirects prebid.a-mo.net	1 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	57 KB
4	google-analytics.com www.google-analytics.com	34 KB
3	pubmatic.com ads.pubmatic.com image6.pubmatic.com	18 KB
3	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net	1 KB
3	google.de adservice.google.de	1 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	973 B
2	eqads.com 1 redirects um2.eqads.com	564 B
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	adsrvr.org match.adsrvr.org	529 B
2	betweendigital.com 2 redirects ads.betweendigital.com	925 B
2	sonobi.com sync.go.sonobi.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	51 KB
2	criteo.com bidder.criteo.com gum.criteo.com	337 B
2	googleapis.com fonts.googleapis.com	2 KB
1	stickyadstv.com ads.stickyadstv.com	726 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	377 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com ic.tynt.com
1	turn.com d.turn.com	407 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	creativecdn.com prebid-eu.creativecdn.com	176 B
1	googleadservices.com partner.googleadservices.com	409 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
185	44

	Domain	Requested by
41	www.baltana.com	www.baltana.com
17	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.baltana.com
13	pagead2.googlesyndication.com	www.baltana.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
11	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io ssum-sec.casalemedia.com
10	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com um2.eqads.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.baltana.com
8	ib.adnxs.com	7 redirects assets.vlitag.com
7	www.googletagservices.com	tag.vlitag.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.baltana.com www.googletagservices.com
5	cm.g.doubleclick.net	5 redirects
5	prebid.a-mo.net	4 redirects assets.vlitag.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ups.analytics.yahoo.com	4 redirects
4	ssum-sec.casalemedia.com	js-sec.indexww.com sync.quantumdex.io ssum-sec.casalemedia.com
4	ap.lijit.com	4 redirects
4	c2shb.ssp.yahoo.com	assets.vlitag.com
4	assets.vlitag.com	tag.vlitag.com
4	www.google-analytics.com	www.baltana.com www.googletagmanager.com www.google-analytics.com
3	www.google.com	1 redirects googleads.g.doubleclick.net www.baltana.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	gu.dyntrk.com	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
2	ads.betweendigital.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	pixel.advertising.com	2 redirects
2	js-sec.indexww.com	assets.vlitag.com ssum-sec.casalemedia.com
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.us.e-planning.net	1 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	fonts.googleapis.com	www.baltana.com googleads.g.doubleclick.net
2	services.vlitag.com	www.baltana.com services.vlitag.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	sync.adotmob.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	onetag-sys.com	sync.quantumdex.io
1	ic.tynt.com	sync.quantumdex.io
1	ssum.casalemedia.com	1 redirects
1	ms.quantumdex.io	1 redirects
1	u-ams02.e-planning.net
1	acdn.adnxs.com	assets.vlitag.com
1	ad.doubleclick.net	www.googletagservices.com
1	d.turn.com	googleads.g.doubleclick.net
1	www.googletagmanager.com	tag.vlitag.com
1	gum.criteo.com	static.criteo.net
1	useast.quantumdex.io	assets.vlitag.com
1	bidder.criteo.com	assets.vlitag.com
1	htlb.casalemedia.com	assets.vlitag.com
1	prebid-eu.creativecdn.com	assets.vlitag.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	logs.vlitag.com	www.baltana.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	tag.vlitag.com	services.vlitag.com
1	maxcdn.bootstrapcdn.com	www.baltana.com
1	platform-api.sharethis.com	www.baltana.com
185	68

This site contains links to these domains. Also see Links.

Domain
valueimpression.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-14` - `2021-07-14`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-03-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.a-mo.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.e-planning.net R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
um3.eqads.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh

This page contains 28 frames:

Primary Page: http://www.baltana.com/
Frame ID: D427EBD3716B5A605A6A0002B86B1632
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 49A33C6C4DFE4ED2A47D7F175C3F1B45
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: CF8804204A7E163C5D3C68DB69D0A8E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=280&slotname=4122239477&adk=916237887&adf=2653041513&pi=t.ma~as.4122239477&w=1200&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1620156402537&bpp=23&bdt=492&idt=866&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4002683631965&frm=20&pv=2&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZcrFR3pDJE&p=http%3A//www.baltana.com&dtd=1526
Frame ID: FA1EB5D6EA5597D307F5D45D28E04386
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&adk=1812271804&adf=3025194257&lmt=1620156404&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.baltana.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1620156402537&bpp=3&bdt=492&idt=1040&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=1667
Frame ID: 4371BC46E0CC77FEAB516908D5F5090F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: EBB9147E2216FFFF26994336B995F719
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615
Frame ID: AD2250650FE0D873679A75EB7B5A766F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Frame ID: DFCCDB6FEC4E8630C39BE7449DDB76BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 955D812EAA132BF9B744F4191BC76BB3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js
Frame ID: 2E7E0B89BCC52B089FD1DABBB8C3F917
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.baltana.com&gdpr=1&gdpr_consent=
Frame ID: BBEE5F2CCA7BD40DD04940AB623784A6
Requests: 1 HTTP requests in this frame

Frame: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0F39BBBCF4ABE7408D3724B03C430ADE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28
Frame ID: 49D17DCEC662495C27B261BE539FFE53
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2JChCozp8CGJWZ5aYBMAE&v=APEucNUbnKWXOSU1Zqz5FaPr5dSgq7pG-aBnYUU5WyS_koVkfDxhPesHH01o996eymrcL-pwsOCoiOsBIEQPnprV-BFo6APaOTMQG4vqn3lxIYWIRXbtdfQisONMicuNkkXKmK5mvSdM-2ISkUQNTzOl-PkSmG0nCkIf14diIgUn51YIAQToxsKmQWCEjFve6nCh3RPVfO2sNSzgm_05loNdCCFFEGgYNg
Frame ID: D1C8D17C8E9CCE80C743B6AEB7C08197
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgxdZ01tqoOBozaG2fsuIWihPc0l4TXAY31W9Gn2wRAxbxHKQkFma2Qo2f_B-dljRG0NsVC_RO0vbrHKRN5CSEfM2yFXtA5MUL0PSSIvVqVX_D3exs2zt634WAiz-HHNZ7ybQ3Psb20DgYiLc0yeEsXGeW9g&cry=1&dbm_d=AKAmf-CKWE_jq97pDS-F20uipV_NuyX_RrPKZkvCuh0MJ7CtAnkTZruTeJmFSzenZ1JEIhNZd28Vv_DuWGeNWIWpC1XeKgjut_vWo8ab6R2TBdte-EstzBG9Evs9b8OMtzvsfB3xwx8PkxJVUdRMF0CEL6muQC5ipPBS-SPnTwWnTG4dYDfUV2tpVm6vhUd1M01OfesI4uHhn4YVWAZDROOaP-kcEC0wQlzgeAgaTJ6Nc0YjkXguLDQlTVmAoFdvgCscUoLJxxUMk_GqtFcvtFQVPQ3WV-cRidX3DGD5dm9SzZtKwxfS_yEsLybVm3_QPVlAcWYcN1lJiTaHxofNOBPb3CITeaQs6xUYJ-x3hr-X7EIQBZb8VKUvX97sE2HTAC2Ja0MUFxwifS3eHt1QJBeHTqNlwbymTvMsMzu1hV0r6NJ_EZf1XcRXE7V9_G8qVT1OnveyIGo303jon5z4D-X6aNEUJlp_DJnxVMH6EDoDv-89h2odwuPLSKP7elypY1dST6XnLIymlnzmJb5RbZ7WkMVo1AhWoPK99OsHM5egjkFUegQXBWC5f0-b1o3N12S2VwX6SSGnWnYP9ABc6V4kJ6CzncxHg2HuATuMOwvUx5s-asTxgwDPjy6hhk0cw9xfu03PCpyIsKGq_GN5Ko_3UqbXg-ta8Yf1Zhv3JXucCvJ8P9Z0wEzBrta6OqvxzOsE2wJ9fzWHR4YdyfwsR2uTPmbuQKVrRJBIuoJvAxtqxmTGl7vUnHynP2C57jhk667QvrLFIMuIq8oDtrVOA1IjAQiR9jouhoj9IPthiUjLMArLjPICM1AN-xBgcRHiIs54StSE933jZrxK4wS2Arc2RUqGXxNCGchLAgwGVehieZA2F7BkILeUzE9zkIP_55ki66nmbvfzXbgUChtG95UwaL8KPa9wTX-BYHyEf5txkPYn3wPiRAVXsPCGILHgm-ihB_aITFliHWOnccpfoDC1Py9zqfyILubb9rxh142wdUN3jmLXlq93QVilbJ71CthJ0lV4WRe1zsPiVW9mS1t8eE5dh-ZibCufIPiEgb194qFN0B1c7JkhYa5Uw1puEdpp5EtBnUPgsP9CStgsSmawgZUctIZLo7KAaTcrhItlqVHGzHOxeveXVq6wUAJgSgt96ZYF_XTrgZ_tLrF_4o1GCgAxaswedw35ZtZ18b8p1MiLBuElQhGiZC7jvXUzb1WDXcZVGdq7rPFwLaIq-OKzNE5dj7-SvVKRqc0LM0Vg-9NgsVtmTyYRcmSfdr0lwK8thBSK0sInbCQfB5PCF3PyIfp8fV84dLdnOF1_sbUJgLziFLY22P4jGveqtJQNYY318VomKYq_NaUcmK-lyapuwrnOVcGHnxUVH3t7PTh8vUFPGiP9cxRGGmLTUsXZA6jQDoRJInMhwe15G5ADZyrEi9pOoobWd3c_F5Nv9AXhkwKVUGfJlDkJUuO1ewbFv_AQaxCuihTplH25pC1QDe6AYi5VgBvwAGayRzQiNlijJEh_HnR8NqdmphDl4VURgF21Bhs5-TzmakMk6NUFYYIAp7QBoSvdlwNhLWlFPtmuAWu0M0C6fG3WLKpPlBdzfBWcZd4m1nZ66RZCOrO3YvMSkQ6qjijpfIjhvfo7TsuqrsCYp0sBD-gsljHR3i-3te6dq5CsnxfxrS-Vu_omiC4BDoaLH-Dt-y1yNJPUCQba4GU2Bz3zo5BsU9QDdFom0mRhbLfrv_4xZwuF-fYFlnL9wqx06bwohDx4GWOgyGvcXwJXNOQqnPjYk8QXsznypJh1pSLLcvfEObRSU4-h55eO9o-45HPUFQWohAYFP3swzacEU4zV9cJZkEtLXnQ4wzqU81I6jF8-4HmhVLluaZKqH71eOF9Q-4ZLaopQZvRAKEsfsv_5vCv4kXxAGMSzgadpdFyaN6e2BF9FoalE6ZwBi7FcP5Sn5LQiVEKaZQXZQbw60WsJDlESSO6odPC8O9Z8VnTleiDAbFE7OyJti375XCybxVqaQgjUUbE9KAK647JM-GNFo8aDHIdK3zFsJQ8m40C4x9E7hRYyFp1pGqlYrayM6SC4VcF6bYYTJZtyfdmvCGR7peguqmmp0txOVh4TsOa_1EtPlRHmhZSUAnlMg_I0WqOtZhhgbIQKUSGt532T7mPzd_Lux3Rl6ThosCcrMpK-7ffr1OE5f7KYm0oUeLnQKoprQUJNV86w9YiF41MrxWS4jvHb2BEX5qXhMGs_yIJCtBJB-KU1J9TvtVoSHmgcrOsgZNvgF7X-nDt_X3T16hndmxsAfapDyAtA2WYIFbO19eLcfkcyWAjmSdCwmyvjL2DWxhWd6gAUQBgPutgjooedMHLnEt5ooBoE0iidX_ZYl23oE4MYBFk3TbK8k278fA5s-UHF-XIKZrKmhCzaAPzsiGQxi0sPmdTf3Y2MWvaRWc22JKAS0m60uKpJOdM-VuufwWYIfiiWw07uTtxhpbYsSeF06YokSjzLh1f6lK7VidCtXwlz9Ytw2vFSfAi7fzjznXOKNHwnfBmX_rYDUSF61dbOaaL8KQCxsEDMqXWq559LvcfiCA2jQ8fGzqV1Om7njcapoTLA4Z-PN1l5W9pxKE0YV9Pd2Jf4zbzuGknvpqnSS4JrrWraW03Sowu5TvE3NQjZB7qYVMABrAlP5GpEI2s87qkItC6V9LDanSXeIKr_trtCuu2DRZI3SFenUq1BbvIwfRb2WXBVGFEpJbByecNiyIayDt69af-Kns8rAQG0DimP4WqJ5RukzmXCzqAmOTiIH9j8RnGAahjchrGqn0ZHuzZEgvbYkiPPDcMbK7XzOnCc3DqRt8qbMkQU-C-sk0QlNaxAxeRz-sGxS5a0I9A73nvAssiEztysgNvg0F9VfOlORinwSyfeahKTMS1W0n10uz1gXlrWFkk4wF70_X65S-pmRw0ZsPVDWeXYsWioFHd7L59PpbGWYmdxwRQ6Lc3Kg4W0eM0KrhGfW593FvBGaEQX3wpAO-Qqcws8-DNiR3VxP0MUD5zh9LSNvF8cv5MEyyTapo86WTFeS9b0NAoLtxxLiKnR4I4HiJciq4gfQv0McQqOR387OQhF46BqJQ&cid=CAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE&rfl=2%2Chttp%253A%252F%252Fwww.baltana.com%252F%240
Frame ID: ACE5FDFDFCAF27D8D370BD4E3C411D67
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1EF8473AB639BCCAF8128FD210A599CC
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N3347.1882640AMNET.BE/B25722706.302188530;dc_ver=71.205;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=2988274605;ord=4bb45v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4LpR-J-RYP79JtqP3gO-wJnoD5_BhsRio8q0nOMN286Z0J4kEAEgvc-GaGC5-MeA3AHIAQmpAg5Mg9KHKrQ-qAMBqgS7AU_Qh4jXtNLMK26Gi66G8DzUKnIm9OBlOeZZNdbEeOqvXV1_fOhbtpfnJEKxUrRfntK_YqK8anW7mDdvtun1lrWfAdDIikYfSOJ-vBbNw-Ey9dJ1JawHtW2KAZ9Nzng7K4bQPAMqBgbvqe1AYaiEVbnLwjPV3djsa1nKVrPIzEJHeZ0EqDMlZrr1QjvmsyiHI2n476YbecxLzfIikRF62jwzWQyv0cxc5zx4HD0zy3GWHa5hu-nchD2YJPbABJuP8-bFA-AEA5AGAaAGTYAHnJfSowGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTE2MDk4Nzg0MTYwNzczMjOACgOYCwHICwGADAGwE_WTsQvIE42E7NwD2BMK2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE%26sig%3DAOD64_0FvZcOAZC-jbZ6Bug0jP6LOh51rg%26client%3Dca-pub-9035087792692775%26dbm_c%3DAKAmf-Dg2Smqe2HRn5xbyDpz8R3bHcsFY7X8A1oqK2zEvpjmVVCA08YDMbwjGPP0o9OooP3IysMkdp-UZ_p5c9sgRaRr0JbxJYfmD3s7k1yC4QFN7UlYJAiY_SWLIcb3JQuKfIZv8r0sw4E44NPuyV9J5maEpdiKdg%26cry%3D1%26dbm_d%3DAKAmf-DtUMd8peLjpzJHV1BpI0PlS39vUPmKpDiRBKgBky22otuuN5PGqqtsH_HLzVul_5x2nRCMTZ8fWdygCyzrLa92zlFmjiamo2niHU-6H8R-Kz0VELvG-piZt88j62U0Iquq3xSGCBJGCfGp9YkcWyl1TUhWIMbjnU8_JVMNVB8dPQ0SywHW3oYWGYPsKjwdQ7zIa5s1ju87jqePXO33pzB95f34fHr42cFxKFShA9CxiD-hVuqdIQbrwdNW5nRJDQ0PT7PQ--IoyoD5HSCXvAr6pfB2iZZkdXGw0aY0w-f8vpoJSBBBY_2NxG3eeC2gwot06q7pgP291yRUVKkSfW1Bi5xxpaHIY3UotCkjWFTVJt7IEA3277dKdogUbd9XK2_Yi-5e33K5kWdG9rDtnPcjSJxIQoGEfaHCb63NrDvUqjatS7hW_gT8Mo0HJ9a4CM8Mcunu%26adurl%3D;dc_rfl=2,http%3A%2F%2Fwww.baltana.com%2F$0;xdt=1;crlt=e_Iz8TpKDg;cmpl=8;gcsr=a;osda=2;sttr=175;prcl=s
Frame ID: 9042FDB1261F1685BB2DCB2AF1EFD8A2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2E99EE47C6C0B25CB8F2803ABC09B92D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 67ED1459B714E246BDCB7B826ACF4094
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8E07F29675CD3BD0115CEEA144EFC62E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D71AD2EFE7293A9B860C16502126B652
Requests: 9 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: E727363FD98A8555C10F4442BF3F4EF3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: DC729C28754BAC1D5DBE66C21DC222C7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D7A88013FB96A60A018CB74FFDFD13C9
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: DB663A1F39406451C61ECC9E6C8FC944
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 327F498CA42042590957EB8BAF06C4AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 538C94FC91711373E49EB9F37FE810AE
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 6FCD213B6CE94564A145C975E64E00B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

185
Requests

72 %
HTTPS

46 %
IPv6

44
Domains

68
Subdomains

56
IPs

7
Countries

2145 kB
Transfer

4494 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://valueimpression.com/?ref=www.baltana.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 56

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417307794&utmhn=www.baltana.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20HD%20Wallpapers%20%26%20Desktop%20Backgrounds%20-%20Baltana&utmhid=314227791&utmr=-&utmp=%2F&utmht=1620156403086&utmac=UA-35935134-61&utmcc=__utma%3D254129179.1197080103.1620156403.1620156403.1620156403.1%3B%2B__utmz%3D254129179.1620156403.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=267028394&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417307794&utmhn=www.baltana.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20HD%20Wallpapers%20%26%20Desktop%20Backgrounds%20-%20Baltana&utmhid=314227791&utmr=-&utmp=%2F&utmht=1620156403086&utmac=UA-35935134-61&utmcc=__utma%3D254129179.1197080103.1620156403.1620156403.1620156403.1%3B%2B__utmz%3D254129179.1620156403.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=267028394&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 111

https://ads.us.e-planning.net/hb/1/2c995/1/www.baltana.com/ROS?rnd=0.09040877164800731&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.baltana.com%2F&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=http%3A%2F%2Fwww.baltana.com%2F&gdpr=1&gdprcs= HTTP 302
https://ads.us.e-planning.net/hb/1/2c995/1/www.baltana.com/ROS?ct=1&rnd=0.09040877164800731&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.baltana.com%2F&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=http%3A%2F%2Fwww.baltana.com%2F&gdpr=1&gdprcs=

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGfqSoOXmkux1rfp2qCvqts&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJGf.QCLObyU6.DnJtGczwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1&google_hm=2

Request Chain 150

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dccd333e7a2c1e3b2%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dccd333e7a2c1e3b2%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ccd333e7a2c1e3b2&uid=7797c08aad1cf6d7b780d5c0

Request Chain 152

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XRb7OzpE2uHsvZxUOcTnRFQO4kS4axdCSmoBhz8-~A

Request Chain 153

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=97cfd10f-7f10-4933-ad0c-a3fffad35693

Request Chain 154

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 302
https://prebid.a-mo.net/cchain/0?A=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=2676205261351850437 HTTP 302
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
https://prebid.a-mo.net/cchain/1?A=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=7797c08aad1cf6d7b780d5c0 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2?A=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YJGf.QCLObyU6.DnJtGczwAA%261106 HTTP 302
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44

Request Chain 155

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7418869481853645801

Request Chain 156

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPad40e223-ad0e-11eb-818a-06ca284878ea HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPad40e223-ad0e-11eb-818a-06ca284878ea&verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPad40e223-ad0e-11eb-818a-06ca284878ea

Request Chain 158

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=7797c08aad1cf6d7b780d5c0

Request Chain 159

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2676205261351850437

Request Chain 160

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=c92fea8e-434a-527c-b6bb-42b7d62add4c

Request Chain 161

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1894828808989263297

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1

Request Chain 172

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0fce24fa-ea5d-48b3-b15f-02b0b670490c&expiration=1651692411

Request Chain 173

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 174

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e2249d19-a0a1-42f3-a881-be4cc628527d

Request Chain 176

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t

Request Chain 181

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJGf.QCLObyU6.DnJtGczwAA%261106 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJGf.QCLObyU6.DnJtGczwAA%261106

Request Chain 182

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622748411

Request Chain 183

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0630220400023ac6a01e1d72&expiration=[EXPIRATION]&gdpr=1

185 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.baltana.com/ 32 KB
6 KB 68ms
39ms Document
text/html 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a14b2700bac5a576e25c4ab5d7fe1f4ca1f84c1c4c224d8836277b0e3ef54671

Request headers

Host: www.baltana.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 04 May 2021 19:26:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
www.baltana.com/templates/paintbrush/ 14 KB
15 KB 21ms
18ms Stylesheet
text/css 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.baltana.com/templates/paintbrush/style.css
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 69d4c116fa1b44c4a249b18d99b9348aa2e877808bf0b2f2d5669e6ce3e34804

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sun, 23 Feb 2020 05:57:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e521440-3946"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14662

GET
H/1.1 200
OK wss.js Show response
www.baltana.com/includes/ 10 KB
10 KB 39ms
24ms Script
application/javascript 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.baltana.com/includes/wss.js
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 68ef14d5aa1992243b597f857d059ca742107d2745cd0904e1f515113393146a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Tue, 28 Mar 2017 09:50:44 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "58da31f4-28f0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10480

GET
H/1.1 200
OK sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 93ms
45ms Script
text/javascript 2600:9000:20c8:3600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 2600:9000:20c8:3600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:19:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 429
ETag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=utf-8
Via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
Edge-control: cache-maxage=60m,downstream-ttl=60m
Cache-Control: max-age=600, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: jPb0yZgAv_LOlY9Ua8gIGsR1Bsc9DHISZgTWy2ap2C09HETkVuIYDw==

GET
H/1.1 200
OK / Show response
services.vlitag.com/adv1/ 930 B
2 KB 152ms
144ms Script
application/javascript 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://services.vlitag.com/adv1/?q=48634f99a806c5315cedcf769fcc9b33

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30dd7d114cd4c2c53f998d74dca291b5bbe6d88e0dd792f2d82bf98763a7793d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09da71e19100004e2c70024000000001
Pragma: no-cache
Last-Modified: Tue, 4 May 2021 19:26:42 GMT
Server: cloudflare
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rvB7cxP%2Bwr6dKQQR9zX0igE0rW1Ss1JVyZSsqSqxOpds2cCtqO%2FjuRdRl3FSA6ZU1RcXEiEaXqkmRkCg4azXLT8Y54FVEEMi3y1VQUiGDISb3y9at2Y5XzjSJ8RWAiY6"}],"max_age":604800}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
CF-RAY: 64a41f48e8854e2c-FRA
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK logo.png
www.baltana.com/templates/paintbrush/images/ 14 KB
14 KB 33ms
32ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/templates/paintbrush/images/logo.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5a6e1ef59b0e25b35922fc2117ab18d4a7aaee0752637011fd065ff1572792be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Fri, 12 Apr 2019 11:25:30 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5cb075aa-38da"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14554

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 19:26:42 GMT

GET
H/1.1 200
OK 1001.png
www.baltana.com/images/resolutions/ 25 KB
25 KB 382ms
340ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1001.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d72baf684716c19fe88246d973a7992dfcebc8e1986d42508d1f2564684efe1b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1a-64e4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25828

GET
H/1.1 200
OK 1002.png
www.baltana.com/images/resolutions/ 28 KB
28 KB 78ms
34ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1002.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5dea8984491ed3fe752d198396e305ffdc25b0841f0bf8b35ba31df2d14462ae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:39 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1b-6e19"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28185

GET
H/1.1 200
OK 1003.png
www.baltana.com/images/resolutions/ 23 KB
23 KB 116ms
52ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1003.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 48c7c7256c0ea96363ce0c87a3d9c27641f2c0bb712937f9128fc2f674b489e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:39 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1b-5a3d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23101

GET
H/1.1 200
OK 1004.png
www.baltana.com/images/resolutions/ 19 KB
19 KB 112ms
53ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1004.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 185f6d983be5f11b6485e784d4569cf11c950fd6ba06a50aa795bd151f91590d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:39 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1b-4a55"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19029

GET
H/1.1 200
OK 1005.png
www.baltana.com/images/resolutions/ 22 KB
22 KB 93ms
33ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1005.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 00813520ffc3cebb6e7f98d764f9bf1b3676d6a84fc27294f9ae6c81daea146e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:40 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1c-56d7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22231

GET
H/1.1 200
OK 1006.png
www.baltana.com/images/resolutions/ 26 KB
27 KB 79ms
24ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1006.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 83913368b5e37ab8727ba6c71c58a39066c737ec7a7ba2634af72c033906edd0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1d-6911"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26897

GET
H/1.1 200
OK 1007.png
www.baltana.com/images/resolutions/ 24 KB
24 KB 454ms
31ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1007.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4697a44834deac6b1c75e3a6f8340fbc9491abc234d2e18c34965d15b26bc324

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1d-5f2b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24363

GET
H/1.1 200
OK 1008.png
www.baltana.com/images/resolutions/ 27 KB
27 KB 515ms
19ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/resolutions/1008.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: caded58b7c9843a759b1a9fcbc34dc56473847115dc963f97ed4bb1b8228f185

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Wed, 09 Oct 2019 05:07:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9d6b1d-6c23"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27683

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97268/ 11 KB
12 KB 148ms
28ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97268/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d6c4b269b76cb56d44dfe6ebab209f1c12dabebe017b92bfb2282243d06bc00d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Thu, 29 Apr 2021 11:10:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608a943d-2d97"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11671

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97267/ 12 KB
13 KB 522ms
20ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97267/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 87d54d6a6dd61ad38f7dbf698ecfc6ab671ccd4562e96854d994c1aafd2735d4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Thu, 29 Apr 2021 11:10:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608a943d-3189"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12681

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97266/ 27 KB
27 KB 369ms
32ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97266/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1ed2c4e5772638c71a9d1baae02d6e4af2e21e9af07b26afda186fe0a10561c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Thu, 29 Apr 2021 11:10:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608a943d-6c8c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27788

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97265/ 20 KB
20 KB 455ms
18ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97265/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ca2c6ba76ef2780ee08b2fa667749b8af7563efdc08f69aaa031715c32f34943

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Thu, 29 Apr 2021 11:10:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608a943d-4faf"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20399

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97263/ 23 KB
23 KB 421ms
23ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97263/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fb1a4ba6f755c19e25d64d3a7f74d597349962dcaa6c07ce997493c8db1e4bcf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd512-5a45"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23109

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97250/ 20 KB
20 KB 90ms
56ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97250/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 822f0aefdc2a90a651e1b2b3fab76d22f27f93ec184885c45ae1dba0bfda58af

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:29 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd629-50ca"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20682

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97247/ 19 KB
19 KB 147ms
28ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97247/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4065cf913973481ce99a44be69908dc8bf0f7b9455014ecd44c0cd38997d8858

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd512-4cff"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19711

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97236/ 17 KB
17 KB 70ms
27ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97236/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a95ce1274bb4e8cb0aaa87840c047f13bf5218e42d112414574a6bf7466ab807

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:29 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd629-4490"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17552

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97234/ 20 KB
21 KB 484ms
23ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97234/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5c0cb33c12e0e0f96530fb327becb022e9f1a0845f8c8935a86eea90c8061bc8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd512-51f4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20980

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97222/ 17 KB
17 KB 539ms
475ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97222/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 55ca9d6ad672a0ac13e86e6f4cfe2e7df10f01c5ea1b3ec938f6c5a059f4f3f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:29 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd629-445b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17499

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97221/ 29 KB
29 KB 437ms
280ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97221/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9230faee7b06801424b223f12feab5d7d891ac0af9cbd7bb9a3f2ddebed5fa2a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 07:14:55 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608cffef-7286"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29318

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97207/ 10 KB
10 KB 420ms
28ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97207/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fefb24befc5c4719cf451122a77091058f7ec0fe67a35b83841227049691c583

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 15:54:04 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608d799c-28cc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10444

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97201/ 20 KB
21 KB 493ms
25ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97201/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bd11b7359e5a77aa86f1ccbc4c9898b272387346cb8c5e7494d7b9b9d41efc60

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:29 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd629-51b4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20916

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97193/ 16 KB
16 KB 73ms
28ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97193/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 524b2f286b2c006a283edd312b09b9f1f27a83f2d09e666242314b2e46000653

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd512-3f4e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16206

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97191/ 17 KB
18 KB 547ms
472ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97191/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 84148c178485a93370c7d2ec828b9243b374bbe3ace157cc583e4e2366290a6d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 15:47:15 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608d7803-45b9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17849

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97187/ 21 KB
21 KB 391ms
20ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97187/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8dcc5391b95915549455f3762896894832fcf344796750a65b7d6f22f77175dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:44:34 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd412-5212"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21010

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97169/ 14 KB
14 KB 40ms
18ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97169/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e304e669e97d797c74c2d5f5ec30faa5f6d9d5e9cf7c3ad3db6a94c6d86ddf41

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd512-370b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14091

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97165/ 18 KB
19 KB 27ms
26ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97165/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 789ec88a3dd44e9cfbe94630997686c968ea8a9bfa8a5427abdaa2b563d7d2bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 07:14:54 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608cffee-4966"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18790

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97156/ 18 KB
19 KB 26ms
24ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97156/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 35356d2909675d7af97438329e15a9c1a97ab2f0a66c7726a4f8f58aa0a32244

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:30 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd62a-4955"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18773

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97150/ 17 KB
17 KB 24ms
23ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97150/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 28648675d8bac4f55e6b896a3c14526a14610496c0d151f0749db3d0312e6829

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd512-426d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17005

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97141/ 16 KB
17 KB 24ms
23ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97141/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2f8a615585d832a0503db31ded01ae6ca8677ffa13c9434637f680444b6442a2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 05:46:25 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608ceb31-4181"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16769

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97140/ 13 KB
13 KB 54ms
30ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97140/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fd3cfce2aa145ece7444058547eb1655c81ca120a708f6a355ad188ae0c52d37

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:30 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd62a-3221"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12833

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97128/ 23 KB
23 KB 31ms
29ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97128/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fba3b0f2008b02484f52538ab02f60696dd4bab24b6c4c1fa1f3ba7e5dc0ebf3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 08:53:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608d1700-5a19"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23065

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97127/ 16 KB
16 KB 30ms
18ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97127/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ac149f2c666919ad38118aaf028842224920c774c4f3a472d872c82bc780f8af

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:51 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd513-402b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16427

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97114/ 13 KB
13 KB 29ms
17ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97114/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9a9b53471478d07000ae774369dcb42bd37962c3513508974be3d48a47b082d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Sat, 01 May 2021 15:28:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608d7386-34e8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13544

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97110/ 21 KB
22 KB 39ms
21ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97110/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9a647e9631112bebf06ddb2913d3d14ad21d776e0d7a23aeafe9acd2564ceec4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:30 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd62a-5529"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21801

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97109/ 22 KB
22 KB 23ms
18ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97109/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ca5d11e3500a54763da245f12cef4eca4af5ea75a76f984e2bf1a77a8157da3c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:48:51 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd513-588b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22667

GET
H/1.1 200
OK 290x180.png
www.baltana.com/imagecache/thumbnails/97102/ 29 KB
29 KB 23ms
18ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/imagecache/thumbnails/97102/290x180.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 627aced2f5079d2538145e0c758daf8a0b74588e77ec472e6020146c59764ec6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0; __vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}; __utma=254129179.1197080103.1620156403.1620156403.1620156403.1; __utmb=254129179.0.10.1620156403; __utmc=254129179; __utmz=254129179.1620156403.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Mon, 03 May 2021 10:53:30 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "608fd62a-7303"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29443

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/templates/paintbrush/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84036856b85cd9613dd98a1271b7a0dce86bf6a96bf803e742f4182bb4d2e25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 May 2021 19:12:46 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 04 May 2021 19:26:42 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
7 KB 34ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/templates/paintbrush/style.css

Protocol

HTTP/1.1

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 632, 617
Age: 3709484
Transfer-Encoding: chunked
CDN-CachedAt: 2021-03-11 11:57:55
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09da71e1c100002bdd8f087000000001
timing-allow-origin: *
access-control-allow-origin: *
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: a9f1136dc57a7605179530d5ffb85493
CF-RAY: 64a41f493bbf2bdd-FRA
CDN-RequestCountryCode: DE
CDN-RequestPullSuccess: True

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

10ms
8ms

Script
text/javascript

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1515
date: Tue, 04 May 2021 19:01:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 04 May 2021 21:01:27 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 / Show response
services.vlitag.com/uv/ 13 B
812 B 189ms
139ms XHR
application/json 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=http%3A%2F%2Fwww.baltana.com%2F&mtk=97

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=48634f99a806c5315cedcf769fcc9b33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13
cf-request-id: 09da71e25500004ece80acd000000001
pragma: no-cache
last-modified: Tue, 4 May 2021 19:26:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I0jSWsR47fVYrmTT0mM0FH%2BYr8wp1xRrYYxbCiqz6TzaB0LCjLrAKnHROVtt3esz7DxPZgJP2ZSgQ1%2F1EeqXeS%2BwycoEfIoINU3n4WzLHCEWrSNNkgW9GkMLV4NxgpsS"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: http://www.baltana.com
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 64a41f4a1c044ece-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 48634f99a806c5315cedcf769fcc9b33.js Show response
tag.vlitag.com/v1/1619951949/ 550 KB
141 KB 58ms
27ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://tag.vlitag.com/v1/1619951949/48634f99a806c5315cedcf769fcc9b33.js

Requested by

Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=48634f99a806c5315cedcf769fcc9b33

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bfcecc064da4c129950276f5ce3eb7aac4c1abf595975cc4bb311616620c2b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 204296
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09da71e268000005fda80c0000000001
Cf-Bgj: minify
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x1BE%2BnIw3xukCJUmnRhc8M3cvQuNK1pTQZo1KdbaNH9ywWrzRvhYIpS0tAk8igbwlW0B57GNOP3p8nMj4gpVkUYRSjW80%2F%2BuAgUd2jk4kTh0ZJMya11zK%2FdX%2Bg%3D%3D"}]}
Content-Type: application/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
CF-RAY: 64a41f4a4ba005fd-FRA

GET
H/1.1 200
OK bg.png
www.baltana.com/images/ 35 KB
36 KB 398ms
247ms Image
image/png 95.211.152.187
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.baltana.com/images/bg.png
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/templates/paintbrush/style.css
Protocol: HTTP/1.1
Server: 95.211.152.187 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5c47565e09dcc0d542ef7240e436c7bde3d589ed6ca467f504021ee6bbd09b62

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.baltana.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.baltana.com/templates/paintbrush/style.css
Cookie: PHPSESSID=qgeaekcfm8jd7n96sg84ov6jm0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.baltana.com/templates/paintbrush/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Last-Modified: Fri, 15 Nov 2019 08:05:09 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5dce5c35-8d0b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36107

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 23ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.baltana.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:01:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:09 GMT
Server: sffe
Age: 69904
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 16112
X-XSS-Protection: 0
Expires: Wed, 04 May 2022 00:01:38 GMT

GET
H2 200 5d075f254351e90012650ec4.js Show response
buttons-config.sharethis.com/js/ 2 KB
1 KB 273ms
172ms Script
text/javascript 2600:9000:20c8:9c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5d075f254351e90012650ec4.js
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:9c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7295cc0c05892a880716934e60b146265e256879ad78f5b81da08bc50cd229f6

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:43 GMT
content-encoding: gzip
etag: W/"c8a3b5e2da0aa5c587cc3afef59f2591"
last-modified: Tue, 02 Jun 2020 18:17:50 GMT
server: AmazonS3
x-amz-cf-pop: MAD50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 803bb8de3c7a92b10030fcaaf02a53d3.cloudfront.net (CloudFront)
cache-control: public, max-age=60
x-amz-cf-id: tJczVt-1IHzkAosHci5Q071O6_CsgNzLYwDf80U89vt3yK39zyEmNw==

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 62ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8822717667672157&plah=www.baltana.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 19:26:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 49A3 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 03 May 2021 22:09:39 GMT
expires: Mon, 17 May 2021 22:09:39 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 76623
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
68 KB 414ms
37ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1619951949/48634f99a806c5315cedcf769fcc9b33.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1029638
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09da71e58900002c325724a000000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JELvXcaN1hoRh9pQ0Vu7zVsrjQqxCFRKv2B%2B3gcHQQJxjLc%2Bnd9R4Gu7o7zXmOhgS9Nm%2F7RPa65SHKboriz4VVxcZ%2BkLJojscGZHGVt%2BChzkBteWsNwkFWMI2J4hIA%3D%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 64a41f4f4ec92c32-FRA
expires: Thu, 22 Apr 2021 21:56:05 GMT

GET
H/1.1 200
OK prebid-v4.36.0.js Show response
assets.vlitag.com/prebid/default/ 407 KB
128 KB 33ms
23ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1619951949/48634f99a806c5315cedcf769fcc9b33.js

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5461777e8becbffec6413374caaf11144302832dcd36a2686be6aeddd1ca4040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 959958
Cf-Polished: origSize=417315
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 23 Apr 2021 16:47:16 GMT
Server: cloudflare
ETag: W/"6082fa14-65e23"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YTi94QoeI2uLfN3gMP38wIpt7COjn3N8bLqSSPGp0ZDzI1UKq1jPP6gEtfuqg6v4sfd96xev4J8h9f5Iy29CfYAu%2FSCtM%2BDXahoQJEGfkiCpaxzWW21DZEjxtRp0bg%3D%3D"}]}
Content-Type: application/javascript
Expires: Fri, 23 Apr 2021 17:17:24 GMT
Cache-Control: max-age=16070400
cf-request-id: 09da71e445000005fd719b2000000001
CF-RAY: 64a41f4d3a4f05fd-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1619951949/48634f99a806c5315cedcf769fcc9b33.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e85c70b5ea5fbeaef353f560aef187cf27ae5be19b9f8c6008365c958fe27b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "862 / 822 of 1000 / last-modified: 1620151652"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 21164
X-XSS-Protection: 0
Expires: Tue, 04 May 2021 19:26:42 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
19 KB 33ms
18ms Script
application/javascript 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1619951949/48634f99a806c5315cedcf769fcc9b33.js

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1031089
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09da71e44b00004ee5ceb97000000001
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sLqYjqi43UbNzQYw2WFXrHoPxGIfUq8lgTlhKKH8ThFoJ2q2GFC4I2W%2BlYfFowqGl0DltBWY%2FuMuyzKYLrFjD6F47duxclth%2FZ894AKewVCcg%2B5DgfW%2FAL03MvLVTQ%3D%3D"}],"group":"cf-nel"}
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 64a41f4d4cd54ee5-FRA
Expires: Thu, 22 Apr 2021 21:31:53 GMT

GET
H3-29

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417307794&utmhn=www.baltana.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Downl...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417307794&utmhn=www.baltana.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Down...

35 B
54 B

26ms
25ms

Image
image/gif

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417307794&utmhn=www.baltana.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20HD%20Wallpapers%20%26%20Desktop%20Backgrounds%20-%20Baltana&utmhid=314227791&utmr=-&utmp=%2F&utmht=1620156403086&utmac=UA-35935134-61&utmcc=__utma%3D254129179.1197080103.1620156403.1620156403.1620156403.1%3B%2B__utmz%3D254129179.1620156403.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=267028394&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1417307794&utmhn=www.baltana.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20HD%20Wallpapers%20%26%20Desktop%20Backgrounds%20-%20Baltana&utmhid=314227791&utmr=-&utmp=%2F&utmht=1620156403086&utmac=UA-35935134-61&utmcc=__utma%3D254129179.1197080103.1620156403.1620156403.1620156403.1%3B%2B__utmz%3D254129179.1620156403.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=267028394&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame CF88 2 KB
1 KB 118ms
39ms Document
text/html 2600:9000:20c8:3a00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:3a00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Tue, 04 May 2021 18:32:48 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 86b86f43445d5446c8b16910b2a9b8f9.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: ec5wsmMNZxidszEwFH8g-U2IOrOITgEW0gf1Pboj8jfV-e3NEF6KrQ==
age: 3235

GET
H2 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 148ms
47ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:43 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 18ms
18ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210504

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

302fb5a88053319c4328d4cf7140290569e42648a82108749de500da4c6a4d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15921
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 917
etag: W/"66d-mVlrmmxcQCNWPIx7O9qmU+mTepc"
x-served-by: cache-fra19169-FRA
date: Tue, 04 May 2021 19:26:43 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK /
logs.vlitag.com/sub/ 0
819 B 146ms
124ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://logs.vlitag.com/sub/?d=baltana.com&h=www.baltana.com
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:43 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oF7CLIn8R4DM%2FsqWTcLZpqjphA1xIUyeJIbJIDJg%2FyFuN6j89lsz6aMfEYRKvluR98ibwmRAmUNdG5bENXxUCseF66HcjLKCSR0X4E8xmzu2KcyRl%2FiLTmdWs0w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 64a41f53bec3d6ed-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0
cf-request-id: 09da71e8550000d6ed231a2000000001

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
336 B 436ms
26ms XHR
text/plain 3.122.26.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=www.baltana.com&location=%2F&product=inline-share-buttons&url=http%3A%2F%2Fwww.baltana.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20HD%20Wallpapers%20%26%20Desktop%20Backgrounds%20-%20Baltana&cms=unknown&publisher=5d075f254351e90012650ec4&sop=true&bsamesite=true&consent_cookie_duration=1381&consent_duration=1381&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Download%20the%20best%20collection%20of%20latest%20HD%20wallpapers%20in%20various%20resolutions%20and%20sizes%20which%20compatible%20to%20your%20desktop%20and%20smarpthones%20screens.
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:44 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://www.baltana.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
409 B 94ms
61ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.baltana.com&callback=_gfp_s_&client=ca-pub-8822717667672157

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8822717667672157&plah=www.baltana.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6ad2362dc231cd2c40a96d6c0d2633037a6f3c0f09e99572f728ef1c311974ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 57ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.baltana.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 55ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.baltana.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA1E 67 KB
23 KB 463ms
461ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=280&slotname=4122239477&adk=916237887&adf=2653041513&pi=t.ma~as.4122239477&w=1200&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1620156402537&bpp=23&bdt=492&idt=866&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4002683631965&frm=20&pv=2&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZcrFR3pDJE&p=http%3A//www.baltana.com&dtd=1526

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b495eb0deee92bca5b732d594a7628295335d8c0898ff872b3193694781c31c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=280&slotname=4122239477&adk=916237887&adf=2653041513&pi=t.ma~as.4122239477&w=1200&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1620156402537&bpp=23&bdt=492&idt=866&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4002683631965&frm=20&pv=2&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZcrFR3pDJE&p=http%3A//www.baltana.com&dtd=1526
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 19:26:44 GMT
server: cafe
content-length: 23510
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 19:41:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 19:26:44 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 52ms
36ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b980b1cc6c7ce6a71b5af75d34deb36b119dcc76943eac074ba34f9572f1ea66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7578
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 49ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:44 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4371 2 KB
572 B 99ms
98ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&adk=1812271804&adf=3025194257&lmt=1620156404&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.baltana.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1620156402537&bpp=3&bdt=492&idt=1040&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=1667

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a04bd0164745a833ee292a919444e4a78123a566b4835134cca407f08d039ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&adk=1812271804&adf=3025194257&lmt=1620156404&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.baltana.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1620156402537&bpp=3&bdt=492&idt=1040&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&dtd=1667
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 19:26:44 GMT
server: cafe
content-length: 549
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 19:41:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 19:26:44 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:44 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame EBB9 12 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 16:55:58 GMT
expires: Wed, 04 May 2022 16:55:58 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9046
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame EBB9 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 5750
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FA1E 6 KB
778 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=280&slotname=4122239477&adk=916237887&adf=2653041513&pi=t.ma~as.4122239477&w=1200&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1620156402537&bpp=23&bdt=492&idt=866&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4002683631965&frm=20&pv=2&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZcrFR3pDJE&p=http%3A//www.baltana.com&dtd=1526

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 19:04:50 GMT
server: ESF
date: Tue, 04 May 2021 19:26:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 19:26:44 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame FA1E 1 KB
909 B 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:16:25 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame FA1E 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:22:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame FA1E 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:21:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA1E 116 KB
35 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:44 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame FA1E 13 KB
5 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:18:11 GMT

GET
H2 200 8ae5a72cfbd99e43f69fdf9d7c4a3504.js Show response
www.gstatic.com/mysidia/ Frame FA1E 25 KB
10 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 22:51:13 GMT
server: sffe
age: 20444
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10537
x-xss-protection: 0
expires: Mon, 02 Aug 2021 13:46:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10086674064012501372/ Frame FA1E 30 KB
30 KB 29ms
27ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10086674064012501372/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c6b54d0a240fa62f4f2de6d5f7985f92a4628b8f1daa5ba9d41710426309dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 08:29:14 GMT
x-content-type-options: nosniff
age: 471450
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30450
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 08:22:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 08:29:14 GMT

GET
DATA 200
OK truncated
/ Frame FA1E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame FA1E 0
0 45ms
43ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqvyu9J-RYNPUB9GamLAPqcCpmAvK3PHKYp6wluKxDdb726qFIxABIILviR9glQKgAZzbzeEDyAEJqQIOTIPShyq0PqgDAcgDywSqBKoBT9DXf1qOZ6cI1wGreK9PP4scJxvhqboy3GyiWeNaKIJ6YVXAaZtBzkQ4JKXYRPhgp1njACm8pXv2PTe7t6Y25h0uVwI7rFRwZx3tJZjNpIEAU2rHILTbMIoIZVjmouUJcmzYqUjuyZDFIzpS7C6YqIaOiUuWyI8MVBcJvTvVD4Avxs_B0QdcaALDXt6DKZtj_FC4ER5Rt1rj4GypJ5B0BTwomgSsZBBhZLTABPTe-M3cA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfMpLIeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPjeCNIICQiA4YBwEAEYH4AKAcgLAdgTDYgUAdAVAZgWAYAXAbIXGgoYCAASFHB1Yi04ODIyNzE3NjY3NjcyMTU3&sigh=j9yKQWM5tcI&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=280&slotname=4122239477&adk=916237887&adf=2653041513&pi=t.ma~as.4122239477&w=1200&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1620156402537&bpp=23&bdt=492&idt=866&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4002683631965&frm=20&pv=2&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZcrFR3pDJE&p=http%3A//www.baltana.com&dtd=1526
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 May 2021 19:26:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:44 GMT

GET
DATA 200
OK truncated
/ Frame FA1E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe0d48d1f2958da7fe6d7b5d577eadcf46417f64c455690008a1d16ef2f61bcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FA1E 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 445875
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FA1E 15 KB
15 KB 19ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 227001
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 02 May 2022 04:23:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 56ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.baltana.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 61ms
21ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.baltana.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD22 57 KB
22 KB 501ms
500ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4c955bff04a33581b63b6c155631f3125f4437c11fdf62f96aabc69f7a193c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkW602m9s8rY1Qg0i0kYtq3Efk3VW1PhqXUY7tFooLIw8YlNab5GrAuehY71_I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 19:26:45 GMT
server: cafe
content-length: 22085
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame DFCC 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 5751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=3630265788016890&bg=!Tk2lTQnNAAYXzPaOF8w7ACkAdvg8WoEcImeRdMSRCHUJoWs0H3FCWYbKOfnOoq4JX_Ylr7kr1kLyJwIAAAPQUgAAAA1oAQcKAG0tw4iXD3rkHAEwhi0iR9zaM7IIbSqaPOBYJtYEoJ7BYef6K2_wjjrOixhuDEqK_fEVxasoIFZZXA_zT9EhLxzWwpXCH5C3UXW1l_eIT4oUGL1CcHRJ3x_-aRKXwGwFA2esmezF4q6hTaa5UfLUmQJEouP7NOdIJpkCeYdXocOKN9JXxk97yTs1UiFI0wPAEpHCicMpLxwAeWhbFB7DbFbEJV6xF8p9mvvMzDrJ5_WVYnhvSiMa_UejcyNSLxNdFzBsU1Qj4PSR0x-fQRkf7Brho_2BliCML3dBEGx8DQo-o8e_B1UilJNFFgB1uj2kwgry91GJ-_yPIf8B8OMm1zl15sdnrxSqsHUEbhpy1ec3mNG4ixEAnw8f_aZvxERGFZHGBta0e73IhlOLEir6maTACPiHNNtmnMBInuhRKydrTcRipUz5Uaq8o-IHZmI7yjNn4MInUiR6Ib3I81bBX6D9ORCcJpMhIUlmJBxpFn_HI1uipmdILro6FEAiakfmWsYEKBpbWzqILP3bqOjIeVRUXfb7daZ2B1dXtRcKXNEpwk4HkEjCUuVp1G_xdeBL7rk9J403z8CKoyhcl3Kw5APO-CAPt9xSrp2NCndOfxIRmyg1q8IvHvMMjAms_WVvO7le00mq28IBjy_DoIMkg2gboVSkAYgxItA5vxhZcfECmexfqt9TXxOPg66e6zWp-j_mibeYxYt535MvguD6sy70sWEDTr1DDh8_9R7Th-lXk7F7N4eGI8ibPmtxwYyxhveNZpcFryu3AtV9jrMS-wKewDzHA1FUqZB30N5dwWJLu5EiFp59IZAocEnuNJr41k592HzLzoCL86j1fJINfy9AoCzX782PqFMkUxR0pai_HeUbmhKXY8rOJJKR06yXZ49pzv1BLdXZXK7oe_DMdAzcCBGlAA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 9492802495502415615
tpc.googlesyndication.com/simgad/ Frame AD22 53 KB
53 KB 21ms
19ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9492802495502415615?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwpeq0XorrzGWXSeIU-7XAhd7qhA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c831783877cf0dfece90797ae797427d74cfe9a280b4475248de3decc86a1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:23:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 May 2019 08:30:55 GMT
server: sffe
age: 493419
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53762
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:23:06 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame AD22 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:22:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AD22 2 KB
1 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:21:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD22 116 KB
35 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:45 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AD22 13 KB
5 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:18:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame AD22 0
0 32ms
18ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3QF_EgUgpQpgIE-ms9RIAoJkkkr-_51-RxVCkREtYX4Z2A_8Guww8tmT74vqSijxjUY0r
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame AD22 25 KB
10 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86e1f219eee7a810c1bd485500e89b11720c3bb837a789ffd9d1542880de7e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 18:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10521
x-xss-protection: 0
server: cafe
etag: 12800263765089794850
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 18:34:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AD22 0
0 54ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWawt9Z-RYMn7AoanbInOmbgFvvWgrGLRta-fwwnZ2R4QASCC74kfYJUCoAHa8YH1AsgBAqgDAcgDyQSqBKsBT9BVRZWRKv20TCCzeW2xTeIJMOBChg8f0Xk5YSQJWdTZaFhU5XjbPW65JbtFDSlXDh4oNrgZqowDnC10-tZYuEU7cLoABuee3aEnIF7qI6V-8IZu34HFzTHoo3UkrN3koJ5mHKwaRJ2a8ZynYXNfdbsfuFG5BxbrjrYpGxudCS90S_0PSvXNy_vcadS5u5zUWIpwSghBsLuBL-iu6DjxJaBFW0GgSw6ADxXRwAS_sb7rhwKSBQQIBBgBkgUECAUYBKAGAoAHjo7-igGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ1IQO0ggJCIDhgHAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTg4MjI3MTc2Njc2NzIxNTc&sigh=lgEQyMFCie8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 04 May 2021 19:26:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 955D 143 B
163 B 20ms
8ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkW602m9s8rY1Qg0i0kYtq3Efk3VW1PhqXUY7tFooLIw8YlNab5GrAuehY71_I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-8822717667672157&output=html&h=250&adk=1339671731&adf=866502912&pi=t.aa~a.3558234115~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1620156404&rafmt=1&to=qs&pwprc=8811152736&psa=0&format=317x250&url=http%3A%2F%2Fwww.baltana.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1620156404382&bpp=1&bdt=2338&idt=1&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7744d09be81dd707-2280fe15c3c700a2%3AT%3D1620156404%3ART%3D1620156404%3AS%3DALNI_MbIXdQIzXzZxRnlROxAVJgHW2LvKg&prev_fmts=1200x280%2C0x0&nras=2&correlator=4002683631965&frm=20&pv=1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060710&oid=3&psts=AGkb-H8SqAzgE2eNxuRJhIgJ-OuFd5bZieSyXrR1tsGhPN31yK_oAaOu07onGYMPJT7YpZrrHWTOPIs1NEI&pvsid=3630265788016890&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=opvGgI39Zw&p=http%3A//www.baltana.com&dtd=615

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 18:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1790
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AD22 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e53b754f5265866cf9468ac7215be82f5287c178ba76f3ee69cee153445b862c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 955D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

53ms
49ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkW602m9s8rY1Qg0i0kYtq3Efk3VW1PhqXUY7tFooLIw8YlNab5GrAuehY71_I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 19:26:45 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 04-May-2021 20:26:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 19:26:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 May 2021 19:26:45 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E7E 14 KB
6 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 5751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FA1E 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvN07rIUdD0IXrwfmZ-kjyROdY5O6LtEr-KXqZ9nvzJ9rG3pNErv7Xg8VRcOD4NzQ2J5JOF1IAl9-6B0rl8H9MLJhbZyGV3KPcqbVQcSgvSCgJZALwShWa05FNVVg&sai=AMfl-YTBh4p_jecP0mV8itSaAJnbeV121ukSTiTfHtvM-l25ScuWX9YmBN_9-_qbf-870H-A8jglQOODZviP&sig=Cg0ArKJSzNe_4F3SYiSFEAE&id=lidar2&mcvt=1000&p=196,200,476,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=916237887&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1620156404118&dlt=527&rpt=177&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
746 B 294ms
175ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a40b18f0075&cmd=bid&gdpr=1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 0d7df1aecf31bcb3dbf4f131e67b99c1902cb6485aaee711cb6fd447212bb0b4

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 04 May 2021 19:26:47 GMT
Server: ATS/7.1.2.128
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://www.baltana.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
746 B 618ms
324ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&gdpr=1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: aff1f15edf279570eea7f32ed37e2c17c4c54f2fb03e48ebd5ba3e9e32c40a91

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 04 May 2021 19:26:47 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://www.baltana.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
746 B 759ms
140ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&gdpr=1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: bc0b983168321ca544319549a1f0501fc0e3c6f9d9670258a2bbe651607f326c

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 04 May 2021 19:26:47 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://www.baltana.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
746 B 862ms
103ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&gdpr=1
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 12a76caec408b6da8d40050aa9baa1f1235ff5cd0a165572e2f4bf4b4176b69c

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 04 May 2021 19:26:47 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://www.baltana.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
365 B 744ms
187ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.baltana.com
date: Tue, 04 May 2021 19:26:46 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 90
vary: origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 1009ms
700ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.baltana.com
date: Tue, 04 May 2021 19:26:47 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
371 B 750ms
454ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=623289&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22187bde1d9070d87%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.baltana.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.36.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valueimpression.com%22%2C%22sid%22%3A%22985%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2219855d5c823969e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623289%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22203b49518b94dff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623289%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22218ee62061e4e4d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623289%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22223dcb7510c8bc1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623289%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223bc40b41edb71e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22623289%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cd1b547928690e57bb3041acac5530914da24c2b6d3a02b9162cfd8c177ec352

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:47 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[185.210.217.100], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: http://www.baltana.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Tue, 04 May 2021 19:26:47 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 72ms
22ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0&cb=65002181580
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.baltana.com
date: Tue, 04 May 2021 19:26:46 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2c995/1/www.baltana.com/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2c995/1/www.baltana.com/ROS?rnd=0.09040877164800731&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=h...
https://ads.us.e-planning.net/hb/1/2c995/1/www.baltana.com/ROS?ct=1&rnd=0.09040877164800731&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90...

483 B
898 B

38ms
32ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2c995/1/www.baltana.com/ROS?ct=1&rnd=0.09040877164800731&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.baltana.com%2F&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=http%3A%2F%2Fwww.baltana.com%2F&gdpr=1&gdprcs=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 4b3340458dd6cae0b8691520d3ee47ef9a3dd8b35246350caf2be99f21d0ebfb

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:47 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: http://www.baltana.com
expires: Tue, 04 May 2021 19:26:47 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 483
x-sid: AMS-607

Redirect headers

date: Tue, 04 May 2021 19:26:47 GMT
server: openresty
access-control-allow-origin: http://www.baltana.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2c995/1/www.baltana.com/ROS?ct=1&rnd=0.09040877164800731&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fwww.baltana.com%2F&r=pbjs&pbv=4.36.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=http%3A%2F%2Fwww.baltana.com%2F&gdpr=1&gdprcs=
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 613 B
1001 B 204ms
155ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9736b95c6f7edd0a7018f2d7e60dd38e62ba76c8df1ee50070c2c4bbcf5c82c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 04 May 2021 19:26:47 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.44:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 896b6475-ffaf-4bb7-a23d-50e3f91c5a6f
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.baltana.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 quantumdex Show response
useast.quantumdex.io/auction/ 0
740 B 547ms
523ms XHR
text/plain 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 May 2021 19:26:47 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: http://www.baltana.com
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6MFmz0ZfSLCETFdxaCHlVBbFclkyGs5FfzzXt%2By%2Bzg3xG8QxMAmXc%2FjGIS4PtZ%2Bkc99Xf5TpwYqnQzqWk1DXNLGoLiuwkkOkGl466ROJZFbrAJZuTNaUrAqXHY633wV3IQ%3D%3D"}]}
access-control-allow-credentials: true
cf-ray: 64a41f670c594eb5-FRA
cf-request-id: 09da71f46600004eb51296a000000001

GET
H/1.1 200
OK vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
4 KB 13ms
12ms Image
image/svg+xml 2606:4700:20::ac43:4597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

HTTP/1.1

Server

2606:4700:20::ac43:4597 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1859084
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09da71f8f5000005fd7e243000000001
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-2c34"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=35cz2no%2FZaeqW0682%2FkjD2PKMWQXH5gv7ZRhiWsU%2FhA4tWY7jT9xOTyJeovkUPZfjpMMf5xPdSLq9Mx7lY6L4AkfvrH0pQQC2JelQ2Rpe0mjB671zn8pXy%2B5vWWryQ%3D%3D"}]}
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=16070400
CF-RAY: 64a41f6e5ab705fd-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.baltana.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.baltana.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 19:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 578ms
573ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3630265788016890&correlator=749291931095468&output=ldjh&impl=fifs&eid=21068030%2C31060411&vrg=2021042801&ptt=17&gdpr=1&sc=0&sfv=1-0-38&ecs=20210504&iu_parts=307492156%2C97_Baltana.com%2C97_Baltana.com_SmartBanner_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&prev_scp=vli_adslot%3D45063%26vli_adtype%3Ddisplay%26vli_sf%3D1&eri=1&cust_params=hb_domain%3Dbaltana.com&cookie_enabled=1&bc=23&abxe=1&lmt=1620156408&dt=1620156408586&dlt=1620156402045&idt=1894&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1226&adks=1463956022&ucis=1&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.baltana.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=970x-1&ga_vid=1197080103.1620156403&ga_sid=1620156403&ga_hid=314227791&ga_fc=false&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c9b963d330731aacb94c291f5cbd589ece9e1fb361b272e1d614a46d30ea3e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8702
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.baltana.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 51ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 63ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:48 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 19:26:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BBEE 0
193 B 74ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.baltana.com&gdpr=1&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.baltana.com&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1539
date: Tue, 04 May 2021 19:26:48 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 54ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:49 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 19:26:49 GMT

GET
H3-29 200 container.html Show response
2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0F39 6 KB
3 KB 25ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 04 May 2021 19:26:48 GMT
expires: Wed, 04 May 2022 19:26:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 49D1 88 KB
35 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Requested by

Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1619951949/48634f99a806c5315cedcf769fcc9b33.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a450cb284472f9744c5a708f7949be4d5230a8f8a7f9d801abc51eaaa7332e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35860
x-xss-protection: 0
last-modified: Tue, 04 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 19:26:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D1C8 468 B
549 B 18ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2JChCozp8CGJWZ5aYBMAE&v=APEucNUbnKWXOSU1Zqz5FaPr5dSgq7pG-aBnYUU5WyS_koVkfDxhPesHH01o996eymrcL-pwsOCoiOsBIEQPnprV-BFo6APaOTMQG4vqn3lxIYWIRXbtdfQisONMicuNkkXKmK5mvSdM-2ISkUQNTzOl-PkSmG0nCkIf14diIgUn51YIAQToxsKmQWCEjFve6nCh3RPVfO2sNSzgm_05loNdCCFFEGgYNg

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CK2JChCozp8CGJWZ5aYBMAE&v=APEucNUbnKWXOSU1Zqz5FaPr5dSgq7pG-aBnYUU5WyS_koVkfDxhPesHH01o996eymrcL-pwsOCoiOsBIEQPnprV-BFo6APaOTMQG4vqn3lxIYWIRXbtdfQisONMicuNkkXKmK5mvSdM-2ISkUQNTzOl-PkSmG0nCkIf14diIgUn51YIAQToxsKmQWCEjFve6nCh3RPVfO2sNSzgm_05loNdCCFFEGgYNg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 19:26:49 GMT
server: cafe
cache-control: private
content-length: 233
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlJxUxsKzB8TtUpy-2xd-iNO_DGHp_hQ243BIL0rpYBl6dWHaHG7cwf_WRo; expires=Sun, 29-May-2022 19:26:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 19:26:49 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACE5 23 KB
12 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgxdZ01tqoOBozaG2fsuIWihPc0l4TXAY31W9Gn2wRAxbxHKQkFma2Qo2f_B-dljRG0NsVC_RO0vbrHKRN5CSEfM2yFXtA5MUL0PSSIvVqVX_D3exs2zt634WAiz-HHNZ7ybQ3Psb20DgYiLc0yeEsXGeW9g&cry=1&dbm_d=AKAmf-CKWE_jq97pDS-F20uipV_NuyX_RrPKZkvCuh0MJ7CtAnkTZruTeJmFSzenZ1JEIhNZd28Vv_DuWGeNWIWpC1XeKgjut_vWo8ab6R2TBdte-EstzBG9Evs9b8OMtzvsfB3xwx8PkxJVUdRMF0CEL6muQC5ipPBS-SPnTwWnTG4dYDfUV2tpVm6vhUd1M01OfesI4uHhn4YVWAZDROOaP-kcEC0wQlzgeAgaTJ6Nc0YjkXguLDQlTVmAoFdvgCscUoLJxxUMk_GqtFcvtFQVPQ3WV-cRidX3DGD5dm9SzZtKwxfS_yEsLybVm3_QPVlAcWYcN1lJiTaHxofNOBPb3CITeaQs6xUYJ-x3hr-X7EIQBZb8VKUvX97sE2HTAC2Ja0MUFxwifS3eHt1QJBeHTqNlwbymTvMsMzu1hV0r6NJ_EZf1XcRXE7V9_G8qVT1OnveyIGo303jon5z4D-X6aNEUJlp_DJnxVMH6EDoDv-89h2odwuPLSKP7elypY1dST6XnLIymlnzmJb5RbZ7WkMVo1AhWoPK99OsHM5egjkFUegQXBWC5f0-b1o3N12S2VwX6SSGnWnYP9ABc6V4kJ6CzncxHg2HuATuMOwvUx5s-asTxgwDPjy6hhk0cw9xfu03PCpyIsKGq_GN5Ko_3UqbXg-ta8Yf1Zhv3JXucCvJ8P9Z0wEzBrta6OqvxzOsE2wJ9fzWHR4YdyfwsR2uTPmbuQKVrRJBIuoJvAxtqxmTGl7vUnHynP2C57jhk667QvrLFIMuIq8oDtrVOA1IjAQiR9jouhoj9IPthiUjLMArLjPICM1AN-xBgcRHiIs54StSE933jZrxK4wS2Arc2RUqGXxNCGchLAgwGVehieZA2F7BkILeUzE9zkIP_55ki66nmbvfzXbgUChtG95UwaL8KPa9wTX-BYHyEf5txkPYn3wPiRAVXsPCGILHgm-ihB_aITFliHWOnccpfoDC1Py9zqfyILubb9rxh142wdUN3jmLXlq93QVilbJ71CthJ0lV4WRe1zsPiVW9mS1t8eE5dh-ZibCufIPiEgb194qFN0B1c7JkhYa5Uw1puEdpp5EtBnUPgsP9CStgsSmawgZUctIZLo7KAaTcrhItlqVHGzHOxeveXVq6wUAJgSgt96ZYF_XTrgZ_tLrF_4o1GCgAxaswedw35ZtZ18b8p1MiLBuElQhGiZC7jvXUzb1WDXcZVGdq7rPFwLaIq-OKzNE5dj7-SvVKRqc0LM0Vg-9NgsVtmTyYRcmSfdr0lwK8thBSK0sInbCQfB5PCF3PyIfp8fV84dLdnOF1_sbUJgLziFLY22P4jGveqtJQNYY318VomKYq_NaUcmK-lyapuwrnOVcGHnxUVH3t7PTh8vUFPGiP9cxRGGmLTUsXZA6jQDoRJInMhwe15G5ADZyrEi9pOoobWd3c_F5Nv9AXhkwKVUGfJlDkJUuO1ewbFv_AQaxCuihTplH25pC1QDe6AYi5VgBvwAGayRzQiNlijJEh_HnR8NqdmphDl4VURgF21Bhs5-TzmakMk6NUFYYIAp7QBoSvdlwNhLWlFPtmuAWu0M0C6fG3WLKpPlBdzfBWcZd4m1nZ66RZCOrO3YvMSkQ6qjijpfIjhvfo7TsuqrsCYp0sBD-gsljHR3i-3te6dq5CsnxfxrS-Vu_omiC4BDoaLH-Dt-y1yNJPUCQba4GU2Bz3zo5BsU9QDdFom0mRhbLfrv_4xZwuF-fYFlnL9wqx06bwohDx4GWOgyGvcXwJXNOQqnPjYk8QXsznypJh1pSLLcvfEObRSU4-h55eO9o-45HPUFQWohAYFP3swzacEU4zV9cJZkEtLXnQ4wzqU81I6jF8-4HmhVLluaZKqH71eOF9Q-4ZLaopQZvRAKEsfsv_5vCv4kXxAGMSzgadpdFyaN6e2BF9FoalE6ZwBi7FcP5Sn5LQiVEKaZQXZQbw60WsJDlESSO6odPC8O9Z8VnTleiDAbFE7OyJti375XCybxVqaQgjUUbE9KAK647JM-GNFo8aDHIdK3zFsJQ8m40C4x9E7hRYyFp1pGqlYrayM6SC4VcF6bYYTJZtyfdmvCGR7peguqmmp0txOVh4TsOa_1EtPlRHmhZSUAnlMg_I0WqOtZhhgbIQKUSGt532T7mPzd_Lux3Rl6ThosCcrMpK-7ffr1OE5f7KYm0oUeLnQKoprQUJNV86w9YiF41MrxWS4jvHb2BEX5qXhMGs_yIJCtBJB-KU1J9TvtVoSHmgcrOsgZNvgF7X-nDt_X3T16hndmxsAfapDyAtA2WYIFbO19eLcfkcyWAjmSdCwmyvjL2DWxhWd6gAUQBgPutgjooedMHLnEt5ooBoE0iidX_ZYl23oE4MYBFk3TbK8k278fA5s-UHF-XIKZrKmhCzaAPzsiGQxi0sPmdTf3Y2MWvaRWc22JKAS0m60uKpJOdM-VuufwWYIfiiWw07uTtxhpbYsSeF06YokSjzLh1f6lK7VidCtXwlz9Ytw2vFSfAi7fzjznXOKNHwnfBmX_rYDUSF61dbOaaL8KQCxsEDMqXWq559LvcfiCA2jQ8fGzqV1Om7njcapoTLA4Z-PN1l5W9pxKE0YV9Pd2Jf4zbzuGknvpqnSS4JrrWraW03Sowu5TvE3NQjZB7qYVMABrAlP5GpEI2s87qkItC6V9LDanSXeIKr_trtCuu2DRZI3SFenUq1BbvIwfRb2WXBVGFEpJbByecNiyIayDt69af-Kns8rAQG0DimP4WqJ5RukzmXCzqAmOTiIH9j8RnGAahjchrGqn0ZHuzZEgvbYkiPPDcMbK7XzOnCc3DqRt8qbMkQU-C-sk0QlNaxAxeRz-sGxS5a0I9A73nvAssiEztysgNvg0F9VfOlORinwSyfeahKTMS1W0n10uz1gXlrWFkk4wF70_X65S-pmRw0ZsPVDWeXYsWioFHd7L59PpbGWYmdxwRQ6Lc3Kg4W0eM0KrhGfW593FvBGaEQX3wpAO-Qqcws8-DNiR3VxP0MUD5zh9LSNvF8cv5MEyyTapo86WTFeS9b0NAoLtxxLiKnR4I4HiJciq4gfQv0McQqOR387OQhF46BqJQ&cid=CAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE&rfl=2%2Chttp%253A%252F%252Fwww.baltana.com%252F%240

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c29c01679a76ee54b9785f794bba5848d8dab21c27c3e53939f49d57bbf6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame ACE5 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dbfd7b38b51c4ab599d18a1b1638306cf58dd6f9b226474bbaf3a05cd78aa2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 18:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 20:55:31 GMT
server: sffe
age: 2520
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3742
x-xss-protection: 0
expires: Tue, 04 May 2021 19:44:49 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame ACE5 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:21:37 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACE5 116 KB
35 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 19:26:49 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame ACE5 13 KB
5 KB 19ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:18:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ACE5 0
0 16ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5V2f0aZ-0arJgMFMBg7VKKIvZRSQWWnBsdXDVwkkE-Sw8zx7L1XZdCgwcjQNo5NDwzrHe
Requested by: Host: www.baltana.com
URL: http://www.baltana.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACE5 42 B
173 B 42ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtZGG1-rZRXzh-YX79JuMoOqm-1Wh-2cEgnoaLX2zN2wB-xE2NyxUVpfiOx_KDM5Lyf8bq2pE-g-4dznr5cWf_sc11cTTtKjeXat6M1b5apAzP4LQ

Requested by

Host: www.baltana.com
URL: http://www.baltana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 49D1 48 KB
17 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
date: Tue, 04 May 2021 19:26:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17509
expires: Tue, 04 May 2021 21:26:49 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame ACE5 22 KB
8 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgxdZ01tqoOBozaG2fsuIWihPc0l4TXAY31W9Gn2wRAxbxHKQkFma2Qo2f_B-dljRG0NsVC_RO0vbrHKRN5CSEfM2yFXtA5MUL0PSSIvVqVX_D3exs2zt634WAiz-HHNZ7ybQ3Psb20DgYiLc0yeEsXGeW9g&cry=1&dbm_d=AKAmf-CKWE_jq97pDS-F20uipV_NuyX_RrPKZkvCuh0MJ7CtAnkTZruTeJmFSzenZ1JEIhNZd28Vv_DuWGeNWIWpC1XeKgjut_vWo8ab6R2TBdte-EstzBG9Evs9b8OMtzvsfB3xwx8PkxJVUdRMF0CEL6muQC5ipPBS-SPnTwWnTG4dYDfUV2tpVm6vhUd1M01OfesI4uHhn4YVWAZDROOaP-kcEC0wQlzgeAgaTJ6Nc0YjkXguLDQlTVmAoFdvgCscUoLJxxUMk_GqtFcvtFQVPQ3WV-cRidX3DGD5dm9SzZtKwxfS_yEsLybVm3_QPVlAcWYcN1lJiTaHxofNOBPb3CITeaQs6xUYJ-x3hr-X7EIQBZb8VKUvX97sE2HTAC2Ja0MUFxwifS3eHt1QJBeHTqNlwbymTvMsMzu1hV0r6NJ_EZf1XcRXE7V9_G8qVT1OnveyIGo303jon5z4D-X6aNEUJlp_DJnxVMH6EDoDv-89h2odwuPLSKP7elypY1dST6XnLIymlnzmJb5RbZ7WkMVo1AhWoPK99OsHM5egjkFUegQXBWC5f0-b1o3N12S2VwX6SSGnWnYP9ABc6V4kJ6CzncxHg2HuATuMOwvUx5s-asTxgwDPjy6hhk0cw9xfu03PCpyIsKGq_GN5Ko_3UqbXg-ta8Yf1Zhv3JXucCvJ8P9Z0wEzBrta6OqvxzOsE2wJ9fzWHR4YdyfwsR2uTPmbuQKVrRJBIuoJvAxtqxmTGl7vUnHynP2C57jhk667QvrLFIMuIq8oDtrVOA1IjAQiR9jouhoj9IPthiUjLMArLjPICM1AN-xBgcRHiIs54StSE933jZrxK4wS2Arc2RUqGXxNCGchLAgwGVehieZA2F7BkILeUzE9zkIP_55ki66nmbvfzXbgUChtG95UwaL8KPa9wTX-BYHyEf5txkPYn3wPiRAVXsPCGILHgm-ihB_aITFliHWOnccpfoDC1Py9zqfyILubb9rxh142wdUN3jmLXlq93QVilbJ71CthJ0lV4WRe1zsPiVW9mS1t8eE5dh-ZibCufIPiEgb194qFN0B1c7JkhYa5Uw1puEdpp5EtBnUPgsP9CStgsSmawgZUctIZLo7KAaTcrhItlqVHGzHOxeveXVq6wUAJgSgt96ZYF_XTrgZ_tLrF_4o1GCgAxaswedw35ZtZ18b8p1MiLBuElQhGiZC7jvXUzb1WDXcZVGdq7rPFwLaIq-OKzNE5dj7-SvVKRqc0LM0Vg-9NgsVtmTyYRcmSfdr0lwK8thBSK0sInbCQfB5PCF3PyIfp8fV84dLdnOF1_sbUJgLziFLY22P4jGveqtJQNYY318VomKYq_NaUcmK-lyapuwrnOVcGHnxUVH3t7PTh8vUFPGiP9cxRGGmLTUsXZA6jQDoRJInMhwe15G5ADZyrEi9pOoobWd3c_F5Nv9AXhkwKVUGfJlDkJUuO1ewbFv_AQaxCuihTplH25pC1QDe6AYi5VgBvwAGayRzQiNlijJEh_HnR8NqdmphDl4VURgF21Bhs5-TzmakMk6NUFYYIAp7QBoSvdlwNhLWlFPtmuAWu0M0C6fG3WLKpPlBdzfBWcZd4m1nZ66RZCOrO3YvMSkQ6qjijpfIjhvfo7TsuqrsCYp0sBD-gsljHR3i-3te6dq5CsnxfxrS-Vu_omiC4BDoaLH-Dt-y1yNJPUCQba4GU2Bz3zo5BsU9QDdFom0mRhbLfrv_4xZwuF-fYFlnL9wqx06bwohDx4GWOgyGvcXwJXNOQqnPjYk8QXsznypJh1pSLLcvfEObRSU4-h55eO9o-45HPUFQWohAYFP3swzacEU4zV9cJZkEtLXnQ4wzqU81I6jF8-4HmhVLluaZKqH71eOF9Q-4ZLaopQZvRAKEsfsv_5vCv4kXxAGMSzgadpdFyaN6e2BF9FoalE6ZwBi7FcP5Sn5LQiVEKaZQXZQbw60WsJDlESSO6odPC8O9Z8VnTleiDAbFE7OyJti375XCybxVqaQgjUUbE9KAK647JM-GNFo8aDHIdK3zFsJQ8m40C4x9E7hRYyFp1pGqlYrayM6SC4VcF6bYYTJZtyfdmvCGR7peguqmmp0txOVh4TsOa_1EtPlRHmhZSUAnlMg_I0WqOtZhhgbIQKUSGt532T7mPzd_Lux3Rl6ThosCcrMpK-7ffr1OE5f7KYm0oUeLnQKoprQUJNV86w9YiF41MrxWS4jvHb2BEX5qXhMGs_yIJCtBJB-KU1J9TvtVoSHmgcrOsgZNvgF7X-nDt_X3T16hndmxsAfapDyAtA2WYIFbO19eLcfkcyWAjmSdCwmyvjL2DWxhWd6gAUQBgPutgjooedMHLnEt5ooBoE0iidX_ZYl23oE4MYBFk3TbK8k278fA5s-UHF-XIKZrKmhCzaAPzsiGQxi0sPmdTf3Y2MWvaRWc22JKAS0m60uKpJOdM-VuufwWYIfiiWw07uTtxhpbYsSeF06YokSjzLh1f6lK7VidCtXwlz9Ytw2vFSfAi7fzjznXOKNHwnfBmX_rYDUSF61dbOaaL8KQCxsEDMqXWq559LvcfiCA2jQ8fGzqV1Om7njcapoTLA4Z-PN1l5W9pxKE0YV9Pd2Jf4zbzuGknvpqnSS4JrrWraW03Sowu5TvE3NQjZB7qYVMABrAlP5GpEI2s87qkItC6V9LDanSXeIKr_trtCuu2DRZI3SFenUq1BbvIwfRb2WXBVGFEpJbByecNiyIayDt69af-Kns8rAQG0DimP4WqJ5RukzmXCzqAmOTiIH9j8RnGAahjchrGqn0ZHuzZEgvbYkiPPDcMbK7XzOnCc3DqRt8qbMkQU-C-sk0QlNaxAxeRz-sGxS5a0I9A73nvAssiEztysgNvg0F9VfOlORinwSyfeahKTMS1W0n10uz1gXlrWFkk4wF70_X65S-pmRw0ZsPVDWeXYsWioFHd7L59PpbGWYmdxwRQ6Lc3Kg4W0eM0KrhGfW593FvBGaEQX3wpAO-Qqcws8-DNiR3VxP0MUD5zh9LSNvF8cv5MEyyTapo86WTFeS9b0NAoLtxxLiKnR4I4HiJciq4gfQv0McQqOR387OQhF46BqJQ&cid=CAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE&rfl=2%2Chttp%253A%252F%252Fwww.baltana.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 12149544148951276823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 19:26:07 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACE5 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108734
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 13:14:35 GMT

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame D1C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGfqSoOXmkux1rfp2qCvqts&google_cver=1

43 B
407 B

75ms
39ms

Image
image/gif

2001:678:cb4:bbbb::13
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGfqSoOXmkux1rfp2qCvqts&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2JChCozp8CGJWZ5aYBMAE&v=APEucNUbnKWXOSU1Zqz5FaPr5dSgq7pG-aBnYUU5WyS_koVkfDxhPesHH01o996eymrcL-pwsOCoiOsBIEQPnprV-BFo6APaOTMQG4vqn3lxIYWIRXbtdfQisONMicuNkkXKmK5mvSdM-2ISkUQNTzOl-PkSmG0nCkIf14diIgUn51YIAQToxsKmQWCEjFve6nCh3RPVfO2sNSzgm_05loNdCCFFEGgYNg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEGfqSoOXmkux1rfp2qCvqts&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D1C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1

43 B
1014 B

69ms
65ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2JChCozp8CGJWZ5aYBMAE&v=APEucNUbnKWXOSU1Zqz5FaPr5dSgq7pG-aBnYUU5WyS_koVkfDxhPesHH01o996eymrcL-pwsOCoiOsBIEQPnprV-BFo6APaOTMQG4vqn3lxIYWIRXbtdfQisONMicuNkkXKmK5mvSdM-2ISkUQNTzOl-PkSmG0nCkIf14diIgUn51YIAQToxsKmQWCEjFve6nCh3RPVfO2sNSzgm_05loNdCCFFEGgYNg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D1C8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJGf.QCLObyU6.DnJtGczwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1&google_hm=2

43 B
894 B

46ms
45ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2JChCozp8CGJWZ5aYBMAE&v=APEucNUbnKWXOSU1Zqz5FaPr5dSgq7pG-aBnYUU5WyS_koVkfDxhPesHH01o996eymrcL-pwsOCoiOsBIEQPnprV-BFo6APaOTMQG4vqn3lxIYWIRXbtdfQisONMicuNkkXKmK5mvSdM-2ISkUQNTzOl-PkSmG0nCkIf14diIgUn51YIAQToxsKmQWCEjFve6nCh3RPVfO2sNSzgm_05loNdCCFFEGgYNg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAvCwmQm13wkobWxe-a5N4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 impl_v71.js Show response
www.googletagservices.com/dcm/ Frame ACE5 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v71.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 20:14:08 GMT
server: sffe
age: 20520
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
expires: Wed, 04 May 2022 13:44:49 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1EF8 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 04 May 2021 08:59:18 GMT
expires: Wed, 04 May 2022 08:59:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37651
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame ACE5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20c8576cecb84e923da8f7ecfcc560a6dde859d86ce721c7e9f25912b6a634ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 49D1 1 B
21 B 17ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=667080470&t=pageview&_s=1&dl=http%3A%2F%2Fwww.baltana.com%2F&ul=en-us&de=UTF-8&dt=Adx_smartbanner_baltana.com_0_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0&cs=baltana.com&cm=Adx_smartbanner&cc=Default&_u=YEBAAUABAAAAAC~&jid=1150410410&gjid=1455824746&cid=337895466.1620156410&tid=UA-128776493-28&_gid=951402766.1620156410&_r=1&gtm=2ou4l3&z=1742476178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.baltana.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25722706.302188530;dc_ver=71.205;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=2988274605;ord=4bb45v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4LpR-J... Show response
ad.doubleclick.net/ddm/adi/N3347.1882640AMNET.BE/ Frame 9042 26 B
533 B 108ms
41ms Document
text/html 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N3347.1882640AMNET.BE/B25722706.302188530;dc_ver=71.205;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=2988274605;ord=4bb45v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4LpR-J-RYP79JtqP3gO-wJnoD5_BhsRio8q0nOMN286Z0J4kEAEgvc-GaGC5-MeA3AHIAQmpAg5Mg9KHKrQ-qAMBqgS7AU_Qh4jXtNLMK26Gi66G8DzUKnIm9OBlOeZZNdbEeOqvXV1_fOhbtpfnJEKxUrRfntK_YqK8anW7mDdvtun1lrWfAdDIikYfSOJ-vBbNw-Ey9dJ1JawHtW2KAZ9Nzng7K4bQPAMqBgbvqe1AYaiEVbnLwjPV3djsa1nKVrPIzEJHeZ0EqDMlZrr1QjvmsyiHI2n476YbecxLzfIikRF62jwzWQyv0cxc5zx4HD0zy3GWHa5hu-nchD2YJPbABJuP8-bFA-AEA5AGAaAGTYAHnJfSowGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTE2MDk4Nzg0MTYwNzczMjOACgOYCwHICwGADAGwE_WTsQvIE42E7NwD2BMK2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE%26sig%3DAOD64_0FvZcOAZC-jbZ6Bug0jP6LOh51rg%26client%3Dca-pub-9035087792692775%26dbm_c%3DAKAmf-Dg2Smqe2HRn5xbyDpz8R3bHcsFY7X8A1oqK2zEvpjmVVCA08YDMbwjGPP0o9OooP3IysMkdp-UZ_p5c9sgRaRr0JbxJYfmD3s7k1yC4QFN7UlYJAiY_SWLIcb3JQuKfIZv8r0sw4E44NPuyV9J5maEpdiKdg%26cry%3D1%26dbm_d%3DAKAmf-DtUMd8peLjpzJHV1BpI0PlS39vUPmKpDiRBKgBky22otuuN5PGqqtsH_HLzVul_5x2nRCMTZ8fWdygCyzrLa92zlFmjiamo2niHU-6H8R-Kz0VELvG-piZt88j62U0Iquq3xSGCBJGCfGp9YkcWyl1TUhWIMbjnU8_JVMNVB8dPQ0SywHW3oYWGYPsKjwdQ7zIa5s1ju87jqePXO33pzB95f34fHr42cFxKFShA9CxiD-hVuqdIQbrwdNW5nRJDQ0PT7PQ--IoyoD5HSCXvAr6pfB2iZZkdXGw0aY0w-f8vpoJSBBBY_2NxG3eeC2gwot06q7pgP291yRUVKkSfW1Bi5xxpaHIY3UotCkjWFTVJt7IEA3277dKdogUbd9XK2_Yi-5e33K5kWdG9rDtnPcjSJxIQoGEfaHCb63NrDvUqjatS7hW_gT8Mo0HJ9a4CM8Mcunu%26adurl%3D;dc_rfl=2,http%3A%2F%2Fwww.baltana.com%2F$0;xdt=1;crlt=e_Iz8TpKDg;cmpl=8;gcsr=a;osda=2;sttr=175;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N3347.1882640AMNET.BE/B25722706.302188530;dc_ver=71.205;sz=728x90;u_sd=1;gdpr_consent=tcunavailable;gdpr=1;dc_adk=2988274605;ord=4bb45v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4LpR-J-RYP79JtqP3gO-wJnoD5_BhsRio8q0nOMN286Z0J4kEAEgvc-GaGC5-MeA3AHIAQmpAg5Mg9KHKrQ-qAMBqgS7AU_Qh4jXtNLMK26Gi66G8DzUKnIm9OBlOeZZNdbEeOqvXV1_fOhbtpfnJEKxUrRfntK_YqK8anW7mDdvtun1lrWfAdDIikYfSOJ-vBbNw-Ey9dJ1JawHtW2KAZ9Nzng7K4bQPAMqBgbvqe1AYaiEVbnLwjPV3djsa1nKVrPIzEJHeZ0EqDMlZrr1QjvmsyiHI2n476YbecxLzfIikRF62jwzWQyv0cxc5zx4HD0zy3GWHa5hu-nchD2YJPbABJuP8-bFA-AEA5AGAaAGTYAHnJfSowGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTE2MDk4Nzg0MTYwNzczMjOACgOYCwHICwGADAGwE_WTsQvIE42E7NwD2BMK2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE%26sig%3DAOD64_0FvZcOAZC-jbZ6Bug0jP6LOh51rg%26client%3Dca-pub-9035087792692775%26dbm_c%3DAKAmf-Dg2Smqe2HRn5xbyDpz8R3bHcsFY7X8A1oqK2zEvpjmVVCA08YDMbwjGPP0o9OooP3IysMkdp-UZ_p5c9sgRaRr0JbxJYfmD3s7k1yC4QFN7UlYJAiY_SWLIcb3JQuKfIZv8r0sw4E44NPuyV9J5maEpdiKdg%26cry%3D1%26dbm_d%3DAKAmf-DtUMd8peLjpzJHV1BpI0PlS39vUPmKpDiRBKgBky22otuuN5PGqqtsH_HLzVul_5x2nRCMTZ8fWdygCyzrLa92zlFmjiamo2niHU-6H8R-Kz0VELvG-piZt88j62U0Iquq3xSGCBJGCfGp9YkcWyl1TUhWIMbjnU8_JVMNVB8dPQ0SywHW3oYWGYPsKjwdQ7zIa5s1ju87jqePXO33pzB95f34fHr42cFxKFShA9CxiD-hVuqdIQbrwdNW5nRJDQ0PT7PQ--IoyoD5HSCXvAr6pfB2iZZkdXGw0aY0w-f8vpoJSBBBY_2NxG3eeC2gwot06q7pgP291yRUVKkSfW1Bi5xxpaHIY3UotCkjWFTVJt7IEA3277dKdogUbd9XK2_Yi-5e33K5kWdG9rDtnPcjSJxIQoGEfaHCb63NrDvUqjatS7hW_gT8Mo0HJ9a4CM8Mcunu%26adurl%3D;dc_rfl=2,http%3A%2F%2Fwww.baltana.com%2F$0;xdt=1;crlt=e_Iz8TpKDg;cmpl=8;gcsr=a;osda=2;sttr=175;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkZ_HKWF1-VtwoEH2rpl7EWgODmDl_wzd8xNUB1DLR4i1YMy7wHjBNvAykrb2o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 19:26:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 23
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EF8 14 KB
6 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 5755
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EF8 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIg8F-Z-RYODbE5jC7_UPm8iv8AMAAAAAOAHgBAI&bg=!4OOl46fNAAYXzPaOF8w7ACkAdvg8WkxA6QCa8L--tVNfDpQGNYD9RLKBBzpL3OoZYVhIQ8AFAeugugIAAAElUgAAABNoAQeZAtwA-vkDHxxXEFsYt5TdDn3R-RX3URkQ5zeSoBLSgQ412d-BZ4laJwIpbwMlEnrmbegQZe5iQ38WHQ2tNfb3ZrJ7IHWmwrtbTi5939p6ZpSDXBO-Vxb_4nds2PCZ26DaKIV7PTK-f-3TAHutwCJHwqixTPI1HtU_WBJ_SVxOVcQ3H5vhoyGEhz038l0gaO2xlfje-HSes_X1Z_MKS0qyff9Zq_CaApuhQ1cpQcxAK8QO3UHFRCbRf--QaJQMC9ERt6g4bxhnCpQDClZar4FtNuHCiXYPwLQbp8VD4KC63YhxGq-dRAkEdDWBe0rkKK6raxRsCyVtqMMlZR92OsHlOURhf9Pb90gFMCDc55uud8ZlrjWxcwSYxQwYuuJdx4aQFMDVcItRPC4DfHmDW1SWqgZ6panSlVs5R_ISYLpSIRRIngfR7bKJTitzxrApsQJM9obqdeUwHvb3ylBOKN4d2pAzCXGqSefPW23m2Meg8cAvjwRtyDXoBdd0mFitNu7YjKJaMz8rNGCdfiTteVnQzM-W26r4aQkrwqhc6XzIDqRUAP6jBkoitY5a-cdNmUiYs_0XVNXaCjFidWoAf6G94XiiZWpRQ5nRXCEBBq2qRG8gfz3WT_T7W5geslFU_56JjSfkZJhHMc9BwiWhJ3glbtKgm50f1QFXAUt_4-PW2jzV1dd8T4lOIiXbWmzadNp5Daj4BOEIS7TCn-TozD0xEJUIeZoKCIDo0ZnS-LA-pSiH0n8yNBAMSWtvfBd6_gEBP69UW7sEqbB0_jj8FSN1F44cnrfJYoIdtz1nWO00GUBK-pVt7symlk_7xa37xBaK7fUwgA-ArjKa1X2qwKUlwS_faSy_NX-NlQSbsi1O-Js8ES5knrEsm1DbcMoyo_6p45uIMN_91E1YVgXSuz_iDRZg4n_nM7KskxdCa_Ul2Pbe11BAukQrar7j9Ys1AqIf_W0jQQTLXh8M9-9NuRI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACE5 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqf-aiZvzWqVcB0xweEvE-em3PSL82c0ZMWyGq1zYmGwibU_5HTLB5wbaCsIjftKngLaZXZnhY5lYzxjbfkCr5vYPgrU_NBT63dfTJX8v53XaG&sai=AMfl-YSWK4jj_gMAPJsBrg7QZYLJB0HQrbWJawQsOtypYKHG8AQ1wSGWA7k61gwal28WtE5kYhv__92y4rTR8XJcCMtz2l2_gUNqcPWk3ipHswvJg_ylD00xm3uwoIO3PwI&sig=Cg0ArKJSzP2PCpeVKiaWEAE&cid=CAASPeRo2j6ltEGJx3KXg4cfhEQVrrfnZhYPr5qaUT4hAD-rbJuzRSpd7WoSPBfWi4w8EnzhGKjH2rQEX2st4WE&id=lidar2&mcvt=1004&p=1107,315,1201,1043&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&app=0&itpl=20&adk=1463956022&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620156409205&dlt=78&rpt=6&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2E99 2 KB
1 KB 111ms
42ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.baltana.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 04 May 2021 19:26:51 GMT
Connection: keep-alive

GET
H2 200 quantumdex Show response
sync.quantumdex.io/usersync/ Frame 67ED 3 KB
1 KB 135ms
134ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/quantumdex
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d636046bf682ab69f8e7d80a7ac56bd915feb2393122c73f03c4305a8cb6e93

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/quantumdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.baltana.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
content-type: text/html
set-cookie: __cfduid=ddfcef3a4eb70c8fa2f2ce4d4755717a01620156411; expires=Thu, 03-Jun-21 19:26:51 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=b095f86f-60fd-421f-9245-8100a1f9a6f8; expires=Mon, 24 May 2021 19:26:51 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09da7204b700004eb5dfbd6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lMzDzdS%2BB4J1B1DVzBTM92jYEFZt6U6NVXnck9UjubwZb1%2BFuuDWdRbN6k4v7RL7GPi80GdSDgupxHtSfBisvcY%2F92he1YRbqaV5S5rvQynzR6sAbbD2qNM%2Bptca6vo%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a41f812b5e4eb5-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8E07 52 KB
17 KB 70ms
24ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.baltana.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.baltana.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 04 May 2021 19:26:51 GMT
Age: 52124
X-Served-By: cache-lga21934-LGA, cache-hhn4080-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 815598
X-Timer: S1620156411.124467,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

um
u-ams02.e-planning.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dccd333e7a2c1e3b2%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Dccd333e7a2c1e3b2%26uid%3D%24UID&sovrn_retry=true
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ccd333e7a2c1e3b2&uid=7797c08aad1cf6d7b780d5c0

42 B
104 B

111ms
37ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ccd333e7a2c1e3b2&uid=7797c08aad1cf6d7b780d5c0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.baltana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Tue, 04 May 2021 19:26:51 GMT
Server: nginx
Location: https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=ccd333e7a2c1e3b2&uid=7797c08aad1cf6d7b780d5c0
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame D71A 2 KB
3 KB 155ms
78ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c481ea2d7c4d90605ed5bd770b69185c065ec141d3aef69f1d9e2b36eeb05bf4

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YJGf.QCLObyU6.DnJtGczwAA; CMPS=1155; CMPRO=1106; CMST=YJGf+WCRn-kA; CMRUM3=2d60919ff92760CAESEOAvCwmQm13wkobWxe-a5N4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|73|8|196|195|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1640
Expires: Tue, 04 May 2021 19:26:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Connection: keep-alive
Set-Cookie: CMID=YJGf.QCLObyU6.DnJtGczwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 19:26:51 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 19:26:51 GMT CMPRO=1106;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 19:26:51 GMT CMST=YJGf+WCRn-sA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 May 2021 19:26:51 GMT CMRUM3=e660919ffb27600&c460919ffb05a0&4960919ffb05a00&f160919ffb05a0&2760919ffb0b40&0860919ffb05a00&2d60919ff92760CAESEOAvCwmQm13wkobWxe-a5N4&2860919ffb05a00&c360919ffb05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 19:26:51 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XRb7OzpE2uHsvZxUOcTnRFQO4kS4axdCSmoBhz8-~A

43 B
327 B

149ms
148ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XRb7OzpE2uHsvZxUOcTnRFQO4kS4axdCSmoBhz8-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mIG0%2B5o4gfkvoh5ENFdS672mG3dpVAuPdZm1XRUg0mNBQI3oaTxw0oWKvoDCZR%2BDx1ZX8AkJ1faRgsxLW%2F%2BbjdSvReXAUW7eJP85wwF5Q5DWLOdZytRXdcoJ6rcY42Y%3D"}]}
content-type: image/gif
cf-ray: 64a41f83996f4eb5-FRA
content-length: 43
cf-request-id: 09da72063c00004eb5dfbfb000000001

Redirect headers

Date: Tue, 04 May 2021 19:26:51 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XRb7OzpE2uHsvZxUOcTnRFQO4kS4axdCSmoBhz8-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=97cfd10f-7f10-4933-ad0c-a3fffad35693

43 B
325 B

134ms
133ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=97cfd10f-7f10-4933-ad0c-a3fffad35693
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Ff5XWm6Cy0qYMDObQOHBHb6ScSzefbtfq6uMX4kHcJSWDTmOnPE%2F34m25E23cg6V3JDBhBvbH7dZaFcYLEHK0OYAlw1DYmCZBd3C6ESffUCJDMAqQWTVtV2HizUM2Yw%3D"}]}
content-type: image/gif
cf-ray: 64a41f82dfc94eb5-FRA
content-length: 43
cf-request-id: 09da7205c900004eb593392000000001

Redirect headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qhg1qV9ODI7R2KlCqY8pC%2FEEPGfrLKzesZPULa0zRIHQfIwk6VbW7HWFgHg1ufpRKWAj0j53XmdsYBxWYu6VnHwQRNmvAbyBJQRasZki1LJwYbmSM30Vy487XDBI"}]}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=97cfd10f-7f10-4933-ad0c-a3fffad35693
cf-ray: 64a41f821de44eb5-FRA
content-length: 0
cf-request-id: 09da72054e00004eb515074000000001

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
https://prebid.a-mo.net/cchain/0?A=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=2676205261351850437
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
https://prebid.a-mo.net/cchain/1?A=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=7797c08aad1cf6d7b780d5c0
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
https://prebid.a-mo.net/cchain/2?A=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YJGf.QCLObyU6.DnJtGczwAA%...
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44

43 B
330 B

152ms
142ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lwKgWt4Rt7OUhMRYLP1z24Y2mD1B%2BZwgiSoZ11L2zCuPqfQdwYLFWjGwlo4O5nhd243%2BOs5m%2FPHv9spvm%2FckMG%2FzBowhO%2FIgd2Spg0snZZL0CpD38jkFvyJZmDK8yN8%3D"}]}
content-type: image/gif
cf-ray: 64a41f862f994eb5-FRA
content-length: 43
cf-request-id: 09da7207d500004eb521a9c000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=2f3a0f7c-6170-4fcc-a5d8-0f36460dbd44
date: Tue, 04 May 2021 19:26:51 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7418869481853645801

43 B
326 B

139ms
139ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7418869481853645801
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GhjCKcjsajHh0qL5ebzubiEXYK8NqBfAaOZIK6ZygnbAjmbY6oEES%2F0r84hULstkx01xb6nf3%2BxNt%2FfQuF7IWT5uDeOwwNyPH0rJW3gOUkiCLCabsE6DP%2BHm3xmb62Y%3D"}]}
content-type: image/gif
cf-ray: 64a41f82cfa94eb5-FRA
content-length: 43
cf-request-id: 09da7205c000004eb5f9200000000001

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.47:80
AN-X-Request-Uuid: c766bbd2-4c2f-433c-a74e-a479e3baf848
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7418869481853645801
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPad40e223-ad0e-11eb-818a-06ca284878ea
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPad40e223-ad0e-11eb-818a-06ca284878ea&verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPad40e223-ad0e-11eb-818a-06ca284878ea

43 B
334 B

134ms
130ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPad40e223-ad0e-11eb-818a-06ca284878ea
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Af6NPCM4tvBhkMbBBGtNAieaLx9Ljx6j1mfyNpRtFLx3KzxaAoa%2BObzL6M1Snp0gDmYx0MR6P8ExBUob6LJUIDBsZHq3ifMZKBg1oB433f1UujOHNXKGwf0qPakZWd4%3D"}]}
content-type: image/gif
cf-ray: 64a41f84ecbe4eb5-FRA
content-length: 43
cf-request-id: 09da72071200004eb5ad207000000001

Redirect headers

Date: Tue, 04 May 2021 19:26:51 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPad40e223-ad0e-11eb-818a-06ca284878ea
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 67ED 0
478 B 129ms
18ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=7797c08aad1cf6d7b780d5c0

43 B
335 B

131ms
130ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=7797c08aad1cf6d7b780d5c0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jqyVF2rQFfo2ZFkwA1hfzT04v7VFWkSv2CMdcrfoHqh9SfjDCFLx74lQRL0z8roOvlZZJsRw2hAMMwFznGd4jr8QW4O9BeTWG%2BBR2zx5zg2abvpVJ8IZksmGUEVPgTc%3D"}]}
content-type: image/gif
cf-ray: 64a41f829f234eb5-FRA
content-length: 43
cf-request-id: 09da72059e00004eb5f91fc000000001

Redirect headers

Date: Tue, 04 May 2021 19:26:51 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=7797c08aad1cf6d7b780d5c0
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2676205261351850437

43 B
330 B

137ms
137ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2676205261351850437
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GH6c5koUO6k8%2BtILLDOOl9xz%2BaPyvwcaivfsnnNcKxS2gpsTGkN9Eu9p5c%2Fds1%2BQz4urD2B7RB4iEiK2mL169ju1T93r%2FQICKPqfL%2Flnbh56VbeGOx%2FQ1wqatWG3KQY%3D"}]}
content-type: image/gif
cf-ray: 64a41f82dfd44eb5-FRA
content-length: 43
cf-request-id: 09da7205cb00004eb523032000000001

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: a31cb928-96b1-4b90-8946-1df8e7a3b3a7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2676205261351850437
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=c92fea8e-434a-527c-b6bb-42b7d62add4c

43 B
433 B

149ms
142ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=c92fea8e-434a-527c-b6bb-42b7d62add4c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ibSMTCQcVSs7jCCiFCdwfreMh2%2FBizqa%2BHfGvUiY6KAR0sf7Fx%2FZeij1tvVq4QB%2F0fvSsQGn94MAZeZqjSdD9ivtuhp6F17k0QuHy4mDIjUeLnr9tu36nyTQ1xlMfyA%3D"}]}
content-type: image/gif
cf-ray: 64a41f844b1d4eb5-FRA
content-length: 43
cf-request-id: 09da7206ac00004eb5933a9000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=c92fea8e-434a-527c-b6bb-42b7d62add4c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 67ED
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1894828808989263297

43 B
467 B

136ms
131ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1894828808989263297
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A3PPcHFTZryo30zwPN%2FhyNDW8eIAiATM6v0o79v%2BQ5nYPJtWxjWLVLcPa73uAw%2FUH3232pyXTv2nH%2FOKvs%2BAfiOcEeL6ZMVKxCVCUSYz0pBAiLIW7Gd3PJ%2BpwNEjc6o%3D"}]}
content-type: image/gif
cf-ray: 64a41f83082d4eb5-FRA
content-length: 43
cf-request-id: 09da7205e500004eb5ad9c1000000001

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
X-Proxy-Origin: 185.210.217.100; 185.210.217.100; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: c957df34-7bf1-43b5-b157-8e4f6f8c4d34
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1894828808989263297
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 d
ic.tynt.com/r/ Frame E727 0
0 345ms
116ms Document
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

server: nginx/1.16.1
date: Tue, 04 May 2021 19:26:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame DC72 2 KB
3 KB 153ms
81ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4f37fcf1f9de98aa757fce6993698a27d8419cf661c5d57e2b874de3586b02b

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YJGf.QCLObyU6.DnJtGczwAA; CMPS=1155; CMPRO=1106; CMST=YJGf+WCRn-kA; CMRUM3=2d60919ff92760CAESEOAvCwmQm13wkobWxe-a5N4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|46|221|64|13|239
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1750
Expires: Tue, 04 May 2021 19:26:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Connection: keep-alive
Set-Cookie: CMID=YJGf.QCLObyU6.DnJtGczwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 19:26:51 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 19:26:51 GMT CMPRO=1106;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 02 Aug 2021 19:26:51 GMT CMST=YJGf+WCRn-sA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 05 May 2021 19:26:51 GMT CMRUM3=f160919ffb05a0&e660919ffb27600&ef60919ffb05a00&2d60919ff92760CAESEOAvCwmQm13wkobWxe-a5N4&dd60919ffb27600&2e60919ffb05a0&0d60919ffb05a0&2760919ffb0b40&4060919ffb05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 May 2022 19:26:51 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D7A8 2 KB
818 B 81ms
24ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame DB66 43 B
551 B 98ms
20ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 04 May 2021 19:26:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YJGf/; path=/; domain=.go.sonobi.com

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 327F 8 KB
3 KB 110ms
32ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=69432
Expires: Wed, 05 May 2021 14:44:03 GMT
Date: Tue, 04 May 2021 19:26:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 538C 38 KB
14 KB 50ms
48ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=118661
Expires: Thu, 06 May 2021 04:24:32 GMT
Date: Tue, 04 May 2021 19:26:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D71A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t

43 B
433 B

285ms
258ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D71A 70 B
265 B 141ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJGf.QCLObyU6.DnJtGczwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D71A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1

43 B
315 B

55ms
41ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YJGf-QCLObyU6-DnJtGczwAABFIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D71A 43 B
924 B 112ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YJGf-QCLObyU6-DnJtGczwAABFIAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D71A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0fce24fa-ea5d-48b3-b15f-02b0b670490c&expiration=1651692411

43 B
1 KB

46ms
45ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0fce24fa-ea5d-48b3-b15f-02b0b670490c&expiration=1651692411
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=0fce24fa-ea5d-48b3-b15f-02b0b670490c&expiration=1651692411
date: Tue, 04 May 2021 19:26:51 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D71A
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

46ms
45ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

date: Tue, 04 May 2021 19:26:51 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D71A
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e2249d19-a0a1-42f3-a881-be4cc628527d

43 B
1 KB

46ms
45ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e2249d19-a0a1-42f3-a881-be4cc628527d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e2249d19-a0a1-42f3-a881-be4cc628527d
date: Tue, 04 May 2021 19:26:51 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame D71A 43 B
425 B 35ms
29ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YJGf.QCLObyU6.DnJtGczwAA%261106?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:51 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1506
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:51:57 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 6FCD
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

119ms
118ms

Document
text/html

35.170.231.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=http://www.baltana.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-231-210.compute-1.amazonaws.com
Software: /
Resource Hash: e425b144372683d64c074f5340c4dba67d015950d4b717a33dbe8fe9a7b937b5

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=49f143f4-3024-48db-9a9d-e4833efe6b14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Tue, 04 May 2021 19:26:51 GMT
pragma: no-cache

Redirect headers

date: Tue, 04 May 2021 19:26:51 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=49f143f4-3024-48db-9a9d-e4833efe6b14; Path=/; Domain=eqads.com; Expires=Wed, 04 Aug 2021 19:26:51 GMT; Secure; SameSite=None

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame DC72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1

43 B
315 B

56ms
42ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEMaY9oEXua4VKQgl_svthD0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DC72
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t

43 B
433 B

112ms
111ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DC72 70 B
264 B 129ms
32ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJGf.QCLObyU6.DnJtGczwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame DC72 0
0 122ms
58ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

tpid=YJGf.QCLObyU6.DnJtGczwAA%261106
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame DC72
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJGf.QCLObyU6.DnJtGczwAA%261106
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJGf.QCLObyU6.DnJtGczwAA%261106

49 B
709 B

65ms
49ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJGf.QCLObyU6.DnJtGczwAA%261106
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.214
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:51 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJGf.QCLObyU6.DnJtGczwAA%261106
cache-control: no-cache
x-server: 10.45.4.19
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC72
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622748411

43 B
1 KB

49ms
48ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622748411
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 19:26:50 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622748411
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DC72
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0630220400023ac6a01e1d72&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

46ms
45ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0630220400023ac6a01e1d72&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0630220400023ac6a01e1d72&expiration=[EXPIRATION]&gdpr=1
Date: Tue, 04 May 2021 19:26:51 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame DC72 43 B
726 B 171ms
75ms Image
image/gif 23.59.71.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YJGf.QCLObyU6.DnJtGczwAA%261106
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.59.71.246 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-71-246.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1620156411360059-148
Expires: Tue, 04 May 2021 19:26:51 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame DC72 43 B
458 B 177ms
163ms Image
image/gif 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YJGf-QCLObyU6-DnJtGczwAABFIAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 19:26:51 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y0D8PH1mCGkTmsotEaIij1EJ3UWPQUjMzUAEu%2BXB%2FkNvVegF4uuZRkMhI3J8%2F0BncQWfWh48NLoaZ0UNo1PuUE%2BTyD%2F45EWYW9CF8k9SitAaFkKWVkzEtYOJwUT3cfo%3D"}]}
content-type: image/gif
cf-ray: 64a41f8348b34eb5-FRA
content-length: 43
cf-request-id: 09da72060a00004eb50002a000000001

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 538C 0
75 B 348ms
20ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=69456331&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 19:26:51 GMT
Content-Length: 0

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 6FCD 43 B
1 KB 48ms
45ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=49f143f4-3024-48db-9a9d-e4833efe6b14&expiration=1628105211
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 19:26:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 19:26:51 GMT

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baltana.com/	1970-01-19 18:02:38	Name: __utmb Value: 254129179.1.10.1620156403
.baltana.com/	1970-01-19 18:02:37	Name: __utmt Value: 1
.baltana.com/	1970-01-19 22:25:24	Name: __utmz Value: 254129179.1620156403.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.baltana.com/	1970-01-20 11:33:48	Name: __utma Value: 254129179.1197080103.1620156403.1620156403.1620156403.1
www.baltana.com/	1970-01-19 18:02:43	Name: __vliIPL Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1620163602599}
.baltana.com/	1969-12-31 23:59:59	Name: __utmc Value: 254129179
www.baltana.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qgeaekcfm8jd7n96sg84ov6jm0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: http://assets.vlitag.com/prebid/default/prebid-v4.36.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2192393c36fad1decaa4276abce6e225.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
assets.vlitag.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
c2shb.ssp.yahoo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
d.turn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
image6.pubmatic.com
js-sec.indexww.com
l.sharethis.com
logs.vlitag.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ms.quantumdex.io
nep.advangelists.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
platform-api.sharethis.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
sync.adotmob.com
sync.go.sonobi.com
sync.quantumdex.io
tag.vlitag.com
tpc.googlesyndication.com
u-ams02.e-planning.net
um2.eqads.com
ups.analytics.yahoo.com
useast.quantumdex.io
www.baltana.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.108.144.214
104.108.145.8
13.248.242.197
136.144.59.88
142.250.185.226
151.101.113.108
172.217.16.134
172.217.18.98
178.162.133.149
178.250.2.131
185.183.112.155
185.184.8.30
185.33.220.244
185.33.221.13
185.64.189.115
188.42.196.115
2001:678:cb4:bbbb::13
208.100.17.186
216.52.2.19
23.37.38.181
23.59.71.246
2600:9000:20c8:3600:1c:8a07:5e80:93a1
2600:9000:20c8:3a00:c:a9b7:ddc0:93a1
2600:9000:20c8:9c00:c:abe:f440:93a1
2606:4700:20::681a:24e
2606:4700:20::681a:eee
2606:4700:20::681a:fee
2606:4700:20::ac43:4597
2606:4700::6812:bcf
2a00:1288:110:c305::8000
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a02:2638:1::3
2a02:2638::1c
2a04:4e42:3::621
3.122.26.231
3.126.56.137
3.126.63.176
34.194.148.31
35.170.231.210
46.249.52.249
5.178.65.246
51.178.20.140
51.89.9.254
52.21.63.28
52.28.203.152
52.94.232.32
54.171.173.220
66.155.71.150
95.211.152.187
00813520ffc3cebb6e7f98d764f9bf1b3676d6a84fc27294f9ae6c81daea146e
05bfcecc064da4c129950276f5ce3eb7aac4c1abf595975cc4bb311616620c2b
09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43
0d7df1aecf31bcb3dbf4f131e67b99c1902cb6485aaee711cb6fd447212bb0b4
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a76caec408b6da8d40050aa9baa1f1235ff5cd0a165572e2f4bf4b4176b69c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185f6d983be5f11b6485e784d4569cf11c950fd6ba06a50aa795bd151f91590d
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1c831783877cf0dfece90797ae797427d74cfe9a280b4475248de3decc86a1e7
1d636046bf682ab69f8e7d80a7ac56bd915feb2393122c73f03c4305a8cb6e93
1ed2c4e5772638c71a9d1baae02d6e4af2e21e9af07b26afda186fe0a10561c3
20c8576cecb84e923da8f7ecfcc560a6dde859d86ce721c7e9f25912b6a634ea
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
28648675d8bac4f55e6b896a3c14526a14610496c0d151f0749db3d0312e6829
2a450cb284472f9744c5a708f7949be4d5230a8f8a7f9d801abc51eaaa7332e2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8a615585d832a0503db31ded01ae6ca8677ffa13c9434637f680444b6442a2
302fb5a88053319c4328d4cf7140290569e42648a82108749de500da4c6a4d05
30dd7d114cd4c2c53f998d74dca291b5bbe6d88e0dd792f2d82bf98763a7793d
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35356d2909675d7af97438329e15a9c1a97ab2f0a66c7726a4f8f58aa0a32244
35c29c01679a76ee54b9785f794bba5848d8dab21c27c3e53939f49d57bbf6cf
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4065cf913973481ce99a44be69908dc8bf0f7b9455014ecd44c0cd38997d8858
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4697a44834deac6b1c75e3a6f8340fbc9491abc234d2e18c34965d15b26bc324
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c7c7256c0ea96363ce0c87a3d9c27641f2c0bb712937f9128fc2f674b489e7
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b3340458dd6cae0b8691520d3ee47ef9a3dd8b35246350caf2be99f21d0ebfb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524b2f286b2c006a283edd312b09b9f1f27a83f2d09e666242314b2e46000653
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5461777e8becbffec6413374caaf11144302832dcd36a2686be6aeddd1ca4040
55ca9d6ad672a0ac13e86e6f4cfe2e7df10f01c5ea1b3ec938f6c5a059f4f3f1
5a6e1ef59b0e25b35922fc2117ab18d4a7aaee0752637011fd065ff1572792be
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5c0cb33c12e0e0f96530fb327becb022e9f1a0845f8c8935a86eea90c8061bc8
5c47565e09dcc0d542ef7240e436c7bde3d589ed6ca467f504021ee6bbd09b62
5dea8984491ed3fe752d198396e305ffdc25b0841f0bf8b35ba31df2d14462ae
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
627aced2f5079d2538145e0c758daf8a0b74588e77ec472e6020146c59764ec6
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68ef14d5aa1992243b597f857d059ca742107d2745cd0904e1f515113393146a
6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a
69d4c116fa1b44c4a249b18d99b9348aa2e877808bf0b2f2d5669e6ce3e34804
6ad2362dc231cd2c40a96d6c0d2633037a6f3c0f09e99572f728ef1c311974ee
6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7295cc0c05892a880716934e60b146265e256879ad78f5b81da08bc50cd229f6
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
789ec88a3dd44e9cfbe94630997686c968ea8a9bfa8a5427abdaa2b563d7d2bb
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
822f0aefdc2a90a651e1b2b3fab76d22f27f93ec184885c45ae1dba0bfda58af
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83913368b5e37ab8727ba6c71c58a39066c737ec7a7ba2634af72c033906edd0
84036856b85cd9613dd98a1271b7a0dce86bf6a96bf803e742f4182bb4d2e25f
84148c178485a93370c7d2ec828b9243b374bbe3ace157cc583e4e2366290a6d
86e1f219eee7a810c1bd485500e89b11720c3bb837a789ffd9d1542880de7e2a
87d54d6a6dd61ad38f7dbf698ecfc6ab671ccd4562e96854d994c1aafd2735d4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcc5391b95915549455f3762896894832fcf344796750a65b7d6f22f77175dd
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
9230faee7b06801424b223f12feab5d7d891ac0af9cbd7bb9a3f2ddebed5fa2a
93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
95c6b54d0a240fa62f4f2de6d5f7985f92a4628b8f1daa5ba9d41710426309dc
9736b95c6f7edd0a7018f2d7e60dd38e62ba76c8df1ee50070c2c4bbcf5c82c3
9a647e9631112bebf06ddb2913d3d14ad21d776e0d7a23aeafe9acd2564ceec4
9a9b53471478d07000ae774369dcb42bd37962c3513508974be3d48a47b082d5
9dbfd7b38b51c4ab599d18a1b1638306cf58dd6f9b226474bbaf3a05cd78aa2f
a04bd0164745a833ee292a919444e4a78123a566b4835134cca407f08d039ecb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14b2700bac5a576e25c4ab5d7fe1f4ca1f84c1c4c224d8836277b0e3ef54671
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f37fcf1f9de98aa757fce6993698a27d8419cf661c5d57e2b874de3586b02b
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a95ce1274bb4e8cb0aaa87840c047f13bf5218e42d112414574a6bf7466ab807
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac149f2c666919ad38118aaf028842224920c774c4f3a472d872c82bc780f8af
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
aff1f15edf279570eea7f32ed37e2c17c4c54f2fb03e48ebd5ba3e9e32c40a91
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b495eb0deee92bca5b732d594a7628295335d8c0898ff872b3193694781c31c0
b980b1cc6c7ce6a71b5af75d34deb36b119dcc76943eac074ba34f9572f1ea66
bc0b983168321ca544319549a1f0501fc0e3c6f9d9670258a2bbe651607f326c
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd11b7359e5a77aa86f1ccbc4c9898b272387346cb8c5e7494d7b9b9d41efc60
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c481ea2d7c4d90605ed5bd770b69185c065ec141d3aef69f1d9e2b36eeb05bf4
c4c955bff04a33581b63b6c155631f3125f4437c11fdf62f96aabc69f7a193c3
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9b963d330731aacb94c291f5cbd589ece9e1fb361b272e1d614a46d30ea3e6f
ca2c6ba76ef2780ee08b2fa667749b8af7563efdc08f69aaa031715c32f34943
ca5d11e3500a54763da245f12cef4eca4af5ea75a76f984e2bf1a77a8157da3c
caded58b7c9843a759b1a9fcbc34dc56473847115dc963f97ed4bb1b8228f185
cd1b547928690e57bb3041acac5530914da24c2b6d3a02b9162cfd8c177ec352
d6c4b269b76cb56d44dfe6ebab209f1c12dabebe017b92bfb2282243d06bc00d
d72baf684716c19fe88246d973a7992dfcebc8e1986d42508d1f2564684efe1b
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
e304e669e97d797c74c2d5f5ec30faa5f6d9d5e9cf7c3ad3db6a94c6d86ddf41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e425b144372683d64c074f5340c4dba67d015950d4b717a33dbe8fe9a7b937b5
e53b754f5265866cf9468ac7215be82f5287c178ba76f3ee69cee153445b862c
e85c70b5ea5fbeaef353f560aef187cf27ae5be19b9f8c6008365c958fe27b18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fb1a4ba6f755c19e25d64d3a7f74d597349962dcaa6c07ce997493c8db1e4bcf
fba3b0f2008b02484f52538ab02f60696dd4bab24b6c4c1fa1f3ba7e5dc0ebf3
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd3cfce2aa145ece7444058547eb1655c81ca120a708f6a355ad188ae0c52d37
fe0d48d1f2958da7fe6d7b5d577eadcf46417f64c455690008a1d16ef2f61bcd
fefb24befc5c4719cf451122a77091058f7ec0fe67a35b83841227049691c583

www.baltana.com Open in urlscan Pro 95.211.152.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

185 Requests

72 %HTTPS

46 %IPv6

44 Domains

68 Subdomains

56 IPs

7 Countries

2145 kBTransfer

4494 kBSize

7 Cookies

1 Outgoing links

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baltana.com Open in urlscan Pro
95.211.152.187 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

72 %
HTTPS

46 %
IPv6

44
Domains

68
Subdomains

56
IPs

7
Countries

2145 kB
Transfer

4494 kB
Size

7
Cookies

185 HTTP transactions
4 data transactions