www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/t3y2yma71dwo
Effective URL:
https://www.babup.com/file.php?get=t3y2yma71dwo
Submission: On August 30 via manual (August 30th 2023, 12:11:31 am UTC) from RO — Scanned from CH

Summary HTTP 227 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 36 domains to perform 227 HTTP transactions. The main IP is 51.15.15.22, located in Derby, United Kingdom and belongs to Online SAS, FR. The main domain is www.babup.com.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.

This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 7	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	51.15.15.22 51.15.15.22	12876 (Online SAS) (Online SAS)
30	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 31	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
12	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400a:8::7	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 2	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
4 4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.9.22.61 3.9.22.61	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
2	18.170.168.253 18.170.168.253	16509 (AMAZON-02) (AMAZON-02)
227	37

7 188.114.97.3 (Amsterdam, Netherlands) 7 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.15.15.22 (Derby, United Kingdom)

ASN12876 (Online SAS, FR)
PTR: server.babup.com

www.babup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400a:8::7 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

r2---sn-1gieen7e.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.153 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.9.22.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.168.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-168-253.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ade.googlesyndication.com — Cisco Umbrella Rank: 339	469 KB
45	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 bid.g.doubleclick.net — Cisco Umbrella Rank: 825 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 ad.doubleclick.net — Cisco Umbrella Rank: 175	193 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33567 ad4m.at — Cisco Umbrella Rank: 11581 assets.ad4m.at — Cisco Umbrella Rank: 43002	849 KB
22	file-upload.org www.file-upload.org	550 KB
18	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	93 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366 fonts.googleapis.com — Cisco Umbrella Rank: 45 imasdk.googleapis.com — Cisco Umbrella Rank: 510	295 KB
7	file-upload.com 7 redirects www.file-upload.com	3 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1220 r2---sn-1gieen7e.c.2mdn.net	2 MB
4	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 177820 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 143599	8 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 1944	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	226 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 483 www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	38 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 29464 api.webgains.io — Cisco Umbrella Rank: 74714	18 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 47454	92 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	173 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 18043	1 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 77870	3 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 73054	875 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 72418	525 B
2	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 681	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	893 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 597	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 626	725 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	142 KB
2	babup.com www.babup.com	9 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14873	9 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6414	554 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	731 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 798	463 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1700	587 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 46289	610 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 800	716 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	600 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	alexametrics.com Failed certify-js.alexametrics.com Failed
227	36

	Domain	Requested by
30	pagead2.googlesyndication.com	www.babup.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com imasdk.googleapis.com
27	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.babup.com
23	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
22	www.file-upload.org	www.file-upload.org www.babup.com
12	assets.ad4m.at	as.ad4m.at
12	csi.gstatic.com	imasdk.googleapis.com
10	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
8	ade.googlesyndication.com	www.babup.com
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
7	www.file-upload.com	7 redirects
4	ad.doubleclick.net	4 redirects
4	r2---sn-1gieen7e.c.2mdn.net	googleads.g.doubleclick.net www.babup.com
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
3	track.webgains.com	as.ad4m.at
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	connect.facebook.net	www.babup.com connect.facebook.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	rtb-csync.smartadserver.com	1 redirects
2	googleads4.g.doubleclick.net	www.babup.com
2	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
2	static-de.ad4mat.net	as.ad4m.at
2	dclk-match.dotomi.com	2 redirects
2	c1.adform.net	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	s.tribalfusion.com	googleads.g.doubleclick.net
2	a.tribalfusion.com	2 redirects
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.babup.com www.googletagmanager.com
2	www.babup.com	www.file-upload.org www.babup.com
2	images.dmca.com	www.file-upload.org www.babup.com
1	analytics.webgains.io	track.webgains.com
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.babup.com
1	ssl.google-analytics.com	www.babup.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	certify-js.alexametrics.com Failed	www.babup.com
227	54

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.com
www.file-up.org
www.dmca.com
safeweb.norton.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
www.babup.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-08` - `2023-09-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-22` - `2023-10-31`	2 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.babup.com/file.php?get=t3y2yma71dwo
Frame ID: DF73DE7057D7335FDA8323A32834B89A
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 215A1677758B3BCAB280F8DE59F58025
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1693347085&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285256&bpp=31&bdt=138&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6718260279736&frm=20&pv=2&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 581794093AA16ABA9FB8BF990C64E1BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
Frame ID: E588A9EBCD2A991ACCFA9567A8C5CA8E
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
Frame ID: 8B7AAFAADB3FA95D9152C40633B71D27
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285353&bpp=1&bdt=235&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2AcHOmq4UC&p=https%3A//www.babup.com&dtd=145
Frame ID: F18B5C7F100CBE1212CF5538E82FAF08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3
Frame ID: 0EF5B9DCD735877308C4EFC51290F144
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6
Frame ID: 91D8EEA4DD52C68CD98439BA32A13362
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: A615C0FBA8D07A5CCE814EA6694C32B8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Frame ID: DB884F4360282057F7DACCECDB8F3A0C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 199916AEC22C215D73990FBB2A4B0728
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jj8h1p42txgk2rnmdxz98ecy1xqw7c1m2avdazaagn8wtwe2wchrepg22pfc9mg9pcs6wn6x6zah6wqq3f617r0gw5821mjq2sg30sq56c8nhsnfqf88x9zym32hevgy0ks15t9q3m8yd53azntbx8fp0rsj4hhkhqdsazpgyeb4yc50yqp3wmtxrb7brnbcfa5b2cr556bx6tqdpn2215e1dkgz0jta6ksg8ky1tbgs7gcyvhkmwrwhram4r188611pacqa10cckt4qjysjtqr6vdnm08rbgrz5m42exf2v42hsp5jdmx6fqr6kfdczc45kydbcfrc4wvex8gvxr7yfjwck7fvy6cm2k401n0p9tp5y07g678r39raw33b6rz9xvpj6sxarx8ww8syga25kxbevj68h5vv19eb1yg011rt73x3yz7dx7k7dgatvz8ejqkg7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%26client%3Dca-pub-9176521898341909%26adurl%3D
Frame ID: 6EFBC66327679BAFF4F2F50D52B8A6AB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: DBD90F96906757861AF6C06F229C7A0B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C2F77EDB8EB7B2356EDED3E62B2FA5A9
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jj066m7fc2xy94am6pxhkqfds92yzbq64z259c2pkfsj0bxm41d95vtv7y8qtq34qdhejemggr7ecgcfengs8n8b66pc15aqpg44w8bdxjz4y13k926mgavksyf891nmjsnmyc212f8h2yysqyemw1m6vd8tpyp8bhsmzzksqrw16fjb0jcg0wpf6549k6h52xc4pv600hszn9zny783wfz31b0809g0kcxbsehcm3pcnj3djr658e5hfn11df9jbg8fprbrdxvd6k6treenmytzp1c0kedmkmx88b21h99r9hgwgj2z9v8cmwj97hmd277tt41w9rfq5amqx6vk99weynj1f54kqkykeh29f0fh0j4jx3zqs5sqdtx4fmvbwg2fs051wf9jrw1699h5zagexptqf3gfx5zjgee5831g1z3j5nqc5a0skevr49d6jqp7av9nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%26client%3Dca-pub-9176521898341909%26adurl%3D
Frame ID: 52A22089CA05A201C9CCA71F68B953D9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: ABD36B4C14ACC54BA88CC080534F518C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6E663AE4BE7209D6329B1013E44CF347
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 1579089BAD9E06E884E44E0211132CEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 18C47D75161F85D9747958388E2F2A8E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8BD5D3BC3374F6F65148AF412C753924
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Frame ID: 1DDA29CBF60BCD89D1CF0C604532703A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1E099E2F62357FCE9D0ADC053E31A9D2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 654B5484A5F4761DC43E4C4D24265499
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 097026A7631E11443595A574309AF6E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5311C85DC4065E48FE35EE330922BFD0
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Frame ID: 9CE8AFF83C275420B6963B7EC210BA56
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Frame ID: 88F6E6C787FE75A15FB04688293C9B7F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/t3y2yma71dwo HTTP 301
https://www.file-upload.org/t3y2yma71dwo Page URL
https://www.babup.com/file.php?get=t3y2yma71dwo Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

227
Requests

89 %
HTTPS

53 %
IPv6

36
Domains

54
Subdomains

37
IPs

8
Countries

4805 kB
Transfer

9112 kB
Size

30
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.com/t3y2yma71dwo
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/t3y2yma71dwo HTTP 301
https://www.file-upload.org/t3y2yma71dwo Page URL
https://www.babup.com/file.php?get=t3y2yma71dwo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/t3y2yma71dwo HTTP 301
https://www.file-upload.org/t3y2yma71dwo

Request Chain 16

https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
https://www.file-upload.org/mngez/css/app.css?v=1

Request Chain 21

https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
https://www.file-upload.org/mngez/js/app.js?v=20

Request Chain 22

https://www.file-upload.com/assets/images/logo_new.png HTTP 301
https://www.file-upload.org/assets/images/logo_new.png

Request Chain 24

https://www.file-upload.com/mngez/images/anti1.png HTTP 301
https://www.file-upload.org/mngez/images/anti1.png

Request Chain 25

https://www.file-upload.com/mngez/images/anti2.png HTTP 301
https://www.file-upload.org/mngez/images/anti2.png

Request Chain 27

https://www.file-upload.com/assets/images/norton.png HTTP 301
https://www.file-upload.org/assets/images/norton.png

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://gcdn.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/879F0D56FDC6A59CBBAB7CB7A24FD37E529A71C1.3B53076216452BA50DD2A278E4165795841B6643/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DDDC2DEB154FB56DC643E847D0601D6D632AB75.0C1CDE348A76407A6A07E06A1B04951346133EDE/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4

Request Chain 116

https://gcdn.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/47B5C9AF69534B5A9A0A4AC94FD9889E771A60E6.632967A556BDFDFA3823681B80747BD5A8030314/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FBF341D5FF2E52C6E331CFBCA6670B47AD20EE7.4ED6CB578396B9FE795D7F1EC4AD19C09E27C5D7/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4

Request Chain 121

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIX1jLqhoXyeq58iF1CMhxc&google_cver=1&google_push=AXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIX1jLqhoXyeq58iF1CMhxc&google_cver=1&google_push=AXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 122

https://um.simpli.fi/gp_match?google_gid=CAESEJRSvbpVyHiCe_At8wBAwMQ&google_cver=1&google_push=AXcoOmSf1BNlfXQ7uQdiczXRe6_gm3y8n9sNUuHi-KBW-OaZhAJlUfUTFkoKPi0i0wmSkROXBbk3a1KAhgQWwoPrGtuzgInJzmjbsW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDCCA7A42FB742B89994895F31B0C9AF&google_push=AXcoOmSf1BNlfXQ7uQdiczXRe6_gm3y8n9sNUuHi-KBW-OaZhAJlUfUTFkoKPi0i0wmSkROXBbk3a1KAhgQWwoPrGtuzgInJzmjbsW8

Request Chain 123

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOctlM7hMcZmEZqdSHbvAqA&google_cver=1&google_push=AXcoOmRArRLwe-l7UFFfOYRVpAbwGXB-XZL0TTJGiP823J_J0eNjn7LjZem7QASCAn8nVaDTWp_3tIrPK-ooDmomH1AW3TBIfN0PhQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRArRLwe-l7UFFfOYRVpAbwGXB-XZL0TTJGiP823J_J0eNjn7LjZem7QASCAn8nVaDTWp_3tIrPK-ooDmomH1AW3TBIfN0PhQ&google_hm=hjWb0X8yRCuKn2ygz2fVS-4

Request Chain 124

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHjTYonmzeiZYKl2B_3jtg8&google_cver=1&google_push=AXcoOmSitQTe8MOO3NT0g7B2r665ub-fA2lsdFy2vA44Mov-OSRSAVriNRZ9F9pHeEWK9wwHB6mrI4JDDaSgLh2ovlrf7N2iBkDd6bs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkwMTI3ODkxODI0NDUwMw%3D%3D&google_push=AXcoOmSitQTe8MOO3NT0g7B2r665ub-fA2lsdFy2vA44Mov-OSRSAVriNRZ9F9pHeEWK9wwHB6mrI4JDDaSgLh2ovlrf7N2iBkDd6bs

Request Chain 126

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFRbp8mtzZKeRscviWYt8cs&google_cver=1&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7blCnzPdddeuh17P1Nqutnty60 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFRbp8mtzZKeRscviWYt8cs&google_cver=1&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7blCnzPdddeuh17P1Nqutnty60 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2MTE5NTcyNDk2NDYyNjU0MQ&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7blCnzPdddeuh17P1Nqutnty60

Request Chain 132

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_cver=1&google_push=AXcoOmS_f8b9UYPuMlHfuwGgFHvwlplnB9vOR1VALJh2CE7n21ukOFSQyjvBHRkVAOi4nZ7z8KHXfqWs4vxks7vM8T75hJ6GGWtNbss HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=67f226b9e1fd182f&is_secure=true&networkId=14000&version=1&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_cver=1&google_push=AXcoOmS_f8b9UYPuMlHfuwGgFHvwlplnB9vOR1VALJh2CE7n21ukOFSQyjvBHRkVAOi4nZ7z8KHXfqWs4vxks7vM8T75hJ6GGWtNbss HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH7sG39dI2_gMiU2mWAAAAAAA&expiration=1693440686&google_cver=1&is_secure=true&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_push=AXcoOmS_f8b9UYPuMlHfuwGgFHvwlplnB9vOR1VALJh2CE7n21ukOFSQyjvBHRkVAOi4nZ7z8KHXfqWs4vxks7vM8T75hJ6GGWtNbss

Request Chain 133

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKJfumBfjFlzhlqjRpzlkP0&google_cver=1&google_push=AXcoOmT2SWYB8QWfemy_zX2QOp4TJSH879yd7Iv0Wk1lxi1cBdREIKbpzNBkwPXcBZl0iK7fh0lcA2et8S6JjDtkwFZZNunKRrGbMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmT2SWYB8QWfemy_zX2QOp4TJSH879yd7Iv0Wk1lxi1cBdREIKbpzNBkwPXcBZl0iK7fh0lcA2et8S6JjDtkwFZZNunKRrGbMg

Request Chain 134

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJiVkvmqGZbSmwPdAlnAcZU&google_cver=1&google_push=AXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJiVkvmqGZbSmwPdAlnAcZU&google_cver=1&google_push=AXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 135

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJZprRQzhb_lSXDf2-9G77s&google_cver=1&google_push=AXcoOmQbRuW5KHyygtd4X_f7OnXnjVT2jnT54FN3e3c2_fO4_xifZR1mVJyMqPZyCI1T_5htQaiblc2_U0HsvRWI7LFL2Y-E-nAHJ_w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YV2ma56bReim8R0tVW9zgA2&google_push=AXcoOmQbRuW5KHyygtd4X_f7OnXnjVT2jnT54FN3e3c2_fO4_xifZR1mVJyMqPZyCI1T_5htQaiblc2_U0HsvRWI7LFL2Y-E-nAHJ_w

Request Chain 160

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTTzIQFEML93okFGILolPQBIAEwAQ&v=APEucNUz-FRI_PX5_JIGoYtpO2vZHUFjMx71NewypPUyOmvchaNJzSQbjdqEuduIkhtXUYJRmWnf6gJDvAj0ukqfgI5P-ltFLQ HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=MjUwMjYyNTUxMzQyMjQ5ODY2OA== HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEe3F3x-voS_YT3DntiGoY&google_cver=1

Request Chain 192

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COaviqaMg4EDFXif_QcdBVQGcw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218

Request Chain 201

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJKziqaMg4EDFWCR_QcdUVAEoA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218

227 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

t3y2yma71dwo Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/t3y2yma71dwo
https://www.file-upload.org/t3y2yma71dwo

27 KB
7 KB

132ms
72ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f890c1c9aa257234b4bd4e274e0febaf4cff004095124acb4f64b2ff54efe37

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe8d0f7c8880e5a-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 00:11:24 GMT
expires: Tue, 29 Aug 2023 00:11:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7SfdI%2F5WuPP0pwvvfLCWt%2FE%2Bw09pt%2FgJDxitrASy9h3LnynfFwPa4A2GR6WFkKNmxst18tSKxR3gdavw19SNtMk25MDOCOFr5vEs2SesYwhSAxHo0b3tFBWMXqeIIqBX4YJpWh7ujybKE7Yz0k5kjyW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe8d0f70f760e59-MXP
content-type: text/html
date: Wed, 30 Aug 2023 00:11:24 GMT
location: https://www.file-upload.org/t3y2yma71dwo
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mniSsFsLPC2y29Kc%2Fyp25pomRKe9Tx1AHwpsZeH7ifAdYlc5wnKA5PdixBX7Bs%2B7%2BXGjX7deCio0rp6qVMdIMjtHjPCMOubLoupbTCZpJLmqHTqJf%2BnLPepW3gNRr%2FiRf6Ez67uZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 31ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101973
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B%2BPKjoXxPGqeU%2FkNZAQusivTrVZCsWxsSssMyvaVTiYRYSw7T%2FJnn%2Bmt1AgQr%2FRfAUVy02EC6mqVaVioOfVDNKiAHyU3BnfKLyg0KoM4icCoXYdy5dLb2XkieNYqyxHwd7uHZLd0dmTCBfa2Yuc3hcu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 7fe8d0f848e60e5a-MXP
expires: Tue, 29 Aug 2023 19:51:51 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 88ms
88ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=if5t7ci6QgT%2FKyJfNO1c9PPFh6gPvybgjpHi6nTSCP8Kifz6sRUYOV3mR79erTjuqpw92ZZ93HKyqZrKN5Myqddj2k6R1SVBJvHDtZ7sgh92KhbVRBVda6S%2BJ2ZNSp%2FmwOBOSoUsUmvJ3DsnMzBqnXUD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 7fe8d0f848e70e5a-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 24ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790847
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPU%2B9jtxyYB6vjL36hfSMeSuS39dQU2%2F0sBuC0RjINQJPf895ZaVeRMOrcRj3%2FvVHv%2Fg3e%2FtuggaG1h%2B8XDcLzv5wXpgjCxT%2BAZdt6eTfPOF6ix1fCTmHcl%2B2WykKAjK%2BB7NQ9BvOqU110s%2BAcNe9fK%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0f899cfbaa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
19ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e60500-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwKtED1seJlqMFzYEExEjExjnibfGrO6wcYCaMGg9LODkO%2Fy9APOJa0F6e0wWNJnbfWB1jJaZckBLsLqJgyxXT2NcfCtd5vZOlXRkN4tqaGhD%2FkmkbDKohIoN8t2GTnzYvv11iadBmWNYGIiFikrM0YT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7fe8d0f879140e5a-MXP
expires: Fri, 01 Sep 2023 00:11:24 GMT

GET
H3 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 26ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790847
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kGY3vST1Y%2B8e%2FxgCUQ13ejjCUos3qAlJBpC8nyGAKrgGHc9m%2Bz0d%2BNuRypku9dV5NR%2B2nM8vR9v0ujg6sayb9Vr9b64VW9TAcumOnfr%2FZoXWE5fRUzXJ8G3yXDFDoY%2FiVX6L7OnIJVpCTBYkh09ExVY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0f8c9e3baa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H3 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 24ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790847
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AH%2BCi7sgcmMcXQesI3x38Kki3Pn2OGlUwUQeFtyTipe%2FiiPutN30PVxHANCxMJshEBgWnRraDA0lOXa3LBPelz8OsI%2FS0NkNukck2QDgYuVdoBFFs5C%2FIbGrpAWiNH4F2TqOYZBvloH5iIlswNaPr8EZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0f8f9fabaa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 67ms
22ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1693354285.cds032.ml1.hn,1693354285.cds208.ml1.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 25ms
25ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790847
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj78FhOJHx0qSK7ez9tbpaj2I6DI9qsOvjC4w6sxKblonYmgSsysUuEjfyiYQRHwVGTPT7aEiB1yJTtFlMCmVYrE540P5cHrnUu6ivdhtRS51bJRmB9%2F%2Fc6k%2BpTRs9j0Lsb7pg39ZoUJYSbssofjYev2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0f92a13baa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

GET
H/1.1 200
OK Primary Request file.php Show response
www.babup.com/ 23 KB
7 KB 133ms
59ms Document
text/html 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/file.php?get=t3y2yma71dwo
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 Derby, United Kingdom, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips / PHP/7.2.34
Resource Hash: 16562f8e37397449cc960ca61b93725cdf75640e2c48cc67608de4ac4cdbf416

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6845
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Aug 2023 00:11:25 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.2.34

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 25ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2794040
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUa%2F3FS5Vu3leqI4QsvT4rS9gtLhj86ChjOZam525eKSZ2EaE7A6EEhXkze2nNdTeuj03z1UbFaQ%2B52KB1d45I0Ye%2F2HRbDJW6hq7eUxF06uZmbo82s4lkjgYS6PloapJMK4nyghl8rmdoOiwDKnkZxK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0f93a1dbaa3-MXP
expires: Fri, 04 Aug 2023 16:04:04 GMT

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 25ms
25ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 491
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqhT73r%2BQ9OFN%2BF651Kbp01gUwjB0gM%2BeH0ohaV9v2o5LPrgi%2FmnpgBk0lWANJcwDfqIIFBoTneCq2DoJwukdYNJuMwldHiVf3%2Foumphiuk4eCLOneIvgssfTFusz%2BjUbQ%2F2L3Rv0CvJ916ks6w2YcS7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fe8d0f93a1ebaa3-MXP
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 59ms
59ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5905
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbKpVVq2WBujEp%2BrUNpHHMXBvj4JESISnXHVLsKLJNklCG6HWyWyRVDgF8iNUouRQkkyqtjfNEmTdZRIwlLr3ozqpDpDYPJqNlAOS8Rb7wyWcV5PREDnZcmoWLHEGO6Z1Q7lvzV5uVNQH9OjdU9G7RXH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fe8d0f93a1fbaa3-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 59ms
59ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:24 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1524
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0SbdEksy79lOK0jzkqBhwAOjrvWUL9JiW%2F%2FBqvlX5a%2BQe1Pz2HdxS7HCL1HE7RclruwRlGmpsKwy87ZoSEfmWhnsz1zYlq5FWQ4nQwtBE1E9H2VvUhqUIKXPmaJS8WgNBLKj6qIkywlgHzo2kJKYQeY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fe8d0f93a21baa3-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 93ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbcf92da9d738d8b4e2433d51ec4278b7fd26456de7c28aca695e8a9c13cea54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51214
x-xss-protection: 0
server: cafe
etag: 10229951737973725926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H/1.1 200
OK blockadblock.js Show response
www.babup.com/ 7 KB
2 KB 26ms
26ms Script
application/javascript 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/blockadblock.js
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 Derby, United Kingdom, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips /
Resource Hash: 7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=t3y2yma71dwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 00:11:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:11:48 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
ETag: "1b23-6038039110a59-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1948

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 83ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e42867786a891fb5580e5e58b56a366255c3bf47b21362cc9cb66de0836ab98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H3

200

app.css
www.file-upload.org/mngez/css/
Redirect Chain

https://www.file-upload.com/mngez/css/app.css?v=1
https://www.file-upload.org/mngez/css/app.css?v=1

247 KB
41 KB

28ms
28ms

Stylesheet
text/css

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98836
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dB5sRncbVqCPnlmWnRmx9417no5kLriGrOBgPuHuF0ae0fMq2Yb%2FEwpYvTLNdnbNfbGPMonAKuAxmD2sUk6451mUYWc2yvRmm1CMnup3xbTxHkww2N4%2BOMB%2BWeXvWOgwc%2FvSpF7nu6iF7WaSBd%2F%2Bnpr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 7fe8d0fa3a9bbaa3-MXP
expires: Tue, 29 Aug 2023 20:44:09 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 749
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mEoIj9y8%2BuQvGPL9DUSt2Ic2y%2FMO6gTOCnV8tuChf%2F3mPt8IrP%2F8zLZ1WGB3yTZOLJfJk9Q%2Bpap%2Bj0rc41hkFsva9ovfCqgHjYWxEYvfH2RfDDB8mr8tqR4vfuxfceU%2BcB7JhhG"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/css/app.css?v=1
cache-control: max-age=31536000
cf-ray: 7fe8d0fa09210e59-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
85 KB 71ms
47ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e234254eb97c999d6c48886ec582715c99b676292cd0cc9d54e64f47c520622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 00:11:25 GMT
content-md5: sKZUm5cf6rh30rw65rKoEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87401
x-fb-debug: JixXxFQb2qUfcnWGJYlWTPjO2tzjFdXd3FHsnTA0TxFDRvHlwmu/P9VK1efsjRJEk0StBOJnLVyxnTHBkDJ3ZQ==
x-fb-content-md5: e119c4594445afdca02c18def4666de0
cross-origin-opener-policy: same-origin-allow-popups
etag: "de7b958e2b5ba75473c345e730de847c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Aug 2024 20:19:05 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 76ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

989d64143daa6c7a6dc9a598a13411c777588c26f58066b40817ec6b7faef877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 00:11:25 GMT
content-md5: 90j0JWbFMI72ZndJ2ZLKSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: iLEsLM6/hsxIkBNoVGcF3CVRNGXkYDau62g8PMlnofUWbzHvU0I0wV1yNdYwQ6twIDHiiwsWgVsr2PHENhjH2g==
x-fb-content-md5: 28b5cf4011984242999d24ae14139a0e
cross-origin-opener-policy: same-origin-allow-popups
etag: "122896a4c67acf302631f6773f89c7f3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:14:19 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 97ms
20ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 23:19:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3086
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 30 Aug 2023 01:19:59 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H3

200

app.js Show response
www.file-upload.org/mngez/js/
Redirect Chain

https://www.file-upload.com/mngez/js/app.js?v=20
https://www.file-upload.org/mngez/js/app.js?v=20

235 KB
80 KB

87ms
87ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xDqitybFk1CgLwNvLydtSHFG%2BjB4Q49DRMMiAudCyxMa%2BWvbBoNyYfV1rb1L5auBwBQEN2NY25a5fuHrxouPe3ZtefwIrBaJe4KumTyiogOPaBznVlQPJEJg6s%2FnMX9RaMBbkBoR%2Bm0RLrJMacgE7eu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 7fe8d0fa3a9dbaa3-MXP
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 749
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jt3lY%2FUwzklGzkc9zXA6WEJA4cu%2FF6143WPXzfcxf0KO%2FD2jaRWanhipDBwAC%2FqpNUcbGaRqQUZmE%2FxL4TcccSAajuSU1P42b2COwE70G%2Fya%2F3NQSIKKF143V%2Bp2xPea1SFO0qu9"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/js/app.js?v=20
cache-control: max-age=31536000
cf-ray: 7fe8d0fa09230e59-MXP
alt-svc: h3=":443"; ma=86400

GET
H3

200

logo_new.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/logo_new.png
https://www.file-upload.org/assets/images/logo_new.png

3 KB
4 KB

24ms
24ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790848
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08kPN293%2BrUiqMyq39CwqluFw30v8B1Q%2FDIq36G46xMYTczmw1smTePL8J2xjKtpLu3%2BItNI0nAZNqDlhJCdeEiYbCLULVAJFiHD2AQ8xSJHJJH1dW5mWNg6lifHUKaRw5QQmruEp6a1KKADPE48GJQc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fb3b3bbaa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 768
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BqhTxXcjKBgA%2FlA2H5yKaS3V1Fb5SWtShqXVX5c4VZ9DubRaBsEziL2Cr8wUrqQpssH0DOK4VSjv9xUBeE8PqeF7ZjBPlhmi79%2Ff4YRhCcOBfjcOEsiuaz5GDb3lchCBrRvja5f"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/logo_new.png
cache-control: max-age=31536000
cf-ray: 7fe8d0fb0e01bb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 04:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 04:19:13 GMT

GET
H3

200

anti1.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti1.png
https://www.file-upload.org/mngez/images/anti1.png

19 KB
19 KB

24ms
24ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790848
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLHovZ7q2eVtwMgnixm44w49qWmZJg6%2BEKGIq%2F1EYf4QAtRmwhOA10nt3MHCr2AqsiMbgGdoxniiEIGWr5c3HFCGC1Wi8TCKfncTXLCO6k6cpuUq5RAatbzGExhf23gSVzHf3xgLrt1pA4Vai4UrLpXv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fb3b3abaa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 768
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTFI8KQIEb0sMGMoCAWcH18vQKmjTQClnShKO8lTMAA2FGnShXEuILgrU9J7CiGtfVwqWtqpeZPxsrAXAT8MXgPM6LzfC24l335SUmv%2BpGLqsefscYxrYRgmMtMgD%2B8j4%2FRbUvNM"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti1.png
cache-control: max-age=31536000
cf-ray: 7fe8d0fb0e02bb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H3

200

anti2.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti2.png
https://www.file-upload.org/mngez/images/anti2.png

641 B
1 KB

24ms
24ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790848
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eAOyRNiw5B5rr%2Fp7%2FJ4Yg%2FSeNxQx4zmr9VmDZYI2b8sugMgVjUpvJ9H3fR3QVFVmWs33q%2B1NCUBmhy7qA%2BQqfiB9bLLqkexsbFSABqhgJd8GXfAtGHK9%2B3UJh7GP%2BCsbmnjU5FE%2BklaBC77dSAFLMNu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fb3b35baa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 768
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR%2Bx%2B5o20HBREtMKEhpr59a%2F5nA%2BXwUY4MI5HWeF0oAKT7wLgAyYH%2BpmvnRrbR90gE3s0RzV68FqctMM%2B2DR52thgAeR5RSuRgQM1JMMXAk69CUeA2es%2FtWh0RavIBCjeLV7QxJe"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti2.png
cache-control: max-age=31536000
cf-ray: 7fe8d0fb0e03bb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
4 KB 22ms
21ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=t3y2yma71dwo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "0abbdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1693354285.cds032.ml1.hn,1693354285.cds208.ml1.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length: 4535

GET
H3

200

norton.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/norton.png
https://www.file-upload.org/assets/images/norton.png

5 KB
5 KB

28ms
28ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2790848
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i3wtvq8RMRNb4qdJqcKNFjoorRZUZQ5%2BHCR0kXnlt1C3HwPMDwdLvfRDyAurcCQkpDcAyuqyhQlXJ8ByoOUZKy1Sj1gXD%2FXfsiG5t8O2nh2qtIOlCZieeQY%2FcKe3TZu6%2BB7I9nskijRl1I4UWeBCmDm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fb3b38baa3-MXP
expires: Fri, 04 Aug 2023 16:57:17 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 768
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnTYkOlNml8NXLJnL0uj4G20fFeyAxL%2FJ4J3qkusdRL%2FZf0R8wIlxV%2B7eQl38eoxyOBYkbQbco9fdlatmaonltnFRTawrMHpKNs2LQSClyvZSRfDRbbOb%2B5GlH77rTSveSnhD4je"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/norton.png
cache-control: max-age=31536000
cf-ray: 7fe8d0fb0e04bb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
85 KB 46ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b927168766bd75b2dfb5191b714d24f2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3e09b743758ee6c93e3417711285714a940448063534a8620d502f5842326a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 00:11:25 GMT
content-md5: ybeBQkhDangEGKGCPP79iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87351
x-fb-debug: ruuSOzU6HuCWxJWyGH4xIEdFusYuMLcxx0M1p14VqG4gJGxqyWXINcQl8pA/wQSaD8G/N5b7YJ4t4ldXZFjbHg==
x-fb-content-md5: 22feca6e4bdd15d636a8115af4aee09c
cross-origin-opener-policy: same-origin-allow-popups
etag: "de6acde312de87c8580c42879c92a340"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Aug 2024 21:09:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 387 KB
131 KB 102ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9176521898341909&plah=www.babup.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd52bc8708398a69f603e979d7f1871976c369547570836aed22f4f93b36e676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134171
x-xss-protection: 0
server: cafe
etag: 10142336417868767541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 215A 10 KB
5 KB 77ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 18:01:26 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 18:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 23ms
23ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2794041
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVFrmXc6jv0IE37DVcf6jQTy%2BWJ1WxyVrisJoi6C29dey2sDDx%2BNByOoBPlQjXjnky0wH%2BPJtjgjtYBzH3bXQEDeZbhaKJJTF4ZHXMCpvc%2FITAaJTw7ki4K4BFRtmXzn1K7iPU6NG6CQwrpfOQS4KGKZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fb1b22baa3-MXP
expires: Fri, 04 Aug 2023 16:04:04 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H3 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 24ms
23ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135034
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOalFdrsquU3AJuCBZyAYm87XUFu3k9W7mW%2BWY7RWOrUAwe2kTmL4V48Xa71EAEJKwGsMDqtmrpK71HHm%2BoYrKAL2yIShw6zri8MA0DT%2F96Jmva1%2F6WvqPipz3kMR9wglOBg2DRsT9%2Bmjx8xryxEG72M"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fb88cd59e9-MXP

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 28ms
27ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135034
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF7LQ8AUgPba4VJfsnknSsybzrd8iMjtbmLmmLVBNtIaItvUCmxECx3KioZ91Mv3Yh%2F8kJJs0lLSuz6zmoyqtaKoivKVbYG201VYwf2Avlklh9jUUrrVi2GPZzqvpkdVbEAvHGsC74C2JYsDJMtCKNKB"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fbc8e659e9-MXP

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 28ms
28ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135034
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyuiiZVHZfuQFwkGeURwCSJrNAPJZGCeYQnQXvr%2FOqOWjZI9rZav8VmAD5TKv4JSwPJWQvNjNeuzzM6NPo%2B0v1z%2BTziz6vMCf7nMBLUh6fLVNOAfZDNetTjKicKzgL99SYumF%2FTQwEpM2fISoUL4oSoY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe8d0fbc8e759e9-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

711c485712a312c2d2cf10b6299b62c92700fa2d7d6987c0c96acd2cf634604e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 23:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1302
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 30 Aug 2023 01:49:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 76ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.babup.com&callback=_gfp_s_&client=ca-pub-9176521898341909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9176521898341909&plah=www.babup.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c0579eb5fec67ac6a9b340e3c8f7902db02d11e43f8321ff7b06e3471181b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5817 272 KB
56 KB 364ms
363ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1693347085&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285256&bpp=31&bdt=138&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6718260279736&frm=20&pv=2&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f52d7af57493f0a372baa99cd91be08dc6e6db510beed86e46274fca1c694d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:25 GMT
expires: Wed, 30 Aug 2023 00:11:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E588 79 KB
26 KB 311ms
311ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7fe9ff4e84b63863f1ba7700f7af7446adb24a59ab48848dcab753bea1e1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26614
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:25 GMT
expires: Wed, 30 Aug 2023 00:11:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B7A 79 KB
26 KB 328ms
328ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28e2378b644b4548b6256a5ceb1edc4a3944f07a1a523a6bf1d642fd7a4c6d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26440
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:25 GMT
expires: Wed, 30 Aug 2023 00:11:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F18B 436 B
433 B 205ms
205ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285353&bpp=1&bdt=235&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=2AcHOmq4UC&p=https%3A//www.babup.com&dtd=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc08f9515bd3023bfea5224538657ef40732a96741489ac9ffc21f25b128f496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:25 GMT
expires: Wed, 30 Aug 2023 00:11:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 88ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je38n0&_p=1428761300&cid=1501917331.1693354285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693354285&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 27ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1428761300&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=360585253&gjid=1124224961&cid=1501917331.1693354285&tid=UA-119779859-1&_gid=939963554.1693354286&_r=1&gtm=457e38n0&jsscut=1&z=1160088010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame E588 23 KB
9 KB 100ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E588 8 KB
1 KB 78ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 22:59:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame E588 15 KB
3 KB 97ms
21ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 05:45:19 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame E588 368 KB
128 KB 99ms
23ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 13:36:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E588 20 KB
8 KB 91ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 8B7A 23 KB
9 KB 93ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B7A 8 KB
823 B 59ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 8B7A 15 KB
3 KB 79ms
22ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 05:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 05:45:19 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 8B7A 368 KB
128 KB 131ms
74ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 13:36:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 8B7A 20 KB
8 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ 154 KB
52 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9502fd322edbf67c27e6a19ce5c1b763d577ba4026fabc09ce55aa80d81afa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53639
x-xss-protection: 0
server: cafe
etag: 3131746625115236343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EF5 45 KB
16 KB 185ms
185ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb4abc3ff8bd8490e05e0cdf814bbb3879186c4b9f38d635d48ddc1a7bf85f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16831
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: Wed, 30 Aug 2023 00:11:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91D8 45 KB
16 KB 178ms
177ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3995cce58f1cdee5eae096dd7f1aaa355e063ce5dd3eb577d8938acae984d1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16809
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: Wed, 30 Aug 2023 00:11:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame A615 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 32200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 15:14:45 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 15:14:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/ Frame DB88 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 32200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 15:14:45 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 15:14:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A615 2 KB
945 B 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame A615 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A615 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A615 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A615 181 KB
57 KB 52ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:26 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame A615 36 KB
15 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DB88 14 KB
1 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 23:55:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 00:11:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DB88 2 KB
931 B 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame DB88 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1999 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 23:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DB88 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DB88 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB88 181 KB
57 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:26 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame DB88 36 KB
15 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 01:09:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E588 0
234 B 127ms
38ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llwzf5bj&c=5448016272034&slotId=2724008136017&qqid=CPzTq6WMg4EDFbBfwgodVykLXA&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E588 15 KB
16 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 533963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E588 15 KB
15 KB 74ms
27ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 525790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 22:08:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E588 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1693354286032&ai=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E588 0
54 B 111ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llwzf5ch&c=5448016272034&slotId=2724008136017&qqid=CPzTq6WMg4EDFbBfwgodVykLXA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.fi&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E588 29 KB
17 KB 161ms
89ms XHR
text/xml 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BDdavOemMa6LGl1k0jXB_XW-vy1sGvk-aItxhrP5gav1Ouai1oRk1fW-34XbDLP6vOhJKRERo-ac4XiEHfHfdh05801A&cry=1&dbm_d=AKAmf-AqoQiIms0r7oxsv9ZivHVZlnj_YKg2xddN-9mWfrDNR-bNVXRc-2RNvQY5rjso0URWL4LxN4D3bDNva55Qd-WXbkKv2cUHr__G3vaz7vFwp6pILAGWFB50eJeJ2h879OYNoOHXH76quwCj7P2tR9_cWfNRbZKRhHwXJLTN-WSzahpTSFKh40l_noBa8xJSDFDDMpEW66oXcBk1LbtEu3aLGUehtAruEiTL6lcf1zYd6uc04qMPAMXGUxcgchA1uUSZxY3ZEFgI78bt8a00RvkeJN0TOt3He8tWPiVQWoDY9CSZV-NEpF-IGdBtGJx1n9feG9t4aIrCj9ZLPKCWm9_CBLrQSJMEev7Hc8V9d3SgvjGDOfJP4qgpq6myMKLuVb21qOOeTW66ZJReq6d7NEiBgP0n-813nwHdf-TDXmq_Pd_syucU4V7JeLo9BKBsIiCpWnjRhe3MXHhkVMlmgh5jVxwp6Zhi7mTUNHduLcx1wP_fSXHOWOWvivQX7knKyFLlRCApZzyfmXZk-Xv1DJclGjFr7qaUCGiiM5CDkk0CRaagESmEIzdasxSfcW-6ErI7yJUcIkO8k9WYBWZAw5ahPDSztbX3Eref1eti05nWXJ81gaCcqX6l7ZEfab3Kt1Zl7O-t60Avsoig988nLWuFvDw2L_AM339XKYEjMmaGuC4Az4SciZtIB7Lw62sHtZSiBan_5369W44bHAQ2SclPkdJPJUvc8_aiKjpNC5n6NrhLkIdjsgnAG3eTO1spVIgtwmvRXmJ4XDmvdIDAKTIdPEvMbXqVB6veg-QPyBtFYSFYq1odaSrUDRoh4TvWaHysmyRRyfkX-A-gmZmfLQIKJcCgVw5g0Phag4duR1Kds_LHs_j7B6YWlBiYPj6gtFkuAbGhI1qBsJT-5_JoVK_rdImIBb2CYHYqzB3Tn32DgU6_C5b02vAhs8GdKcNN46jPGFYMpusfFGQZkyR7w_EQWwNfLzpuJeUDd7ePX8XTDY6HphqbVrLHC0K1IG4H1NGuS8DJeVjDJYa6wb-HpbCyqljDP_bqJr6oLa6ixq6B2xl6qLHW_T20xTH-Ia9INPXG6XoyKIUv8miOWdBAgrBvkusnBThjs9YlncyJUaUx8cm2O3uxXvq_3kLJZP7lccDEwgYvY_SqqcfNhACAf0sNKzGKS0GYZakeX6n6ZUpxG1YKtGgp_kxhbNuCfuGOXGrGtZxPl8YuxuVVbd5I2gcF_S00x5nLaAZAv5b3EY4z15pXjDt_iYgfI3laieAtp5yqAKp72ckvH9-Uv0CGYdJnXJJ0-PXMTmJlPnfkJardFycSgFTHzCK2njUbwbxS_RTVdeoSX7feCPP2nWo4gp0sfA_1eUy9NWDZdOOLiJGQ3toSaw6vX1E7JhKmXACwvwD5V1X2yR1zJm2CqRiMPM84liTeiPTjI5UKHjTjN6G1ZCcmzw5wxBX0w-sNunh2w8KlEze42eI6_9BVqu-GwThQ9Kxef4rkUvlYtc46MmYBxTPoxRyWzPkv1KEmp7feU8so50Ea-4SQ4fC8V2Ej-9-ln3wuuidPY4Loium7FpfRRfn7aeO-FccIZRsHffKPtchpgRHbKm8-Zk9XSCYfc8VK95lCgZF-FuJ-m3tl5V43SLqR4N_Q2ZK2ZmUE_9ICyIuSwHWnvAJa3WVvsQ4AYoibPwmvTctkTDivZTVoIDLHtw0Pl7y1FEKHMWfF_1VKJ9kos2bBf_jNlEVJeWtkDcpztDleOMmhWGyh_-g6uPzluxBlponfJQ-3aP04U7XYajkzQqE0tL5wUM9iXAZOFW_Bgq0dxbWvaPHB94xTGnEYBjsHXylavM8hUpCqJjmRu5QfaA9V9QWMY1OTmxNxBnZNv7N7Kuj766cSDTt9XJGUUgl9MbiRIGv3Tp9Q6AuQCz6OvedWWiIbpk4BuNSnqbVfxYieHo1UUO4Lwt7VI9R6kNfjb5kIgUHMtOV2GiYAQHT0Z49qjzS9nq3w9sxQNgM9R3d5xh8eSbBUrFC1mCTPaoPrl0RGF3Fuee7BxVxeblg5Ahlr5v_dQWfuq__mvHsWXk_aZ8g0XVdwLBBQZli4H24EwNrBIGUUyZOIlsZT_4wagQsiUlB_QueRvNjcxkxCPJ8cR5HDcFwuHKKcM8wO5rw-dkP3MAswpTUKU-h10IMpjLU2d1OVh-Upo7NLhbaa1sTLEq15-Vw14Wy6-Nz0woEAhGtztq5R5YHwMjyJGU68JKH6SagtvNReAh-8j4shmHN6IqmRzHrA8qGwvbv68CcnnS7J-4Yd04SDoy8cxk-wuV7KHHWv3Z1jQtV6CTv-0gCcUAb3T_zCl0PEn_HsJXD-V31K7DeoJfUanoRR-BCzNhDSOoe5tIMbI3tSpI9oe7tWxI895Bk5G-FO4Dxnp2ysJnhXG5MLf4zvyt9hOtj34s0tEnlBHJAzOneMp2kDtmOxEnYLWqR--EGdWMXvIcw1Iu0qnXhPJOCB4KrowvqUgMnOi0yK2sx4az5Q4VoyFZFwa9Ih6cMDEewSBaRZao3VK0qf_KIkreOyWsMbzwYKWpO67uh5J5hS9943WwxpvcUdrgnfbjEqae_9rsUh5SkJVV9utvYVcLd62WUWnitgs7qoa6SdLkQxZc1KhFHS7Uv7C0Hv02cx0OIqr85_xi5bB5gE6Fd-7P3s5J1k37isXfmIAoz_Zb5dZph4u0vrOBWNiNP70_MPWYcrj_bEyqBbbM3qSYuQOMYIUNSlp3Qsj5yQTsu0QM_-5HGklGVtlWEV-M2nFm_5z4KjQ3IK7s10mGaLNTRkGpjOFlCwXvUrbS608wEPnMdeHL_lUYaOuUtSD3q5YS8sHKYLAA6zMymdRVGrzeXOw31CZXKHrwo463bcyv3Jr5c2umzegjAIAxAAdbJTn9UK6L97CS6ClTSKxoLGi8hIA9Rqc2fTY7FwNvO54hIPT3jZOpLbolhE0J6M3BYqZ5YVqBjy6f0ZgVV7BU3dAstX15AZeY1625MaDcBBKkZMMbfhYqPSW5UcFiN4h9Su_9COtv1dNXplv4h_oI6Wj0SDzjbL7AvEmt5x-lMxFhN_Rrbw_I_pYwiNFV4sg0gRYD6T5t2sDkpQ_hHMQ4sBarOY19rBFCIvGff3Vt9MXA6Zk1DLXqmxdIDB8WrTkemt0RhJrh8feDZW_ZEbTam4uFSO-rhFUHaW2r1lHrAtVsXChCw6rSI-MbcjtX9075R-5adh8DHzWeIGcZ5PwV-622br3TL9_OkMo52VBrMPl_AHsM3sgFm7QsEoCfd1nG3EEKNDLhna-xKF_WpURKTOg_fnyqoWXXtpCJhv8AyGSHEGmhKb8n_AaEV0ebyl7k_lflNAhpmgZddaUrEXm0dHox4iYVW-4gBCf7JGHNl_TM9Z8QZfxkUp8WrfxgoRG0aVl3Gh76-dzIYk1LGoKmDzP-jzr5p3-ymG5xmBuSIPO4gMGpkn-90LOY4ywDTDOrkE3-W7A9zrZ-hX_jJgsbFYnDLngnaMkO9oU94W76VRd5eWFLvZvKdobZvIiQ4v4kB0TpGGlYtyAW3RYFGdNP0i0xj0q7biab4SvkWNlvoHtJGI5pfdPIyCmtaroYxrXYT_oFmPXMDQiW1EgFzsxV7NZtuOQjRTZ-LaFgfqoBABH9ZXOJ3AqUp387nDA2wYToP9uwZ_-s3i_iGeY6Xt7ulKpXJJV8DvWpKsRLpFeW2lcJ6pI0BRQ4U1btwNZkTgR1tBFsD76xfGRCOaUadblHVmtONVCgSF_FEeb_gscrwxvfn139yryrodDdm_fuXHG14er4qkfbaqxoOmU8eZVxMzd8CsFgtaJ6SdtcfXclpaej515-VPi0GXczILQ_oRKeq_YJSUa8Byih-dkEpVXLigzvSG8tGRiZoMy2pATb1-SpMT13qelDoclR4NG5mE5x0c_TEMvUjf3lrHEQQ-EbsGyudtQ1RaGAufu1_oJKOPuAzMU_BF_8cmBDvWmUUqA4tLwD_YmUTH3-e41uHozAfTS9TmCUISGr682es8yPSr&cid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

d92b00061fde9cbf6d311a89b11e36744158f283b458f7dc453f1d3f83fae6d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16766
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8B7A 0
45 B 83ms
39ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llwzf5d8&c=2024211327092&slotId=1012105663546&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B7A 15 KB
16 KB 76ms
67ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 533963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:52:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B7A 15 KB
15 KB 76ms
66ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 525790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 22:08:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&delayMs=0&eventType=get_config_callback&clientTime=1693354286076&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&delayMs=0&eventType=configurable_registration_callback&clientTime=1693354286077&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&eventType=query_id_available&clientTime=1693354286077&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 80ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1693354286077&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&layout=wide&width=1110&height=280&aspectRatio=1.7777777777777777&reason=init&playerState=preview-not-started&branding_layout=none&eventType=layout_info&clientTime=1693354286080&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8B7A 0
45 B 78ms
40ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llwzf5dp&c=2024211327092&slotId=1012105663546&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.gd&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8B7A 29 KB
17 KB 99ms
60ms XHR
text/xml 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CpDUi2oJs6WC22mtwnzMskLBIlvr1753qDDPPZeUHlTM63XkAz_x8LeRNLfKF10khQUCdrDkEx9n07kde93j504cyJRw&cry=1&dbm_d=AKAmf-BWksw1nLNs4jWOQhi1_FximWjBPnFuNIbDJ1QnyMhDhL8siXZuJ6J4ubDexsb2CgVxPQD73QsYM4acp2AjJqm3xhszKiBV7CCv0iNfRYFmmzidCStn2TFTi_nJ9ylPnCH7g9265_SCe7ISdPp8wOrI6QQs1-nJ3ghQ_7FX8w43liy_k98lq5sIHIYLWQMlnuFOsZnIhSzv6d0NLFCKp12a51UqoIKLdNRjOJsRP_-JKYjUCLlUXJSXlQ09czqXp-saVmgW7fHjMt05sFFms039PYiatUQMrT-X2ByNS0hXX7aDm-M0D6GTXky2gVdR-6czkcOH7rsVLW0sTqk3jrnNQlxRmphSP7WcMp5fyigNnWOwxwdz7hdeAFwAK64y-nvDsYfWCmjHIIOk0V_OZXEM72jcgkAkaz-2UGTGmf0ozxZQF1CyX4Nu-IPMl_fUFtQk8Ln4Pch-vNi0gsHBbojKk9vyBsAQ9RTTUh_JxzFmp5fulH8QG0_XKyVfsMwF5YkMyjFGpt2Ze02MsNS3SL1fdLhCIV7vJ8wwbmsqGYgu4Ri6vQinL03QByW6PxRLgxb5eY81Pci8idme4iMM0XiReNKXOzVm7grHvxQ7aCWrkyNMbYMSbJCvmtmf4ZrjIZxXqT3BfEu83ermhbFFts1yyk4TdRYsrIvELAXw7efNU7K0G9dgTpfv3NwxHbUqLQvkfHZ0eE0_2AHNFNrhdZn3usHMOa_p3ODD5st-HSk4iqHDJH7A04-lK45sJzWGVlDzFgvlco7jhTrKBrh2YqTCDNNQALDZG0kKQob2OYiOTtXy9ow0fUk_TTLAb60h-_X-AOvJy67qy2Wac2Bcb-piHWxV4G5bMYcRZhy63RSWiJ-T4Ww4GS8kgtS60GzZCII4XPJoc6f3RkNxfMOyais49RuhGxuU_QgWBxdMFwr7JpNqpnhXKgituIFo0LVpYpI0X1-uXTsDD1b8iFX_DaB7LG6kAGC2QzUzbD03qn7O4QbMByrR3n-uuVc9Sfxkotw1y7dL8yUgcWt_4nHSIT-wYtMYnX4iQ53aFK1BGfpN4bqswODTuWJM6YwJ_rNMyJw2cjMRZATmJrjSnCeVCo7Pn6Gh1jsi6HI3zq_DgM6qz0Wk8H2ACOqOv33Sz5Hm_5v2k_56OyBhqKcyOTXh2X1D7wEaENONRUJvXKZTSdsqNl434jZjZ7m3quB12pqIbT9C8WduhrrqEOSilVWHQHDQXP8Lz8zLT_-_RAGwD6IczxPkVyDlAigu77uhOfuTZV1MMzgQhHyF793Vjmy9ERxAGexBzSdeLE6Poc3Y9AHZdB4oymDxvETDfiReWwK17uqOgYMO61V6QNHuPobPNQbFWjfGNorAW1-q8y7DJrnVJ4PHDUW_0Xm_TVtZeuu56nBNOAVjAMb0JLvr8es5A9U165gC9aMFY_5vlVhIZ9pMxTm-LB0Xb4yKk-GiQhASZEeipuc9QtBBR_h5PS_Lee0TD5CYoAgN_DI-uNQuPnWC4bTPlru27JF2Ikm63H7aLQU-tApH3Regg_VJaTb0Ts5CH3lpDIokmel8SUgnoLLqQwEgxaio7RZ8rgFBec2zt1qNwKMJL0bgfLdooUIiQP7QS67QqCnJhYa4hM-KIZipi3yxKIo-MdomULiZu-vHjoYgoyQ51ggQwlmZE4z1ksHwITKg1m5x9cQQtzwXS59f_9mW7O8J5JSMrY0M92SXH2Kp70_vGy-AupTbWNDvUBJOzAEybfNHLm2uq4KOKcqAp3cMGPKTouY28SpPZWDx2nnc02Sq2HEKJyJ-Len4lnGuRdbvLmp7T6Gew-vK1JKs5eGdFQ58WDI0c6CU6n2Sorl12GkB2clPPJ1_6Sq6Ot1cB_WuVIoEmQbooG5Lr1Q0ZAgp7KVNHx5ZG5AtH2ZD7WiveDgtV1xVsoVEJk6NPfj-68i0eHw_vIpkvSd1VG9ZUDKBZ7o09kZJQyyltquCxOrqIP6LQ1KG5TUB2x5hF3GC7J4IY-cyrf4vRD7Yz9_OulNgjn-OiRTevxk5NXmvqSx5dBEsC7ooXU2FKJ4bT1BxwKDx2opHw-s_tO38wCQme8tG7Z8rK4dDUl8aE-1YEyxJTJ3YwCgAGvl1KcNya2Dr9xL3bhgqS9103H-GsMKEQwvYDPgcFL13htNO4rW9UUdj0W7MaylTz7MAwZ7lnhSv9KnMSSuMjqxNMsJShPrzm6dVzg4gfi95xpgMt3aDY4nY9w4Ws68W2Vn3l_6UCrnIOfVlGZ77jxZXXiCheCOMpsyjPLD3OHqhtJp8lzgZ7Uut5eaYFtGQBXYi-J1y3x22jkdMo78_DWdbdBt1m_45mbiFmehEiYeJdVaF1Y0uKCP5SQzZsipwh-iUzd2SqGr1-95wykZsgtnsiISOj7PN1ypLllnmm8hxSMj_-awX3e9fgi8IS45-cTZjpQWvFZODLvD1m55zcCJFz1niMMrggTwzo71tKHyO2Felm2eJ3HPnuSgxK5_jXHs8-6ssNWApiU3Fvb3-OqTbE2Of7hmEIGS0ilTJ2KV6vRXOger2BGlrQuAC5v2016hFAxZO51_7kLIJNKQYHtmqREN7WS2qptAxZy_85uiIQlhqDXVZToVuZVZhyY0fH2636IYQhWBRp3XuccuKGCDTfMPwvgRadoPdxcEsq0VCHP5OspTiswRe581uK6MRQdhvcAeINt7nQQJqRLa_OGxYjR-LlvGcN4wvg4htlkJnY79UXPauZ_PPEoX85gbsPj3PCF9RFUQIJ-3lJVH0eCkJvP17q55xPgCXoQ9y_2r1UGRO4FYEKO6b1dsqUmLVFzdw96LDrR0cQF8H3ZjC_sgdsQnlq9LRq82F-J9VadTeOC4rfE5qZLDfWcTXJwSgq62SZuwK7XiZi4mtvFOEN7Adi8jrXw1p4I19Ft3kvAhpp8F_82bYaCy_N2t2aKEjxhTsPqpswLSmxxlYc4cUAj4z-I8eCC6Re2Dyf2adSaL6csowtOUrMkIc_iCD65j6epPwiP9rnoOIqvXj1scRYyGYPLpf992vMRh_Abe_bmRcMKUS07diwReZKKVU8Hs7BKAPeyP4DA9qKz_19CCch6FPmYwUODCQvdZcC7bJCZVmb346SjKDzBbTGuVVWzaoTz22h8ZIgjmj9nleUD0XgNQqmH2cGcBKNzHIQrt4K65BF0lZw_5Q1P3nJpDpj6yfRqW7yUh2O3WiRmo1X-f0Nkr_JQE9cRc3OSYyKsWcprcTnmVLuWWfEi2mglJIBL2L8eFJT9D0TdYLMMPDZyzE3HC0trnfUrI59OC5NySG80Lf73CWSHIYAUUqpfEWSO8DHSUxwP_S6Kakl108nSndMY5tCidSF1cA5SKIwOjL7uHcgMx8b8P_9YiUShvHYEJCawDu1B61d01OgDuPn0UU-GAuz84zZtEju-KncEcXEWd_R_HColRUMNyinaE3PYrneaCmpQH8EI5WL_IIRF6h6lf4rxN8NT8y-gF1XXg00wOrNy-IwpQ_FZyswa7O0D_0c2MMl7WG2Iww7MrPXoUoVDvd15hXCUlLXZZptkS5e6dKnZP6yChu0zrr3Sanx-0mQB63dc2d4nYaB7c2kKQw9ew3Pvpr546T6R9TQr8hmq1vrvpNBX30syFOkJtDPneg9ZtWYA41cYeUvzBUNdJn9ah_IEbBs2eGnmJ3dsB1zpt1v_VVXv7SQDIauw37z96DFRKAi8kl2oPqFdmNB_INZ69zdYP7C7BMtVQIIh3HKlPW1SkOqO6Tf3wH_I32PODWmdkon_B6dlSqpKsIjOyZLrkukGJ5F3HgcfAgyn4Exl2itD9JqIx0-QPG27lBhM_kuP0HoTTdFBm7vyFHQXro2hB7OaCqm_mhJS2qvgGf-h54pLNT8Y2ONzdQ0bepXOk5jXPy9AA7-jELvKGjn6XmVjr-AC8F_k4PniUafjuxk5V3nXm8ObvHRoRxWA8GlHymyxHL671V52tG7KyhsZibQfBYOcVvQ-_yPJyISTvC24vRu8b-wiQC9QKK9xKQ&cid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

9dfa9d85321e1f67e3baf4a371a580174b96d6febccfcf85f1c20db04351095c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16679
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E588 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88b749d44c9fff01b69abcd947993dfba0cb5c6fce60c37bab12ded84f0473b2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B7A 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb7ea5b3a2ad6bc7b333551229a3cad277bd1f3c635595a7273ee11781f83dab

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6EFB 2 KB
3 KB 108ms
61ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jj8h1p42txgk2rnmdxz98ecy1xqw7c1m2avdazaagn8wtwe2wchrepg22pfc9mg9pcs6wn6x6zah6wqq3f617r0gw5821mjq2sg30sq56c8nhsnfqf88x9zym32hevgy0ks15t9q3m8yd53azntbx8fp0rsj4hhkhqdsazpgyeb4yc50yqp3wmtxrb7brnbcfa5b2cr556bx6tqdpn2215e1dkgz0jta6ksg8ky1tbgs7gcyvhkmwrwhram4r188611pacqa10cckt4qjysjtqr6vdnm08rbgrz5m42exf2v42hsp5jdmx6fqr6kfdczc45kydbcfrc4wvex8gvxr7yfjwck7fvy6cm2k401n0p9tp5y07g678r39raw33b6rz9xvpj6sxarx8ww8syga25kxbevj68h5vv19eb1yg011rt73x3yz7dx7k7dgatvz8ejqkg7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%26client%3Dca-pub-9176521898341909%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5318d795a0307f85dbf86658086878144f557f25968877763a6c53e430b73d3a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe8d1012f95bac9-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DBD9 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C2F7 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame DBD9 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DBD9 0
0 77ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0figKnkGLYGXpuokPlbh8bGX4yRYywamx7Rx3RYMXQYgJgYEvbgoPona7KSMGxiSHlI2BcCeCW6tXQxav2ILlADdX2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBD9 181 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:26 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 52A2 2 KB
1 KB 96ms
62ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jj066m7fc2xy94am6pxhkqfds92yzbq64z259c2pkfsj0bxm41d95vtv7y8qtq34qdhejemggr7ecgcfengs8n8b66pc15aqpg44w8bdxjz4y13k926mgavksyf891nmjsnmyc212f8h2yysqyemw1m6vd8tpyp8bhsmzzksqrw16fjb0jcg0wpf6549k6h52xc4pv600hszn9zny783wfz31b0809g0kcxbsehcm3pcnj3djr658e5hfn11df9jbg8fprbrdxvd6k6treenmytzp1c0kedmkmx88b21h99r9hgwgj2z9v8cmwj97hmd277tt41w9rfq5amqx6vk99weynj1f54kqkykeh29f0fh0j4jx3zqs5sqdtx4fmvbwg2fs051wf9jrw1699h5zagexptqf3gfx5zjgee5831g1z3j5nqc5a0skevr49d6jqp7av9nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%26client%3Dca-pub-9176521898341909%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f633b70fa95e3a10e5a1bc2197cd3d6686f183457bf2518af4cfd95412c0275

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe8d1012f97bac9-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame ABD3 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6E66 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 46647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame ABD3 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ABD3 0
0 64ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR79An6hUUZ3gijq33eEN1RnMtsH_GVjEHvSKa2p2CYV0LjuFMJbeSFITDZ6QcsI51De0RmDId5u883aQjTCe63K3z12w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABD3 181 KB
56 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 00:11:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1999
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: Wed, 30 Aug 2023 00:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E588 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtfDNLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwGqBOQBT9B5efDiJdjJlLRTyLElNcMiGX0ZkV6g1PHK-lqMuZVhAsKn2R8713xl6gqXviQHhNqgWUHL-lRnNbMYqjVfVWXDOSJ9_X0YCflcrMWEKQM5VodzD9VY80XW0eui2PK-KR4MQjEtKfYHgBFMgI1WbE5xKnWmyimFQm2dY_vx73VpMb87gYlT8YSoQ3YpArzW2a4kNWqdJNK2EKwM18qhWhuXilHAxjHNXJ3OfG9Pple3gwYxYufFmH5n3yKpSN3WFoMR9Te6RJdVuYImVz3dfkMt0tVuzs698vBOIaMsUkNhkRIVwASoysSftgTgBAOIBeuwyvdLkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeCtdraBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJEOdQGILolPQB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbATka_DFMgTpbWl4wPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItOTE3NjUyMTg5ODM0MTkwORgA6BcF&sigh=wJG6k7qF5QM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
Attribution-Reporting-Eligible: event-source
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 8B7A 0
45 B 28ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llwzf5dw&c=2024211327092&slotId=1012105663546&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8B7A 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8B7A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

94ms
15ms

Fetch
video/mp4

2a00:1450:400a:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DDDC2DEB154FB56DC643E847D0601D6D632AB75.0C1CDE348A76407A6A07E06A1B04951346133EDE/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

HTTP/1.1

Server

2a00:1450:400a:8::7 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 00:11:26 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 835905
Last-Modified: Tue, 22 Aug 2023 11:12:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 30 Aug 2023 00:11:26 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3DDDC2DEB154FB56DC643E847D0601D6D632AB75.0C1CDE348A76407A6A07E06A1B04951346133EDE/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&itag=343&mse=false&eventType=autoplay_info&clientTime=1693354286244&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8B7A 0
54 B 28ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llwzf5i5&c=2024211327092&slotId=1012105663546&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.kq~videopreviewvisible.ky&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&newvis=true&eventType=visibility_change&clientTime=1693354286247&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E588 0
54 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llwzf5cy&c=5448016272034&slotId=2724008136017&qqid=CPzTq6WMg4EDFbBfwgodVykLXA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E588 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

94ms
15ms

Fetch
video/mp4

2a00:1450:400a:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FBF341D5FF2E52C6E331CFBCA6670B47AD20EE7.4ED6CB578396B9FE795D7F1EC4AD19C09E27C5D7/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

HTTP/1.1

Server

2a00:1450:400a:8::7 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 00:11:26 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 835905
Last-Modified: Tue, 22 Aug 2023 11:12:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 30 Aug 2023 00:11:26 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FBF341D5FF2E52C6E331CFBCA6670B47AD20EE7.4ED6CB578396B9FE795D7F1EC4AD19C09E27C5D7/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E588 0
54 B 28ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llwzf5im&c=5448016272034&slotId=2724008136017&qqid=CPzTq6WMg4EDFbBfwgodVykLXA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.lb~videopreviewvisible.le&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1579 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:55:20 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 6EFB 114 KB
14 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jj8h1p42txgk2rnmdxz98ecy1xqw7c1m2avdazaagn8wtwe2wchrepg22pfc9mg9pcs6wn6x6zah6wqq3f617r0gw5821mjq2sg30sq56c8nhsnfqf88x9zym32hevgy0ks15t9q3m8yd53azntbx8fp0rsj4hhkhqdsazpgyeb4yc50yqp3wmtxrb7brnbcfa5b2cr556bx6tqdpn2215e1dkgz0jta6ksg8ky1tbgs7gcyvhkmwrwhram4r188611pacqa10cckt4qjysjtqr6vdnm08rbgrz5m42exf2v42hsp5jdmx6fqr6kfdczc45kydbcfrc4wvex8gvxr7yfjwck7fvy6cm2k401n0p9tp5y07g678r39raw33b6rz9xvpj6sxarx8ww8syga25kxbevj68h5vv19eb1yg011rt73x3yz7dx7k7dgatvz8ejqkg7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%26client%3Dca-pub-9176521898341909%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jj8h1p42txgk2rnmdxz98ecy1xqw7c1m2avdazaagn8wtwe2wchrepg22pfc9mg9pcs6wn6x6zah6wqq3f617r0gw5821mjq2sg30sq56c8nhsnfqf88x9zym32hevgy0ks15t9q3m8yd53azntbx8fp0rsj4hhkhqdsazpgyeb4yc50yqp3wmtxrb7brnbcfa5b2cr556bx6tqdpn2215e1dkgz0jta6ksg8ky1tbgs7gcyvhkmwrwhram4r188611pacqa10cckt4qjysjtqr6vdnm08rbgrz5m42exf2v42hsp5jdmx6fqr6kfdczc45kydbcfrc4wvex8gvxr7yfjwck7fvy6cm2k401n0p9tp5y07g678r39raw33b6rz9xvpj6sxarx8ww8syga25kxbevj68h5vv19eb1yg011rt73x3yz7dx7k7dgatvz8ejqkg7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%26client%3Dca-pub-9176521898341909%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 565096
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eE7C%2B4z%2BpTphjhzLOo8p3E3F7bH2ePI2idIJnALaNyu7tnM4ORXQiVvldQEyRD7LguRDww2b56bCtR%2ByCWAdUbpPGaFhAOBNdHKIWl%2FKoRPeEkvJA8Jfyd6scQhQugXhF7QZ%2Bndqo7s%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe8d1019fc5bac9-MXP
expires: Wed, 30 Aug 2023 01:11:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 6EFB 25 KB
10 KB 36ms
27ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jj8h1p42txgk2rnmdxz98ecy1xqw7c1m2avdazaagn8wtwe2wchrepg22pfc9mg9pcs6wn6x6zah6wqq3f617r0gw5821mjq2sg30sq56c8nhsnfqf88x9zym32hevgy0ks15t9q3m8yd53azntbx8fp0rsj4hhkhqdsazpgyeb4yc50yqp3wmtxrb7brnbcfa5b2cr556bx6tqdpn2215e1dkgz0jta6ksg8ky1tbgs7gcyvhkmwrwhram4r188611pacqa10cckt4qjysjtqr6vdnm08rbgrz5m42exf2v42hsp5jdmx6fqr6kfdczc45kydbcfrc4wvex8gvxr7yfjwck7fvy6cm2k401n0p9tp5y07g678r39raw33b6rz9xvpj6sxarx8ww8syga25kxbevj68h5vv19eb1yg011rt73x3yz7dx7k7dgatvz8ejqkg7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%26client%3Dca-pub-9176521898341909%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27656
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGHB4lGE9Xi%2F2HdyDt9vMK1ftQ15rUoMoGT%2FpZmWP9EuDa0YsHzP%2B1eVa1E8ZXfz3dp8VIHMCB7VsDDdRGmGSqYeQ7VbSckHxjRd7U3cskC%2B3qAbPPm8k%2Fx30rRZT6w9gpA9KaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe8d1019fd3bac9-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C2F7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIX1jLqhoXyeq58iF1CMhxc&google_cver=1&google_push=AXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-Ch...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIX1jLqhoXyeq58iF1CMhxc&google_cver=1&google_push=AXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-...

43 B
424 B

193ms
183ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIX1jLqhoXyeq58iF1CMhxc&google_cver=1&google_push=AXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fe8d1032c2323c7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 10094
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIX1jLqhoXyeq58iF1CMhxc&google_cver=1&google_push=AXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfjaXvxwynPwTo-kv5qwrX7TbIfY3nroIln5IrWAq_KLe6waW2UETRfwQ9eHK13q6Z76go2C1-JoXlw8H2pj80rN0Jc5-ChTc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fe8d101eb4e23c7-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C2F7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJRSvbpVyHiCe_At8wBAwMQ&google_cver=1&google_push=AXcoOmSf1BNlfXQ7uQdiczXRe6_gm3y8n9sNUuHi-KBW-OaZhAJlUfUTFkoKPi0i0wmSkROXBbk3a1KAhgQWwoPrGtuzgInJzmjbsW8
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDCCA7A42FB742B89994895F31B0C9AF&google_push=AXcoOmSf1BNlfXQ7uQdiczXRe6_gm3y8n9sNUuHi-KBW-OaZhAJlUfUTFkoKPi0i0wmSkROXBbk3a1KAhgQWwoP...

170 B
232 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDCCA7A42FB742B89994895F31B0C9AF&google_push=AXcoOmSf1BNlfXQ7uQdiczXRe6_gm3y8n9sNUuHi-KBW-OaZhAJlUfUTFkoKPi0i0wmSkROXBbk3a1KAhgQWwoPrGtuzgInJzmjbsW8

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDCCA7A42FB742B89994895F31B0C9AF&google_push=AXcoOmSf1BNlfXQ7uQdiczXRe6_gm3y8n9sNUuHi-KBW-OaZhAJlUfUTFkoKPi0i0wmSkROXBbk3a1KAhgQWwoPrGtuzgInJzmjbsW8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 29 Aug 2023 00:11:26 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C2F7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOctlM7hMcZmEZqdSHbvAqA&google_cver=1&google_push=AXcoOmRArRLwe-l7UFFfOYRVpAbwGXB-XZL0TTJGiP823J_J0eNjn7LjZem7QASCAn8nVaDTWp_3tIrPK-o...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRArRLwe-l7UFFfOYRVpAbwGXB-XZL0TTJGiP823J_J0eNjn7LjZem7QASCAn8nVaDTWp_3tIrPK-ooDmomH1AW3TBIfN0PhQ&google_hm=hjWb0X8yRCuKn2ygz2...

170 B
232 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRArRLwe-l7UFFfOYRVpAbwGXB-XZL0TTJGiP823J_J0eNjn7LjZem7QASCAn8nVaDTWp_3tIrPK-ooDmomH1AW3TBIfN0PhQ&google_hm=hjWb0X8yRCuKn2ygz2fVS-4

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRArRLwe-l7UFFfOYRVpAbwGXB-XZL0TTJGiP823J_J0eNjn7LjZem7QASCAn8nVaDTWp_3tIrPK-ooDmomH1AW3TBIfN0PhQ&google_hm=hjWb0X8yRCuKn2ygz2fVS-4
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C2F7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHjTYonmzeiZYKl2B_3jtg8&google_cver=1&google_push=AXcoOmSitQTe8MOO3NT0g7B2r665ub-fA2lsdFy2vA44Mov-OSRSAVriNRZ9F9pHeEWK9wwHB6mrI4JDDaSgLh...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkwMTI3ODkxODI0NDUwMw%3D%3D&google_push=AXcoOmSitQTe8MOO3NT0g7B2r665ub-fA2lsdFy2vA44Mov-OSRSAVriNRZ9F9pHeEWK9wwHB6mrI4JDDaSgLh2ovl...

170 B
232 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkwMTI3ODkxODI0NDUwMw%3D%3D&google_push=AXcoOmSitQTe8MOO3NT0g7B2r665ub-fA2lsdFy2vA44Mov-OSRSAVriNRZ9F9pHeEWK9wwHB6mrI4JDDaSgLh2ovlrf7N2iBkDd6bs

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjkwMTI3ODkxODI0NDUwMw%3D%3D&google_push=AXcoOmSitQTe8MOO3NT0g7B2r665ub-fA2lsdFy2vA44Mov-OSRSAVriNRZ9F9pHeEWK9wwHB6mrI4JDDaSgLh2ovlrf7N2iBkDd6bs
Date: Wed, 30 Aug 2023 00:11:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C2F7 43 B
363 B 132ms
39ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS7BLqL34kxxwoITUCuOKqNn08DOV2hvhWQqUwdVTRR2D-ZW-e00RF7aJH7_I0gUGIWE4C7kub3O8gJ64dHSV_hUmiJurYoCzc&google_gid=CAESEG5Czx_zj-DV30ygu10yVEA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 235389
expires: Wed, 30 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C2F7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFRbp8mtzZKeRscviWYt8cs&google_cver=1&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7bl...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFRbp8mtzZKeRscviWYt8cs&google_cver=1&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVp...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2MTE5NTcyNDk2NDYyNjU0MQ&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2MTE5NTcyNDk2NDYyNjU0MQ&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7blCnzPdddeuh17P1Nqutnty60

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2MTE5NTcyNDk2NDYyNjU0MQ&google_push=AXcoOmSrEc8Jn-lPaJD--GByl4nFgHx0f4hT37BjTbw8pqsRjYWaVmL_DxvvoR7cL4QImieDMVptO7blCnzPdddeuh17P1Nqutnty60
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame C2F7 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C2F7 0
40 B 97ms
34ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlrCPXeY-wv1fXLM5SWcAAdv3CnCWG4l7eQGvqt6hjNgJ_gr_g3cgwrpSUpVHXiIlhxXaA8g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 52A2 114 KB
13 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jj066m7fc2xy94am6pxhkqfds92yzbq64z259c2pkfsj0bxm41d95vtv7y8qtq34qdhejemggr7ecgcfengs8n8b66pc15aqpg44w8bdxjz4y13k926mgavksyf891nmjsnmyc212f8h2yysqyemw1m6vd8tpyp8bhsmzzksqrw16fjb0jcg0wpf6549k6h52xc4pv600hszn9zny783wfz31b0809g0kcxbsehcm3pcnj3djr658e5hfn11df9jbg8fprbrdxvd6k6treenmytzp1c0kedmkmx88b21h99r9hgwgj2z9v8cmwj97hmd277tt41w9rfq5amqx6vk99weynj1f54kqkykeh29f0fh0j4jx3zqs5sqdtx4fmvbwg2fs051wf9jrw1699h5zagexptqf3gfx5zjgee5831g1z3j5nqc5a0skevr49d6jqp7av9nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%26client%3Dca-pub-9176521898341909%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jj066m7fc2xy94am6pxhkqfds92yzbq64z259c2pkfsj0bxm41d95vtv7y8qtq34qdhejemggr7ecgcfengs8n8b66pc15aqpg44w8bdxjz4y13k926mgavksyf891nmjsnmyc212f8h2yysqyemw1m6vd8tpyp8bhsmzzksqrw16fjb0jcg0wpf6549k6h52xc4pv600hszn9zny783wfz31b0809g0kcxbsehcm3pcnj3djr658e5hfn11df9jbg8fprbrdxvd6k6treenmytzp1c0kedmkmx88b21h99r9hgwgj2z9v8cmwj97hmd277tt41w9rfq5amqx6vk99weynj1f54kqkykeh29f0fh0j4jx3zqs5sqdtx4fmvbwg2fs051wf9jrw1699h5zagexptqf3gfx5zjgee5831g1z3j5nqc5a0skevr49d6jqp7av9nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%26client%3Dca-pub-9176521898341909%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 565096
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3oVRyx2%2FZR7BWKeOipLf8oiWYS9H6rdSTeGxv8iUFdvl553AKxHTGniz7MfjcH2u9Wwgmr1h0PnTqZpELBcu4JJt0Rf4N%2BsCGvbkLFtCGOcjzR9bh3eVviCgarNapuJLk4wOz5bMOA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe8d1019fc8bac9-MXP
expires: Wed, 30 Aug 2023 01:11:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 52A2 25 KB
10 KB 34ms
28ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jj066m7fc2xy94am6pxhkqfds92yzbq64z259c2pkfsj0bxm41d95vtv7y8qtq34qdhejemggr7ecgcfengs8n8b66pc15aqpg44w8bdxjz4y13k926mgavksyf891nmjsnmyc212f8h2yysqyemw1m6vd8tpyp8bhsmzzksqrw16fjb0jcg0wpf6549k6h52xc4pv600hszn9zny783wfz31b0809g0kcxbsehcm3pcnj3djr658e5hfn11df9jbg8fprbrdxvd6k6treenmytzp1c0kedmkmx88b21h99r9hgwgj2z9v8cmwj97hmd277tt41w9rfq5amqx6vk99weynj1f54kqkykeh29f0fh0j4jx3zqs5sqdtx4fmvbwg2fs051wf9jrw1699h5zagexptqf3gfx5zjgee5831g1z3j5nqc5a0skevr49d6jqp7av9nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%26client%3Dca-pub-9176521898341909%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27656
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=982LUrdWdnrIZY3hP39izaWPKCHvidUrOrS5JXm8qL2qEvdmMKDS7wt9C5KeLWgy4YvEx0DLbZ7NlKkwWA%2ByVL86wplpdevIaEe%2F9zQbD85sLLLgo9%2BtQgawyEAVG0RYCrTHdN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe8d1019fd4bac9-MXP
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6E66 35 B
463 B 90ms
21ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF4sEaBeUH1FZr0dGqiiplc&google_cver=1&google_push=AXcoOmRlQfQrY-PJommBy2bPDq3ABeXqX-eFSWzLHW2o88ODhyFhCiPd9qW3QFP7L14t3iBtPPHSvDm6_rfHkeYAXDuv-mX0a_HSIg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E66
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_cver=1&google_push=AXcoOmS_f8b9UYPuMlHfuwGgFHvwlplnB9vOR1VALJh2CE7n21ukOFS...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=67f226b9e1fd182f&is_secure=true&networkId=14000&version=1&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_cver=1&google_push=AXcoOmS_f8b9...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH7sG39dI2_gMiU2mWAAAAAAA&expiration=1693440686&google_cver=1&is_secure=true&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH7sG39dI2_gMiU2mWAAAAAAA&expiration=1693440686&google_cver=1&is_secure=true&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_push=AXcoOmS_f8b9UYPuMlHfuwGgFHvwlplnB9vOR1VALJh2CE7n21ukOFSQyjvBHRkVAOi4nZ7z8KHXfqWs4vxks7vM8T75hJ6GGWtNbss

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH7sG39dI2_gMiU2mWAAAAAAA&expiration=1693440686&google_cver=1&is_secure=true&google_gid=CAESEPD3zvBZEKQnj27Z9n2p9ck&google_push=AXcoOmS_f8b9UYPuMlHfuwGgFHvwlplnB9vOR1VALJh2CE7n21ukOFSQyjvBHRkVAOi4nZ7z8KHXfqWs4vxks7vM8T75hJ6GGWtNbss
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E66
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKJfumBfjFlzhlqjRpzlkP0&google_cver=1&google_push=AXcoOmT2SWYB8QWfemy_zX2QOp4TJSH879yd7Iv0Wk1lxi1cBdREIKbpzNBkwPXcBZl0iK7fh0lcA2et8S6JjDtk...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmT2SWYB8QWfemy_zX2QOp4TJSH879yd7Iv0Wk1lxi1cBdREIKbpzNBkwPXcBZl0iK7fh0lcA2et8S6JjDtkwFZZNunKRrGbMg

170 B
329 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmT2SWYB8QWfemy_zX2QOp4TJSH879yd7Iv0Wk1lxi1cBdREIKbpzNBkwPXcBZl0iK7fh0lcA2et8S6JjDtkwFZZNunKRrGbMg

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 30 Aug 2023 00:11:26 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x12 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmT2SWYB8QWfemy_zX2QOp4TJSH879yd7Iv0Wk1lxi1cBdREIKbpzNBkwPXcBZl0iK7fh0lcA2et8S6JjDtkwFZZNunKRrGbMg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 30 Aug 2023 00:11:25 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6E66
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJiVkvmqGZbSmwPdAlnAcZU&google_cver=1&google_push=AXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zs...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJiVkvmqGZbSmwPdAlnAcZU&google_cver=1&google_push=AXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2...

43 B
397 B

186ms
185ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJiVkvmqGZbSmwPdAlnAcZU&google_cver=1&google_push=AXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fe8d1032c2423c7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2849
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJiVkvmqGZbSmwPdAlnAcZU&google_cver=1&google_push=AXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT2Tpiy9W6z7EqtXg4VxGdrvGJVPN90k53O_II4Y22PHK7YIAyQpbaZa6VJcNPi2PW984keAmcM2jTYHx3A4xYMdbpK2c2zsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fe8d101eb5023c7-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6E66
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJZprRQzhb_lSXDf2-9G77s&google_cver=1&google_push=AXcoOmQbRuW5KHyygtd4X_f7OnXnjVT2jnT54FN3e3c2_fO4_xifZR1mVJyMqPZyCI1T_5htQaiblc2_U0HsvRWI...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YV2ma56bReim8R0tVW9zgA2&google_push=AXcoOmQbRuW5KHyygtd4X_f7OnXnjVT2jnT54FN3e3c2_fO4_xifZR1mVJyMqPZyCI1T_5htQaiblc2_U0HsvRWI7LFL2Y-E-nAHJ_w

170 B
232 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YV2ma56bReim8R0tVW9zgA2&google_push=AXcoOmQbRuW5KHyygtd4X_f7OnXnjVT2jnT54FN3e3c2_fO4_xifZR1mVJyMqPZyCI1T_5htQaiblc2_U0HsvRWI7LFL2Y-E-nAHJ_w

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 30 Aug 2023 00:11:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=YV2ma56bReim8R0tVW9zgA2&google_push=AXcoOmQbRuW5KHyygtd4X_f7OnXnjVT2jnT54FN3e3c2_fO4_xifZR1mVJyMqPZyCI1T_5htQaiblc2_U0HsvRWI7LFL2Y-E-nAHJ_w
x-host: tde-deliveryengine-production-684d5dc7fc-c2949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6E66 43 B
362 B 123ms
39ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRRf0KQWp7PSXUOtYJ7E6Tjd7QMKxEYSHdjNeVKnJyzCyLKPqVRfM2PmqSBHCQc_4GoPlusT-0LirHPfM3qHi5hso3NXYuHILQ&google_gid=CAESEPPRPubWVPA5JTRalMymzQw&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 233948
expires: Wed, 30 Aug 2023 00:00:00 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame 6E66 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6E66 0
139 B 86ms
32ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaxjgCG32ZmpglqrlliAfolwwArzqkbrMz5az91CRPQIlSjPmFEItRVE_gtV3X-OpGf3nYPg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame ABD3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ca1d7beb3fa520f5bbca05d24008e905923cd91a6c88c5c98069e8e1da872f0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 18C4 23 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 64399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:18:07 GMT
expires: Wed, 28 Aug 2024 06:18:07 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8BD5 23 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 64399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 06:18:07 GMT
expires: Wed, 28 Aug 2024 06:18:07 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DBD9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20e7d77d34502a37cffd2389357474f8a3d079178bf4ad297b975312abed9e2b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DDA 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/t3y2yma71dwo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:55:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B7A 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfc0bLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwGqBOQBT9CwRH8thJRx-yIlVBjkmg8e1FEcUwvPRY0M3EtvuWImMtgBWeMxoMMHkbn-0-GJrEZ6OMIgAWXU2JSHfgmI9L-i4oc7MG9loGpdnfCQe2_siaWavwwvFM6oa5sLUfsHE9J9dZK4TYdSEXzf9o2T_P0ozF4R2_88o51RlvZHOa7_KZb5WpN9-d7AFsCL7Zp8hmKr_mc90Ib5i-ZxPUkRR3ysYiXdUE__n-ambn6SulXSY4ft-mtVZtSV0VF9-R37X0ABbDz2v1Tf0VKZqaUSEG-g9K1cO-hWlwLZO5CUx-8euGU-wASoysSftgTgBAOIBeuwyvdLkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeCtdraBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcJEJ1WGILolPQB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbATka_DFMgTpbWl4wPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItOTE3NjUyMTg5ODM0MTkwORgA6BcF&sigh=2vME-tob8mQ&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
Attribution-Reporting-Eligible: event-source
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6EFB 3 KB
3 KB 83ms
33ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232
x-guploader-uploadid: ADPycdvYW5jQ5_kCXAplmMxE3p8pfCwsniZJelO2MsOjvyMLsYPKpiaWgPblPG13BiEm42E7gLAazydimOPVTnAplTeZBg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9kk%2BRTZ%2FJXjMTl9FJvBSDQkkBDmZGypW6790LXsLiMVpZ4HTTSd0ih9VuXbMYK5aDOehYdgk%2B6e9OWd7q4mMadSuZWJ4OXm%2BvdfMUwXc4j3rNM11eWkru4hyMu%2FFxCthXTu5UaNa0JkYD450j8NvZQ2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe8d1036c060e42-MXP
expires: Wed, 30 Aug 2023 01:07:34 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 52A2 3 KB
4 KB 80ms
30ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232
x-guploader-uploadid: ADPycdvYW5jQ5_kCXAplmMxE3p8pfCwsniZJelO2MsOjvyMLsYPKpiaWgPblPG13BiEm42E7gLAazydimOPVTnAplTeZBg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFrDvhTaYQFQfCN22GYCCqvnlvfCFuhDZpukxyN%2Fghb0CV9PZNxRGsEYgXzImd08o96W%2FjHUHWpRuVhxm9mPiT%2FBx%2FJRqa9XowxufiFmv2Tb4WALb35ts4%2FOvzrVFBOTV1A1a5lZ265rSglYjn602SuE"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe8d1036c070e42-MXP
expires: Wed, 30 Aug 2023 01:07:34 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 18C4 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:26:16 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BD5 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:26:16 GMT

GET
H3 206 file.mp4
r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E588 816 KB
816 KB 31ms
15ms Media
video/mp4 2a00:1450:400a:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2FBF341D5FF2E52C6E331CFBCA6670B47AD20EE7.4ED6CB578396B9FE795D7F1EC4AD19C09E27C5D7/key/cms1/cms_redirect/yes/mh/gL/mip/2a00:bd80:a929:0:38e::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1693353791/mv/u/mvi/2/pl/37/file/file.mp4

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:8::7 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0249999410c061ba68ab7d0bd34c304b3401ec7a6ab06d4a509af1c7c2bd7d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 30 Aug 2023 00:11:26 GMT
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-835904/835905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 835905
last-modified: Tue, 22 Aug 2023 11:12:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r2---sn-1gieen7e.c.2mdn.net/videoplayback/id/825514015415bd04/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724890286/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8B7A 816 KB
816 KB 30ms
15ms Media
video/mp4 2a00:1450:400a:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:8::7 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0249999410c061ba68ab7d0bd34c304b3401ec7a6ab06d4a509af1c7c2bd7d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 30 Aug 2023 00:11:26 GMT
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-835904/835905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 835905
last-modified: Tue, 22 Aug 2023 11:12:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1E09 2 KB
1 KB 32ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1450893
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe8d1032d38375d-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ru0bGGkbxHHV4%2BIcrV99BH5lsHAA5vyfsGo3cE89hFBsiXzGRDzvny6bFNCo%2F89%2BXQFvqxu1ztU31cUeOWZ0TeJtalwULpIANsZKMFK2rdHjB2IlyYlzikOAwOYJPhKG6pAqf80%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 654B 2 KB
1 KB 27ms
27ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1450893
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe8d1032d39375d-MXP
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUnqFDMTEKDVCc9NgNlkGc0309Y9wkjz415Q7kxnAAxd7q%2FuDvQ%2BC90E0RTDn1JSZZMxzTL4nvry8duoV6NxtptzB1eCVqoppWqXp0ZN1l%2BrJNNDXtkoDpZ4tGFWvPwnaJUYvG8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABD3 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHtc4LYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLYBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZM8u3ce9EvuQY2f-S3y2a5PsbjJWUSSsOQw6ezkRToxgsJ7wpsVzyABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTE3NjUyMTg5ODM0MTkwORgA&sigh=nDVLWvrUiEg&uach_m=[UACH]&cid=CAQSOwBpAlJW-O2eEfms8ffujzAboG9sFWtfMauGW-WMczmde2oikmh8sefT3wBstVsSOnBsvMxf2pHN4G3XGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame ABD3 0
103 B 76ms
29ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kg98jxazcs931vwp0tn5e9k33met5k503sxydzrgjen40t3w9x00aqffk9kgr8rxhh7b8jwc58hkmz5eqc5vkrg1vp0xkjnkeb0vjjhw1469f56yj6nm6bn3n9s58ky6yba5j2vvrmy9tg9enqc12jdehhe970p5fy5k8g87j3jym054w73k3a9dekp8sbhcd5wrbkjdvh97m7v21670be4sktjp13n1gwwapvqsajm79zmghbyj62b8j1f4skhxfgcfycw2fm9pa328602tvr3j9srxdggdy09xmda8h2ceetk9qag42f9ap1sab5f303a4shw80d00pnhm867h3yfddnb16y2363w7kt8d7h1wkhht7ff8eakdeb7xzx3xfjpvbzph2tmfben&b=ZO6JLQAOSXsKwlneAAQ9TNE5FgmiBz6dbzyiYg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=-M&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0TmpUW8MeN&p=https%3A//www.babup.com&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 00:11:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DBD9 0
19 B 66ms
65ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeiC8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLYBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjwHnsFHFJ5ZUqrEuFfYbM9IraQ1SxjCdFVJfYZPMtVyr1gnm8VgOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTE3NjUyMTg5ODM0MTkwORgA&sigh=61LRxR2ku6c&uach_m=[UACH]&cid=CAQSOwBpAlJWbWnZX_jEdc7Z8m9tDdjGfMpD_HdOsIjmtKGikcoCXypjMG43JxEHScG4HNtDCrlRH9FWVaYlGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame DBD9 0
39 B 75ms
29ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gpbh7nkhjbk3x884j86tb7pph3z81xkkd2b0fs2gt0kh6s461s3qrz1da5617cg0taksg5w3v7ddz43r64kcvk92nsw5e2wa5pwrx5w6f6pgrfhdr50e23qj2qk9nkp8kd85cqvc5pc7kmczxmex2ee5rdn8k7k724k2tsrxv5g0bm807xtfy0z0skhmq8tar00knpbm5bnt3wmkc9xd79bdjjs5x0t086r0xkjxg44qfka6bnafxscjm3th0ardmjad1myma8qsjwzkv3yaghe6q1zz6dvyc0g60a2ernx7rphdp30yqfpvmjsezgnq1jmk0hm6x5acyv5btnjb9srgyn3xmc3vqvk4nejmz9fzf12tqdk4dd4b3b7ssk8epf94636zv3xz46r&b=ZO6JLQAOVAcKwlVCAAxFWnA3bl4CSXoeXS2Y_w&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=90&adk=859397159&adf=3794997217&pi=t.aa~a.2946496055~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&to=qs&pwprc=6385710038&format=1140x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285892&bpp=1&bdt=774&idt=0&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D041bf4788dea34d0-227a763e5fde0092%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg&gpic=UID%3D00000c6b6787d3b2%3AT%3D1693354285%3ART%3D1693354285%3AS%3DALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GdXKTXMjFv&p=https%3A//www.babup.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Aug 2023 00:11:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame 8B7A 42 B
401 B 123ms
58ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693354286751;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8B7A 42 B
64 B 62ms
61ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=lWVuEjdtpPc&label=part2viewed&ad_mt=20&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693354286751

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8B7A 0
65 B 135ms
67ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyBOfhlXR8hKeLKgIBRA_yEXtCjVaVR-zeemIZAus0JUkyuz0O31wDa-4CqpFAT7cyI5m-1n_SwnxiIfeg0IxtmR0R-xi9INlGGV5ZpO2uuOtVoIep_68vpUYIIqZRlh7QtOZeSk2R9pAJsttCrfxfdMHwAmVanb2BJpoS6fzpRoaBgB58nDxhp8XZpPMzlhMJTXq10HiXf0beYPaR4spYJDi8EJHNreNOX1jU_Ob7-ahKj8v5BwiQt2oaOZcV0jjOPc42eIcy4epHFZq7ksdIM5oqz7JAEz-htG2R9EpiSqFfFpGCvM69vaSFa86hQtbbTBu9kuSJtpZ__ydQEi0b_lR7a7_1BBc3QnC1OfjIpZwzdblUPLyKS0cp-7gqM5jqowkO4NA5mHW8mQHfRNRR7BeyPZAWhit6uJkgu7HW2J2FvQR5RenXbh929cMaHhCj6ldW46EaxgER9qp-nIjSgZ67iYn7v1dwEKWWuyWUadtAOgUFZ4Q2ofx5lGydCQC3PJAvHqkhAaLjc-WWz5aYzrm00nUNvWJR1ltH0hqnCEd8SHMiPjxWc7fPyMzQCwzE_hpywpYNvwQoKvDYbc0I8rxcgiLKm6qv2zoLRR_gJC3Go80wx7C-vsnBTD58HS0-_i4eSZ8Blmxj1MNTr-t9ss_27IjKSaMfoyWJL2UkE2ofCB7HvWU4yaD8ANliltlURcSIjIKTyxh_qXGHQhpQqMwG3dw_vgpVPpbx0q0QhTx9_0d3wcGl9iSS6bY6Xi3RXyL4C_WLNwUYa6b1p-A3eW0GoyDKsEt1x1aV8uKfPo8Rwuioid_g2THMr-dBjT01Gg1dBkNacsjoX4AY925wpbLIel1dj8QpvAb_miKnay8pY_ZLyPvYPX-W-b0QgP_UF3Jz5tCZqJyMGU-1waLNcXytD8zsbr9VQ6TdHo5xLGOYlg5QY-YjNUMpV-0IOUdCyfsb1TcCCFa77T-_-JCLWWX7BUZ8t7_c3tbHqhvesCGooG2Px6WVj8Pd_gw8AhKMrqTsCQs7I0WgAgLqXq_Pj-Dmc2fk1I5txmq2eLnAIjuEaw6ssKvX0tb4FRcCV0AFj-BnmORMyXxPLEYaYDnfju7IUdmD4kMDRe7XMt7b3MP6mzjlx0BlXNWKFk4WJjaPLkkX&sai=AMfl-YSTuMxrtHnZYS-QQtZYfZrNUuhare6MgiH1oacGyascAH-h1-7GaE-Z73667L_TaVFWUX8GG6D5kh9Z55DH2Gg5zzvEqgeJ1gY4hfXg47I98SwNpsO5Dfcex6MpNMjGxP1X5xn4PGR1qnDe17d71lrTNPRwBB1NRC154DfnS3ZE8_Q0-7A&sig=Cg0ArKJSzIVGEuxZu6mvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 8B7A
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTTzIQFEML93okFGILolPQBIAEwAQ&v=APEucNUz-FRI_PX5_JIGoYtpO2vZHUFjMx71NewypPUyOmvchaNJzSQbjdqEuduIkhtXUYJRmWnf6gJDvAj0ukqfgI5P-ltFLQ
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMAR...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=MjUwMjYyNTUxMzQyMjQ5ODY2OA==
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEe3F3x-voS_YT3DntiGoY&google_cver=1

43 B
416 B

35ms
35ms

Image
image/gif

185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEe3F3x-voS_YT3DntiGoY&google_cver=1
Protocol: HTTP/1.1
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAEe3F3x-voS_YT3DntiGoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 55ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8B7A 42 B
64 B 59ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtFy0-IaRS7LD1IirohyqN6sC9g7RSY6z1jl02NpLf-sKlkwqSQrbj-jgH8_Pns9M0MlpfD25UndwX9oUIB81nEAAy7EKbfgUdAoRbhTa4nwTM118pimzFR7r-lA7YcV8&sai=AMfl-YTT9olWNGDrsQu0L6ISJG2W8ylVnvFHLC6hFXM95jzsoWLBdhoIE5Nbxnb81mR6zegKpMyyQ7SfVol6&sig=Cg0ArKJSzLvUgLgYFCvuEAE&cid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D19%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693354286751&avm=1

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8B7A 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=lWVuEjdtpPc&label=vast_creativeview&ad_mt=20&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D19%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1693354286751

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8B7A 0
17 B 28ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~llwzf5if&c=2024211327092&slotId=1012105663546&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&dm=5000&ple=1&umsem=0&event_name=first_play&asset_bytes=194409&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.yx~ff.z8~videopreviewstarted.z9
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E588 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMImrnRpYyDgQMVkE8dCR2JfAyaEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCPzTq6WMg4EDFbBfwgodVykLXA;dc_rmcid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame E588 42 B
107 B 117ms
59ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImrnRpYyDgQMVkE8dCR2JfAyaEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCPzTq6WMg4EDFbBfwgodVykLXA;dc_rmcid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693354286763;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E588 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=w_QN382ePsc&label=part2viewed&ad_mt=15&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693354286763

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E588 0
557 B 129ms
67ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucilU3dlslV3QiddEW38F4OUzF2_4MUKQ1CSO4ppeHJ3sr9qJk0i2F47waSUr_e-_J5r-u17CYEnU97VurYejOFPh6bO0xvf0jqkohHPCaivKxG2V4cFe92pjfanKUzI5uauV8fpkUyu2uiuU7YHlo-WOw3viBCC05lY6mqfd3esFnKY93_pC8Pgx4Xtr5I6Qfeg2jBwALZEKQsEmkuAGbgV_xeNRQgrm-7NNtKmBHS1ZpmP0WjG_4XHKFCwHx6pBpcnVt6Ey1p1rebxb47mydHYq-Z4jHAz14e-TBPd_IytSO_W4v_Maves-vAHXurU8xg4fRF4T7DzcB34Jm6-Qq4zlbS8rymRPDB8-ja1itXsY_PMHmtbs3NThuC1Zjisrnmavit2XDM3o7DM3cQF671N-jPO4weCN18I-tccU7KaXs6ZO1AIs9IEROsx4q_yxFSNOB61yheLYWSeRA0zEqwRJCE7cMWMtFPfqGgchl0NDnzU9V1e-_TkrYndxo40ddimRJHJzzz8fqXxzcufCpDff_IHCwIaUttAanzxNdYrnYfVd04zn3SXxTgXAp4uox7yhTiLGHrxqaMgD0nY-oROAWKrX9IglXmkFXZVM7U7C9nyLvwrW_bfuoLlbQWNTp3_x518bB6gbB3nyFFc7QrVA8XULJ-pyxhkJiMLj9oA0QPiAvoQihLYjG0YhhMudNYN8RD4DQOjOCI47eoFEPySraNG-3UGByYWYG9bQ_FpaQFKIIIlivdu7443CjGE5oT19rtiErJjsRe7nzGKzXW67c6mxq3r1nEqOx2NHqb_PvyQy3o4ObSH-LHcKtIzxLv5tljsMj8tbCkBX5yt2clXmcGBfM8ePkI8sE6KtX15lKfFm0kqqdWm5_xQrtN2SF--E7m5GBm1Z76V-6ZGSI2o3cGqsucnhl-NCJJlui6cZMAOv9sZReHojbfHT5Y_h028MtSP7AH3nNnvO3hWqhVAoqLOw5WF8J36noIbXHThy414g1dqS1nda7VYq3-Ikv2tiXBdmf_MyeHaBHR8hF9pmQlu48quOTFeGBUjWqAD-4L54bLmrDrsAS8VSF8F0EWHNavvBZGLjpkm8VXXJxEsQJDo2Frm9v3h6vrurknKZtkP-nZFWBJO6yJy4YNAM50apE&sai=AMfl-YTmR5NBFTTZW1GYjcttHcJ4rX1inbYN5U-KGFmV5EjqLkSpy7DGDEA_Vk1m04iMrJ6ceVeK22YASajXgVBKj21eC1dZEJK9fJwNXpDR-chZRC_SXex1Fzqi7AF0NToTatnZFasjT5paJsVI9H2gO0eAFJjds8T0iWKmoiqaftMfZuWCZUU&sig=Cg0ArKJSzLtOPCflKwiaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame E588 0
16 B 34ms
33ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLTTzIQFEML93okFGILolPQBIAEwAQ&v=APEucNWDg9I7jJMenqquWnpwXKS2DZLuVUGxEQrhFUtV0xhQZuub337S_ODK6BiI2a1eoYhJaI-iSIMXBoA9JYiVHyUkZYNZ5Q

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E588 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvBQcsSNmpFOEtanHEHRVDmkMu1tUQOsUziBW8LkaJIs4PhLyADJJglpmuWQg6gZ-LaVcvDAF8gD0WYa2xg3u-3KIwwz6ZSJHi4XngLSzm-hkLa7Zed8ebC9rcUL-4cOQ&sai=AMfl-YRAmGCa6ncBNh2t7vFL3AUADgLMKUKGeuvTnfImjMnSGHhT-C01VlGmILoK7jKxYwZmd_g8lF5kug0t&sig=Cg0ArKJSzAVvKUhctUjvEAE&cid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693354286763&avm=1

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E588 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=w_QN382ePsc&label=vast_creativeview&ad_mt=15&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D5610%26vmtime%3D15%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1693354286763

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame E588 0
17 B 27ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~llwzf5iq&c=5448016272034&slotId=2724008136017&qqid=CPzTq6WMg4EDFbBfwgodVykLXA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&dm=5000&ple=1&umsem=0&event_name=first_play&asset_bytes=194496&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.zg~ff.zk~videopreviewstarted.zl
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 38ms
37ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7658e1bbe6b728582c3d2d8daa908309c6ddedf3d29ef69c3eb3bd921a587e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11645
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 75ms
53ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe8d104cd8ebad9-MXP
content-length: 24
content-type: text/plain
date: Wed, 30 Aug 2023 00:11:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SzaoXWh1bJcM%2FtYEx3vComT07kuKFUUzKUWN%2B78Rr9gm%2Ft1PeCW0%2B89dtiT%2FXEseKUVaMyD7Ouhmj%2FubZeyVvzasI2POjAdCoc17MogOh6pFobVsnCzpD9CyGpLBQVEE%2FgozGc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b4lk

POST
H3 200 rs Show response
ad4m.at/ Frame 52A2 1 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469f96205ef0665e6044f3331a2e36deb8eee539b9157da9619cc9fb95fc36d9

Request headers

Referer
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYEUJQ5YO2%2BIYLH58pCeQaMoMXAXrJ3G%2FkT8Tk6R%2FwL0z2W9tNLDLme3cUi7I3g0vWR%2BGCOgP%2B0elK5xJndwQKgz5U%2FFok9sCKkQRRsUBw07pE%2Bjz1hftLT%2FeS7YpU21jxlRPwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe8d1052db5bad9-MXP
x-backend-server: aa-reachservice-group-europe-west1-5ggx
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 71ms
50ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe8d104cd8fbad9-MXP
content-length: 24
content-type: text/plain
date: Wed, 30 Aug 2023 00:11:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ5J607RJYedaYK37OIpZ1dsqaMIJc3v0C%2FrQEKqU3p77JRhvvqQ5crc%2B3rX9tifI28L2CVng%2FmuS%2B8zjApPWD9KaIT6ND3y1RFqCourl3uEYGIjpva6%2BS32wxQpX3OsQ4D2fTE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5ggx

POST
H3 200 rs Show response
ad4m.at/ Frame 6EFB 1 KB
2 KB 54ms
54ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7b7c64b288eee54b8c78466bdbae2ec9da8a48cece88aea0c99d34b15cf6c4

Request headers

Referer
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BYxKFcXPuGqXgNJv2qpwR53LM4e4zWoo2hvxfwOsWJ90q%2FR%2B8iYiuxHUrs9HP0z34J9bynT%2FKtEGKhpITPo%2BpS0UJGPEia4iG8XHwsQhjTWj15z0GblvXCIAx7%2BKV6udaFkwkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe8d1051dafbad9-MXP
x-backend-server: aa-reachservice-group-europe-west1-5ggx
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 00:11:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18C4 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bw-EULonuZL7yCLrInsEPv-GskAwAAAAAOAHgBAI&bg=!sLOls_zNAAYkVgHwBFY7ADQBe5WfOCotlA2GpW1VV7PEKEjyM5kHNkPxWCm45dYQlVSIAFSqIv7CkreLs4QST-k1fWuGAgAAAN1SAAAACGgBBwoAh0PXkKs3LZ7cWvWAzVKrTEJSuDgWXE9KpsqsNvTUztzwCY7wOuKW3H4T013Cg5pGaCW1cewcFg4_o-jCvJ4qTiyqVcUT-lTTQ627QoUgOsRwg-RRRTMxC74CVLKlOKXtnH39JFwff3MJ-RjKzAr6prk-2z293PqMgDRytm_bwT8S4cOO-KZWR5kC9NqxNhKewr80mYj7SrlYSCWxBW_etERUIsK1jXrAZZR5QQGnU9uHELgqBu70NFIGVM-H8faHZQcDg6V-0-ObFXMjh57Oe7VqwlG08T6o4hmZOwrpA7iSFzbdvjGxhrsEkO6l2IK-N5OwlrVN53lYtW0qEhKfn5-aw8rSZFPU9_xE9K-zAvG4g7Lg_So41CS4WmYQ6j0H9hjheKj4rbQhMtF7CWn36bCD_tmGiPpgyaKNF6lP24M6JyeZJoCFI7VWH3VYhOdeWFzNqecKKriWIcqGd_F1LpBdMgSk6FUDRHv7TrVKBAzBHOZKB3PyNrKNDGieMo7oSWnkTRNK0DMFP-cm4Mxvm2msl77-xVXxbriIP2yT5dcVXwA7ZB3edv7MqJfwZ8aEBgs9T8HKUGR66vi4sMgy_D7u7SoEXMV0GNfxs0BeaeU_kpS0Qm8wmXoq65YHkO3OuQIpKfAMDPHwutAjWxnfw0aHAFNCZesu_NTo8eN4rjKyY1n8IpPPSfD57IY7hPhJ1u1aDqBFTwJOF7FkJLNmRG0-ldFzigCpYozNbvoDjzjZDNy_biV-NyQwQfUzG1s4KB70PtP9f9pEIAPZV3kK-EpfeVSqYgv83NDIzUtRTa8u3fh8GCujklVzwEoFy8kVPnxRerv0TT8TWPIR2Fx4gsaMaGA5b9sb2OrWqkQs_J0BUAY5W1u84hYMn6K46uPG6fF8c7m0_OkNsc76X96e7q2RL7bfUVVgRMOPojdsI68Vh3rrmFZbfA3zkDEXhU1NGFTmh2yeatO7W8kCyiAzDKhdXGqIijXd46SpbDxndJlU_MMtZuHylM9jC6GZP0jIQjwxjGsGe28gRw8ivJKdhFhSrCTcKDNTMQyMVYFmm-kKbRCo73UJ_Q_Ia3EdCoqFms2jgTqVfVbYNNKaqzrokWH9mjT0hfaM8dVwagtJxuhScK0KilRcv4AMJptkTpTCTvAUGLR0XLJ9mNJzOZL0G4L5emUp9iWj3I71ziBSZg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0970 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 8561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5311 829 B
994 B 32ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecf19dea0f9bc0fa6790badd009310b9bb26082c64b85080c656cc805bd5d321

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nm07cEZdHxb7j23D5Of3OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-nm07cEZdHxb7j23D5Of3OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: Wed, 30 Aug 2023 00:11:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BD5 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BmP4YLonuZJrqCJCf9fgPifmx0AkAAAAAOAHgBAI&bg=!qaqlquXNAAYkVgHwBFY7ADQBe5WfODsyMznlMHhlqld-G8BJF3ljobqyozZ_lLY3LJR1IvGA2jgqYt-zoDTVdY7ZLBimAgAAANBSAAAABWgBB5kC72oKYcVyIEdrGewqJdTP1oKS0II_MMnSqaIf03ILKUgAsso44f8CIdvESMGOM0yTPGJbx__tg4Pyjoi-ouDArp5T-ttrg9uCTdpdBr4zLuw-kJ2pCaRMeRrJMRf6TpU6E-zYqVToF29C3WZII8q2imoc64sH8Y3R05xpFzihPcfpQOb-PF6QlCEqcoD0J15TOswdJC9R6Icmb9EDrGn-QEGaxh0f_tc64Gz3JTwqud4Xp2pyAjFttc9wbnI8ixIf-QZ_ckcNqAAq-tIjNq4s_hrl6Y1tsH5uS0024YFhSnn1OaJ1wfmodVHcnZk2s-_TU-qDhaFp0i5_3BC3ie08hWFQX33B5dLYWVNzpqUsLEr2yK7CGwDUV_cJ45NOdWzd6X1Y7xLjLYoJ4o74ZcLnlpD5F8H2gilQjfuTpMbCFz1ZUp32RwIemM_-URY0kqVwoXASOey6wX8NuUafsXji9O6iNdxT4LtArIsEGE8-AYNOufr9G6R7Y6pL5Yi17z0I8qTjoE7JkRGLMZ0sH2pInBfkdXm9YrmO-jk7ZAVstS3FDYKejcR9cHyGP7EZz_so15m5Z1JO6s7d85CgKNAlWRr5RW838I1CQKa2JoRBui2x7MhVKTSIa3x1ce_I7kURloXaOujsrCOEA-ECa_pcZv7TZb7Bcz5mX0Cd6fK2PFrtfs03dsbUwQ8PHuWkp3dWPs1kkqPLmHx_SU7O7OK0BQ7E3WlI227MnkxEdnDoxmG9-URn9DkNU4MVTLntFI9KCJtlG0HjoW--OAmDGpdUfP4r1MG452fgoaB6V5RtJNlywaeK_jUMDG7BnR7qOsQD8rlWtIAvV3ks8bD1AWRp1tTbFUcdCkSPFVLeoTDeM7IWzrvvZH49SDbX9BBKMXC7ItRtY47F8Qya5oS_S0RtL8Fbtbe4eGmqRwY-xQSyXrZLsx_SfeCnfV1m7hPHi42SWiX7Y_vJkqmd05QXL_Yi1D_gyhRgvQ0gW9h_arHFJTE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9CE8 11 KB
5 KB 47ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a44c7abe21f0c75b5b7de8a7ab235f795a083fab8f6191eea1eedf5e0109175

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jj066m7fc2xy94am6pxhkqfds92yzbq64z259c2pkfsj0bxm41d95vtv7y8qtq34qdhejemggr7ecgcfengs8n8b66pc15aqpg44w8bdxjz4y13k926mgavksyf891nmjsnmyc212f8h2yysqyemw1m6vd8tpyp8bhsmzzksqrw16fjb0jcg0wpf6549k6h52xc4pv600hszn9zny783wfz31b0809g0kcxbsehcm3pcnj3djr658e5hfn11df9jbg8fprbrdxvd6k6treenmytzp1c0kedmkmx88b21h99r9hgwgj2z9v8cmwj97hmd277tt41w9rfq5amqx6vk99weynj1f54kqkykeh29f0fh0j4jx3zqs5sqdtx4fmvbwg2fs051wf9jrw1699h5zagexptqf3gfx5zjgee5831g1z3j5nqc5a0skevr49d6jqp7av9nr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%26client%3Dca-pub-9176521898341909%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe8d1057de5375d-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 88F6 11 KB
5 KB 49ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbeccdf1d902dca9f931c9370112f7d81bf941b113763e6a8b42412034916c23

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jj8h1p42txgk2rnmdxz98ecy1xqw7c1m2avdazaagn8wtwe2wchrepg22pfc9mg9pcs6wn6x6zah6wqq3f617r0gw5821mjq2sg30sq56c8nhsnfqf88x9zym32hevgy0ks15t9q3m8yd53azntbx8fp0rsj4hhkhqdsazpgyeb4yc50yqp3wmtxrb7brnbcfa5b2cr556bx6tqdpn2215e1dkgz0jta6ksg8ky1tbgs7gcyvhkmwrwhram4r188611pacqa10cckt4qjysjtqr6vdnm08rbgrz5m42exf2v42hsp5jdmx6fqr6kfdczc45kydbcfrc4wvex8gvxr7yfjwck7fvy6cm2k401n0p9tp5y07g678r39raw33b6rz9xvpj6sxarx8ww8syga25kxbevj68h5vv19eb1yg011rt73x3yz7dx7k7dgatvz8ejqkg7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%26client%3Dca-pub-9176521898341909%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe8d1057de6375d-MXP
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 00:11:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0970 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 19:55:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5311 0
0 53ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=23192661987762&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 9CE8 114 KB
14 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 565097
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG6neZ%2BaTIZGuJMPCDMgMNQjkB0qgzW6yr6zx4hGwfqD4e7PHzLb7T4rZugofhkCeXgIr2SK4mmL5s2yud5JAILZXeSiN889SuB4tMDy4J0IExDItXhYMF8oxcZvsKT6ET318SpSjak%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe8d105ce0c375d-MXP
expires: Wed, 30 Aug 2023 01:11:27 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 9CE8 6 KB
6 KB 39ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475028
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaC9c0DGQYPs%2Fh6VoG7X%2B1QQKdReab7DGsxDhJxVO9fOB3yt1p87ekys1%2BnouHlmzjqKAhoYFLBMRshvtiZ%2F%2FJUKatGuMzGdeEgggm75PDIv9MedrdaHi0pDTkAUvSFZ4dSlRLQJ%2BdTG7GER"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105d9febac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 9CE8 183 KB
184 KB 34ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475028
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFlOsRvE0euVFrK%2FmN2C0gA8gyTAHAkLUh%2FK41xVYAhd1iO98hciJ2CIcFEn%2FJPOZlTMMmbyHwLMQ3BqZBEXo6H0gwwk1ubUPYh5nsrYnn1FW7gYMDuRY0ig8G4yIZs4NLdWfqCqbPqxsrI%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da02bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9CE8 74 KB
74 KB 51ms
47ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1361060
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VM%2BgVacGavbAoAfl3YKvc0RkLjtMfjWxJ2iqqWyel2vHsUYndRUWItW8UsmpdCOZPh7LbBi41FAN0aLpj74Rb5b2gKflpbfkwknJUGzEkK%2FphfB%2F0hxxqAPTIW8DeBXJywAm4yH6IWGfyQW8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da05bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
assets.ad4m.at/ Frame 9CE8 21 KB
22 KB 33ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1089467
cf-polished: qual=85, origFmt=jpeg, origSize=50645
alt-svc: h3=":443"; ma=86400
content-length: 21720
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 May 2023 07:15:13 GMT
server: cloudflare
etag: "c73080cea7b29464f4dd0b5558645ab6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9EteFm0syRDtB3Il7sO24UmX0DKvkUoAIEFt%2FzfUPI1bdL8%2B5Z8UZWhLVnhnGHvKQAxx5j%2FRpW1WLwzpUHmlcQHU8txItvrroOTAWrnMo9WYrYEBjstERHHQZ8US7SDxb12%2B2no8llMiP%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da04bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9CE8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COaviqaMg4EDFXif_QcdBVQGcw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite...

49 B
1 KB

121ms
49ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 00:11:27 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date: Wed, 30 Aug 2023 00:11:27 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9CE8 54 KB
54 KB 50ms
46ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181850
cf-polished: origSize=62828, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 54937
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCDMjg2lTKzcvGf6FI6Xk%2FiY9gxUJfZpBuSt5OF0yg7xWMGiGAQWp3gBUoP2uIWnCqdd7LYEk%2FCO5Ndm%2FxGTQKDc6mj6ikD9Eu7uXmReO6hIUsw8umJdvS7cP0dyzBqkFyatiO8rjyNDvosp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da07bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9CE8 38 KB
38 KB 31ms
26ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79707
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsr66pQ5gU%2BplpPGzQt4Ae4D1wPj%2BK2hYfWSIV0LArfgLMI2qojZBiZTanc18W9DHOGS3xFTUwGK9PDMnNOAuGqBtKBJXveu10fARtce4nDXTTIJSHHuWAyGjlq8DFg1iwOcF%2F%2F%2FE1M0VdAc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105d9fcbac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9CE8 43 B
702 B 138ms
73ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 00:11:27 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 88F6 114 KB
14 KB 44ms
43ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 565097
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUoWDbi54AzPbw0Oi1bP4ZKfFdL%2BB6GCFvpE4yWG7qO06ZT9M91q%2B8%2BkjiM1zjkrrnKaGVE35RxcJwKE7E0OimBR8Zj%2BlUo20%2FrlXAOrDwgMAOO0n6uPPvquviA%2FBrQceGhL632xGi4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe8d105de11375d-MXP
expires: Wed, 30 Aug 2023 01:11:27 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 88F6 6 KB
6 KB 54ms
47ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475028
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u8HWYeyqCeNCy3ODzR7hjVBmn6JwC6e4EtjSAPBtAjaTN7KAj2WZZ19QLtJCLB47tap%2FMnFD0WzWm6OnVbG9oWpkj1w4MGKB2NIsEXmP7e5CBrgquAW05SxfGHheJK6%2Fw80aUd9ZhmDSg9D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da06bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 88F6 183 KB
184 KB 51ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475028
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BGz13rwzSkvEVmi7ZIbRiJk%2FSc%2FHnjdPFVI9rY4jV1De7eyyRIlmzhO%2Fu8DVZoSSLwGkjM9DKjV65MAAWxRNpXQfZcksfq6fi0A5p%2FXqZ8AA3uj4AjXOAqdsBZJCDmrTocGiZFeQNHh9aoc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105fa1dbac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 88F6 74 KB
74 KB 50ms
46ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1361060
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zX0pnCtqoIyynFwrXKjAsOB5bnPxFLBAdbvzpGLjOrPDX3OuBiIEgAi9u5xXs00yWmkQtICKaHcNE6OysQXsjshVDxdy0FJEH0s9wpANgtrsHERQ65keDjKEA0yV0JaGt95tSKPUEGBG%2BBc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da08bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
assets.ad4m.at/ Frame 88F6 21 KB
22 KB 52ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1089467
cf-polished: qual=85, origFmt=jpeg, origSize=50645
alt-svc: h3=":443"; ma=86400
content-length: 21720
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 May 2023 07:15:13 GMT
server: cloudflare
etag: "c73080cea7b29464f4dd0b5558645ab6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLr0WMoNrcGyLWABDh3ScA8%2B5SST3fIKxTNNfRmt4OFavQrsma27327ZSniObUSVSxMcGeaqpnzx5VuAfc1GE9m%2FuDc2XcQiEQIKoOgdugzrflt0XtOnGOTcH3kGPG2j9G0WRrjBLdrHjIzq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105fa1cbac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 88F6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJKziqaMg4EDFWCR_QcdUVAEoA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite...

49 B
1 KB

111ms
39ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 00:11:27 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023083002112788402970183X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date: Wed, 30 Aug 2023 00:11:27 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 88F6 54 KB
54 KB 51ms
47ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181850
cf-polished: origSize=62828, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 54937
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44iwAO8nzohwjmNedp4RCaK4myqAOVsOPMAPuTpcD2zeI80iM5N76CoQantJ59%2BMutqJSQHmA8lOOrF7xO2mLo4Do0VDj0dVs2qq0UeygUPrx7%2FCCa1gUIjwnbysJevNNCGWVlEzeOZaThrA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da01bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 88F6 38 KB
38 KB 50ms
47ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79707
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCowF%2Bjyf7VAIimlEBLu2U7v7s2iA%2BgpiQWoZENPNJJRLweONUTkhHIixRL3cwqX%2BGxFAju4vrwB2iDZDsfp4whIf71JG3sgdPkg8Blrvwngaztd3YPrcpKqOMsMnPh6ZAcB90K3%2FpZchjOS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8d105da03bac9-MXP
expires: Thu, 31 Aug 2023 00:11:27 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 88F6 43 B
702 B 143ms
78ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 00:11:27 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0970 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TwKnbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9CE8 1 KB
2 KB 170ms
78ms Script
text/html 3.9.22.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g5p2h07mjv13pg9e49vfbyesrxngzqmba6a1f1bjbvcbpbendp0wey97e4ff5yd70mrzrhfy7w211jzsbr71mt84te0ky17gvns5e87a1ap8v5y1v230g4rp0p697hpqk0j2024rxpp7amhzhje66q63cmpwmwz58w3vqb17tamykv2scswdtzrzvtda4vb0ap7z8p43qftr8caethqzn4737c382ypt05166myrjwsxst30sr241f94d1kj9nad0z0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%252526client%25253Dca-pub-9176521898341909%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 026311d38d4e265040c57d8e74d65942576cffeb375724d93c7ea4ac8f187d67

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
last-modified: Wed, 30 Aug 2023 00:11:27 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 30 Aug 2023 00:12:27 GMT

GET
H2 429 link.html
track.webgains.com/ Frame 88F6 0
0 117ms
42ms Script
text/html 3.9.22.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jyt45yex1wgm846844v4k3p3rhm98rnf27qpjv708zbgzk5td1n76jyyk2pswr9tknxr32rxh7y11prc2kgmww2qncnpx0m12ahp76fyb3h1af6xmk6eav2rtzcsrd7dp6p16ekg0sr3rm5kb58gnncasq02vwjeh8f3g4dsnanastqmwvpg4w2h0ffzxx2501qfypyb2aej15jmc1f45hgan2wqhm0nd20j4hrdgfnfqrvxg01p89fxdq1pspgw6g6r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%252526client%25253Dca-pub-9176521898341909%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=a3fc37465ade82f289767687670239a3%2F10382452863401273494&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9CE8 51 KB
18 KB 89ms
23ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g5p2h07mjv13pg9e49vfbyesrxngzqmba6a1f1bjbvcbpbendp0wey97e4ff5yd70mrzrhfy7w211jzsbr71mt84te0ky17gvns5e87a1ap8v5y1v230g4rp0p697hpqk0j2024rxpp7amhzhje66q63cmpwmwz58w3vqb17tamykv2scswdtzrzvtda4vb0ap7z8p43qftr8caethqzn4737c382ypt05166myrjwsxst30sr241f94d1kj9nad0z0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%252526client%25253Dca-pub-9176521898341909%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:40:54 GMT
content-encoding: gzip
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 27034
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: mFuf4s4bhtW37IgCEKdy9W4mggKvihla9tF_M4wFMjVndtkc5utfNw==

GET
H2 200 link.html
track.webgains.com/ Frame 9CE8 90 KB
90 KB 117ms
117ms Image
image/gif 3.9.22.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=3756941
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=4b4e47cf1f72fe3fb970176ed26deb45%2F2039446016566979009&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1693354286922&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gtmxee744y7tdx8q8cegmx9wxjwznbdkn6emp4f8fc48nwgpxzb0s9satv5bw7vsz5ac5b2navvyh5ecwyj2q9mdbwt783pgfazww0kvq9m0zyzn3d0mnafa5vc76xk2cgqx08q4pc90vp4epz4b9pzpf2gwajk75r8sq231z95ckf8e91bzzmvp4cj8rhq1785acpv34fssb7p95p236gkhakn70srmkzbp0xcffs4d933d5cpvavwbdmnfhq66w8gcbnhny3k9f3qnnx6dx7y1w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz_OKLYnuZPuSOd6ziQbM-pCADpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9AeQ0r1LKt9N1iVdutMG3MvkAH3tqPOGW0-w5Q0cLSZGcS1MxCJBzNTzaztLb3Qw9L2SLAKyQqtc2NV4iRAAb_HVXp_pSbFMLtC78phwJcuz4A_aiA_DYNpRDqyiWMAwk9m7OtxXBLFWg7Ixw8HV0sva5gcS-Py9nfstnAdgzyhZPYm7WD2h_B9PsN6UnZMsO_96QbWPkb--KwhES8rzP_3L8gYZNtNQ2X6A-x82CcROtbzF_QGTIKABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0bW0WjC60J4CDTZO5HD3tRxAw3fw%2526client%253Dca-pub-9176521898341909%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.22.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-22-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 00:11:27 GMT
last-modified: Wed, 30 Aug 2023 00:11:27 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 30 Aug 2023 00:12:27 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame E588 0
17 B 27ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~llwzf5wx&c=5448016272034&slotId=2724008136017&qqid=CPzTq6WMg4EDFbBfwgodVykLXA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&dm=5000&met.4=vfl.100
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=23192661987762&bg=!Y2ClYC_NAAYkVgHwBFY7ADQBe5WfOM5sQPqTHx6_u9qUiLeUEhtCGcdSozmowbTIbiwWXOYW5vQIcWZujtRuhXaJ775rAgAAAHNSAAAACGgBB5kCvy3bnuh4HDSgwTYOyxomLlejJ6wgcyd_msAuZLLlTrVY3nR1qv3ZNLoWy30koqeK_BBYlbmHQkxsB9tKKJUTe44aXjbGuSs00traIp9IuPf2LvSI_mCHyh13olqGwhGHLXMKVAAD5rapTU85aufyEVs3ldaVBsc8zHr4_LDDBaY3iYuaMSgKKgPdb1hYgodlH2y24S3IymqKuoCLYydQdVQOGSICnl5i8kCzmNQEVLjDVQ2FNyWBOjlGpoiegyaqQmcR433ctQiGG1eYUt_lUiaWG5voAhwefEUZNbgfzKXU1wQRvGmIC2n_bHPKbYuK_8SFoPWOgjBDIcws5F84Jtx1jmrpeuEsKF2ADJgGuXklRYXryA73j3O6aDABQWzegtHBp5WYOxZ9GeBa8O_dg44sQOGb2Tx7Bm1BuGXojg8MCND-5BeCLdb35L4-N8XFqyq-mtujdbw5KfwQHdclF8ZvRu8B04ZZt-M24f9uAdPb6UEtd0-E3Jo4gK7fNP0vgKa37AO3njOlYpGRv4yPb1A4OOIV8PE4R-b37ixjZfs9iZ0vcbTcRtbJSEw_q4x5j_4eih7toMye9wZ1ggyFUFtm7cJTAewT57cUoS0nGYyYJWZ0-UkwgMQ6Lb9lefVA-QJFp8Re1-bBcAl4Wbdru4ninIEe7suZp2S-4igUE-s5Vz2ziMRUZFjXy7R-xWZ91LE8q7F0pNW6xb204WVPjw46IYHKIyu8f_i626hGElD5F9N0-VJ84EtEn4oK4mUu54-MAJbC2x_eRHpefF1_KD7CbFm76zVgBa74-Ipl1hL4OFkqT8f1kS4r8mK25oyeZlCxSVA0W-NECsS-nOmteUl2KEkTVth6csBhrmV2_LVRs_HaIbqvmChlt522mCVqZuXji6bGjl6p0Z18AI6iosIiizNUkpgCTJq5RybruGE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 8B7A 0
17 B 27ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~llwzf5wq&c=2024211327092&slotId=1012105663546&qqid=CMuGrKWMg4EDFd5ZwgodYFYNSQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&dm=5000&met.4=vfl.zg
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9CE8 16 B
209 B 99ms
99ms Fetch
application/json 18.170.168.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.170.168.253 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-170-168-253.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Aug 2023 00:11:28 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 109ms
31ms Preflight 18.170.168.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.168.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-168-253.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 30 Aug 2023 00:11:28 GMT
server: nginx

GET
H2 200 dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame 8B7A 42 B
107 B 58ms
57ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D1090,0,0,0,0%26mtos%3D1090,1090,1090,1090,1090%26amtos%3D0,0,0,0,0%26mcvt%3D1090%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1261%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D35%26pst%3D205%26dur%3D5610%26vmtime%3D1281%26dvs%3D1090%26dfvs%3D1090%26dvpt%3D1261%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1090,1090,1090,1090,1090%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1090;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1693354286751;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8B7A 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=lWVuEjdtpPc&label=videoplaytime25&ad_mt=1282&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D1090,0,0,0,0%26mtos%3D1090,1090,1090,1090,1090%26amtos%3D0,0,0,0,0%26mcvt%3D1090%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1261%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D35%26pst%3D205%26dur%3D5610%26vmtime%3D1281%26dvs%3D1090%26dfvs%3D1090%26dvpt%3D1261%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1090,1090,1090,1090,1090%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1090&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1693354286751

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImrnRpYyDgQMVkE8dCR2JfAyaEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCPzTq6WMg4EDFbBfwgodVykLXA;dc_rmcid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D1086,0,0,0,0%26mtos%3D1086,1086,1086,1086,1086%26amtos%3D0,0,0,0,0%26mcvt%3D1086%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1266%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D200%26dur%3D5610%26vmtime%3D1282%26dvs%3D1086%26dfvs%3D1086%26dvpt%3D1266%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1086,1086,1086,1086,1086%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1086;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1693354286763;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E588 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=w_QN382ePsc&label=videoplaytime25&ad_mt=1283&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D1086,0,0,0,0%26mtos%3D1086,1086,1086,1086,1086%26amtos%3D0,0,0,0,0%26mcvt%3D1086%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1266%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D200%26dur%3D5610%26vmtime%3D1282%26dvs%3D1086%26dfvs%3D1086%26dvpt%3D1266%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1086,1086,1086,1086,1086%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1086&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1693354286763

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B7A 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=two_sec_reached&clientTime=1693354288848&ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8B7A 42 B
64 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtFy0-IaRS7LD1IirohyqN6sC9g7RSY6z1jl02NpLf-sKlkwqSQrbj-jgH8_Pns9M0MlpfD25UndwX9oUIB81nEAAy7EKbfgUdAoRbhTa4nwTM118pimzFR7r-lA7YcV8&sai=AMfl-YTT9olWNGDrsQu0L6ISJG2W8ylVnvFHLC6hFXM95jzsoWLBdhoIE5Nbxnb81mR6zegKpMyyQ7SfVol6&sig=Cg0ArKJSzLvUgLgYFCvuEAE&cid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2091,0,0,0,0%26mtos%3D2091,2091,2091,2091,2091%26amtos%3D0,0,0,0,0%26mcvt%3D2091%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2262%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D36%26pst%3D205%26dur%3D5610%26vmtime%3D2284%26dtos%3D2091%26dtoss%3D1%26dvs%3D1001%26dfvs%3D1001%26dvpt%3D1001%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2091&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286751

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E588 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvBQcsSNmpFOEtanHEHRVDmkMu1tUQOsUziBW8LkaJIs4PhLyADJJglpmuWQg6gZ-LaVcvDAF8gD0WYa2xg3u-3KIwwz6ZSJHi4XngLSzm-hkLa7Zed8ebC9rcUL-4cOQ&sai=AMfl-YRAmGCa6ncBNh2t7vFL3AUADgLMKUKGeuvTnfImjMnSGHhT-C01VlGmILoK7jKxYwZmd_g8lF5kug0t&sig=Cg0ArKJSzAVvKUhctUjvEAE&cid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2087,0,0,0,0%26mtos%3D2087,2087,2087,2087,2087%26amtos%3D0,0,0,0,0%26mcvt%3D2087%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2267%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D22%26pst%3D200%26dur%3D5610%26vmtime%3D2285%26dtos%3D2087%26dtoss%3D1%26dvs%3D1001%26dfvs%3D1001%26dvpt%3D1001%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2087&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286763

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame 8B7A 42 B
63 B 58ms
58ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2416,0,0,0,0%26mtos%3D2416,2416,2416,2416,2416%26amtos%3D0,0,0,0,0%26mcvt%3D2416%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2587%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D37%26pst%3D205%26dur%3D5610%26vmtime%3D2609%26dtos%3D325%26dtoss%3D2%26dvs%3D325%26dfvs%3D325%26dvpt%3D325%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1326,1326,1326,1326,1326%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2416;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286751;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8B7A 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=lWVuEjdtpPc&label=videoplaytime50&ad_mt=2610&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2416,0,0,0,0%26mtos%3D2416,2416,2416,2416,2416%26amtos%3D0,0,0,0,0%26mcvt%3D2416%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2587%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D37%26pst%3D205%26dur%3D5610%26vmtime%3D2609%26dtos%3D325%26dtoss%3D2%26dvs%3D325%26dfvs%3D325%26dvpt%3D325%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1326,1326,1326,1326,1326%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2416&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286751

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMImrnRpYyDgQMVkE8dCR2JfAyaEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCPzTq6WMg4EDFbBfwgodVykLXA;dc_rmcid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf...
ade.googlesyndication.com/ddm/activity/ Frame E588 42 B
63 B 58ms
57ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImrnRpYyDgQMVkE8dCR2JfAyaEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCPzTq6WMg4EDFbBfwgodVykLXA;dc_rmcid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2413,0,0,0,0%26mtos%3D2413,2413,2413,2413,2413%26amtos%3D0,0,0,0,0%26mcvt%3D2413%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2593%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D200%26dur%3D5610%26vmtime%3D2611%26dtos%3D326%26dtoss%3D2%26dvs%3D326%26dfvs%3D326%26dvpt%3D326%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1327,1327,1327,1327,1327%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2413;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286763;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E588 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=w_QN382ePsc&label=videoplaytime50&ad_mt=2611&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D2413,0,0,0,0%26mtos%3D2413,2413,2413,2413,2413%26amtos%3D0,0,0,0,0%26mcvt%3D2413%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2593%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D200%26dur%3D5610%26vmtime%3D2611%26dtos%3D326%26dtoss%3D2%26dvs%3D326%26dfvs%3D326%26dvpt%3D326%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1327,1327,1327,1327,1327%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2413&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286763

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvsHRpYyDgQMVOqQnAh2_MAvCEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCMuGrKWMg4EDFd5ZwgodYFYNSQ;dc_rmcid=CAQSGwBpAlJWv893NN5tdo87mDQeCurhdjb_3Pu3wBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D3742,0,0,0,0%26mtos%3D3742,3742,3742,3742,3742%26amtos%3D0,0,0,0,0%26mcvt%3D3742%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3913%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D39%26pst%3D205%26dur%3D5610%26vmtime%3D3937%26dtos%3D1326%26dtoss%3D3%26dvs%3D1326%26dfvs%3D1326%26dvpt%3D1326%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1326,1326,1326,1326,1326%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3742;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286751;ecn1=1;etm1=0;eid1=960585;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8B7A 42 B
64 B 61ms
61ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C2aaaLYnuZIu8IN6ziQbgrLXIBPmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QsER_LYSUcfsiJVQY5JoPHtRRHFMLz0WNDNxLb7liJjLYAVnjMaDDB5G5_tPhiaxGejjCIAFl1NiUh34JiPS_ouKHOzBvZaBqXZ3wkHtv7Imlmr8MLxTOqGubC1H7BxPSfXWSuE2HUhF83_aNk_z9KMxeEdv_PKOdUZb2Rzmu_ymW-VqTffnewBbAi-2afIZiq_5nPdCG-YvmcT1JEUd8rGIlhVHFWAxksvycHmN4SbqQY1Zz28qCHBtC9RtO31WUCEUkYhGGzFm6HoSLCsrBFOwj0vnEeo_iYPq9D-s9AsgjMeWPYMAEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=lWVuEjdtpPc&label=videoplaytime75&ad_mt=3938&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D3742,0,0,0,0%26mtos%3D3742,3742,3742,3742,3742%26amtos%3D0,0,0,0,0%26mcvt%3D3742%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3913%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D39%26pst%3D205%26dur%3D5610%26vmtime%3D3937%26dtos%3D1326%26dtoss%3D3%26dvs%3D1326%26dfvs%3D1326%26dvpt%3D1326%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1326,1326,1326,1326,1326%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D743754233%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3742&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286751

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285347&bpp=3&bdt=229&idt=143&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ZTBaqxn1s5&p=https%3A//www.babup.com&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImrnRpYyDgQMVkE8dCR2JfAyaEAAYACCEuPhdOhoIwv3eiQUQqMrEn7YEGKW1peMDILmdj8eLEkITCPzTq6WMg4EDFbBfwgodVykLXA;dc_rmcid=CAQSGwBpAlJWnMMouwEV9P9VL8wo1eUaSp3DzyIVFhgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D3742,0,0,0,0%26mtos%3D3742,3742,3742,3742,3742%26amtos%3D0,0,0,0,0%26mcvt%3D3742%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3922%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D200%26dur%3D5610%26vmtime%3D3940%26dtos%3D1329%26dtoss%3D3%26dvs%3D1329%26dfvs%3D1329%26dvpt%3D1329%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1329,1329,1329,1329,1329%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3742;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286763;ecn1=1;etm1=0;eid1=960585;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E588 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CS3VmLYnuZLyJILC_iQbX0qzgBfmlteJxuZ2Px4sSqJPMtt4JEAEggrq4fGCVAsgBBakCIVGG7VED0j2oAwHIA5sEqgTnAU_QeXnw4iXYyZS0U8ixJTXDIhl9GZFeoNTxyvpajLmVYQLCp9kfO9d8ZeoKl74kB4TaoFlBy_pUZzWzGKo1X1Vlwzkiff19GAn5XKzFhCkDOVaHcw_VWPNF1tHrotjyvikeDEIxLSn2B4ARTICNVmxOcSp1psophUJtnWP78e91aTG_O4GJU_GEqEN2KQK81tmuJDVqnSTSthCsDNfKoVobl4pRmMe7as8f2u6Nw396LFoRv87_SzQo7hUxIaqO8hxXGNwvLupFRjFqoXoTxaTtmcpb4AzikeoQ9-COt36RfeFUGuzoX8AEqMrEn7YE4AQDiAXrsMr3S5AGAaAGdoAHgrXa2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAkRFyA0BsBORr8MUyBOltaXjA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&sigh=w_QN382ePsc&label=videoplaytime75&ad_mt=3940&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,319,273,792%26tos%3D3742,0,0,0,0%26mtos%3D3742,3742,3742,3742,3742%26amtos%3D0,0,0,0,0%26mcvt%3D3742%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3922%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D200%26dur%3D5610%26vmtime%3D3940%26dtos%3D1329%26dtoss%3D3%26dvs%3D1329%26dfvs%3D1329%26dvpt%3D1329%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1329,1329,1329,1329,1329%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D581733864%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3742&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1693354286763

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1693347085&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693354285287&bpp=2&bdt=169&idt=195&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6718260279736&frm=20&pv=1&ga_vid=1501917331.1693354285&ga_sid=1693354285&ga_hid=1428761300&ga_fc=0&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076839%2C31077370%2C42531706%2C44795553&oid=2&pvsid=23192661987762&tmod=1083165389&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4IDxTh3m7W&p=https%3A//www.babup.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 00:11:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECFeCfNgr9_o52izypPKveY&google_cver=1&google_push=AXcoOmT3ijxPy6xc7cqstgBC859yLBnDvqdCq_hqDHCnsZrf7NgBHD7dUy6tdiPRFz4Siegvo-TFCiQODea5dtnzz3TpH69wOxPaLanK

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFdrA7Ajf5hbxEbOgj-tPeo&google_cver=1&google_push=AXcoOmRfjfZrj04tzlWlroz2AJQJRtMnWsfsZ4-f83RxBe8pXlDXbFUwXB3qKLLWL9UoLOQCB1QqzZxy0jTphhIlkApDsb898Xzcgl4i

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Wed Aug 30 2023 02:12:24 GMT+0200 (Central European Summer Time), path=/
.babup.com/	1970-01-20 23:58:34	Name: _ga_3T7TKCZCC9 Value: GS1.1.1693354285.1.0.1693354285.0.0.0
.babup.com/	1970-01-20 23:58:34	Name: _ga Value: GA1.2.1501917331.1693354285
.babup.com/	1970-01-20 14:24:00	Name: _gid Value: GA1.2.939963554.1693354286
.babup.com/	1970-01-20 14:22:34	Name: _gat_gtag_UA_119779859_1 Value: 1
.babup.com/	1970-01-20 23:44:10	Name: __gads Value: ID=041bf4788dea34d0-227a763e5fde0092:T=1693354285:RT=1693354285:S=ALNI_MYLjTqi1pQVu4So4AZy7IIfbcfFkg
.babup.com/	1970-01-20 23:44:10	Name: __gpi Value: UID=00000c6b6787d3b2:T=1693354285:RT=1693354285:S=ALNI_MZi3LEN2BDmJdzvj1LvBA7A0mq6Qg
.doubleclick.net/	1970-01-20 23:58:34	Name: IDE Value: AHWqTUn25Ore20_PwxAGZmRD7VQeDa_NxpkNcF_3wEjtXwbRuX0mGsdflibYH2FAz5c
.doubleclick.net/	1970-01-20 14:22:37	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 15:05:46	Name: mt_mop Value: 4:1693354286
.ctnsnet.com/	1970-01-20 23:08:10	Name: gid_CAESEOctlM7hMcZmEZqdSHbvAqA Value: 1
.ctnsnet.com/	1970-01-20 23:08:10	Name: cid_86359bd17f32442b8a9f6ca0cf67d54b Value: 1
.travelaudience.com/	1970-01-20 23:54:15	Name: _tracker Value: %7B%22UUID%22%3A%22615DA66B-9E9B-45E8-A6F1-1D2D556F7380%22%7D
.quantserve.com/	1970-01-20 16:32:10	Name: d Value: EFsBCQHqKYEA
.quantserve.com/	1970-01-20 23:52:48	Name: mc Value: 64ee892e-64a4e-73bae-8afd3
.adfarm1.adition.com/	1970-01-20 16:32:10	Name: UserID1 Value: 7272901278918244503
.simpli.fi/	1970-01-20 23:09:36	Name: suid Value: DDCCA7A42FB742B89994895F31B0C9AF
.adform.net/	1970-01-20 15:07:12	Name: C Value: 1
.dotomi.com/	1970-01-20 14:22:34	Name: DotomiTest Value: 67f226b9e1fd182f
.adform.net/	1970-01-20 15:48:58	Name: uid Value: 8661195724964626541
.tribalfusion.com/	1970-01-20 16:32:10	Name: ANON_ID Value: a7ntuJwyEoipuMNpaXU7cFhQhAgkjnI8A9VQZaiXZbQEyT7IGW0vYS7u33Zbg6EJUDtgOUugoLhHdPEQ21qChOZc75xl
.smartadserver.com/	1970-01-20 23:54:15	Name: pid Value: 2502625513422498668
.smartadserver.com/	1970-01-20 23:54:15	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:09:36	Name: csync Value: 76:CAESEAEe3F3x-voS_YT3DntiGoY
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.awin1.com/	1970-01-20 14:25:27	Name: awpv14702 Value: 412871\|1693354287\|c322e980-46c9-11ee-8c55-226543793aa5
.o2online.de/	1970-01-20 14:32:39	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:32:39	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MzM1NDI4N3ZsZWExZGUyMDIzMDgzMDAyMTEyNzg4NDAyOTcwMTg1WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWR4MnFGUWZBZjN4RVNQSGRIenRRdFJSZ2M3UzZUS0QxQ0I5YnpvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTI4X1dFQkdBSU5TTU9TVExZMTE3Njc5
.o2online.de/	1970-01-20 14:32:39	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023083002112788402970185X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MzM1NDI4N3ZsZWExZGUyMDIzMDgzMDAyMTEyNzg4NDAyOTcwMTg1WDExNzY3OVYxMjI2MTMyNzAyT

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.babup.com/(Line 2168) Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jyt45yex1wgm846844v4k3p3rhm98rnf27qpjv708zbgzk5td1n76jyyk2pswr9tknxr32rxh7y11prc2kgmww2qncnpx0m12ahp76fyb3h1af6xmk6eav2rtzcsrd7dp6p16ekg0sr3rm5kb58gnncasq02vwjeh8f3g4dsnanastqmwvpg4w2h0ffzxx2501qfypyb2aej15jmc1f45hgan2wqhm0nd20j4hrdgfnfqrvxg01p89fxdq1pspgw6g6r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktcm7p00sjpm08re9q3ybtkmh2rvbfcm6nctw1twt0g0wc0kr5bbeatz9gwgsh5fpmsyt154y1btpfzx24mbb5re1f5d8xejn91s5vh5n346j7xa6dc09c773bxps1g3znzmqf4z9fp7xr3vjp14cv4z47zggtp4xpv5ecy6fe6fmtpe8r5xbf3gpz07k6y2qgm2yppyh80btk8117cnf58sarenq3rdp6506abhyd73m8ceeyprrry8tn62ttqp584ew9gzhe2nqwd1yt1eke5vg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCo2i8LYnuZIeoOcKqiQbairHoC5DhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItOTE3NjUyMTg5ODM0MTkwOcgBCakCQzDUDCk6sj6oAwHIAwKqBLkBT9A1rd_TyGlfeXSgOX4UzAxFtWHapwnoOWUWPekmPpIH4RhLp-0yPouhW8V-16_LQRfsbxVQBF2x5UT5fteoMdxBIjZnX5tfnj54yRhu1Mj9XaM-axzzhu_c5iw20M0Sv3oEusseXd181tzs4zbXsndNUec9n9Uqnnsc3TMRoIim6t6KcJ0gbAnFWKQrovWjgnvNhqawYtXiKwMTp89eBrPOSfm7oj-Y1FWR9gu5SQbtV6UjFsvItSOABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2-5wsIWimE_0qC5QhlUs9aNztLHw%252526client%25253Dca-pub-9176521898341909%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Message: Failed to load resource: the server responded with a status of 429 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9176521898341909&fa=4&ifi=8&uci=a!8&btvi=4&xpc=dFN4d2IUBx&p=https%3A//www.babup.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ade.googlesyndication.com
ads.travelaudience.com
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
c1.adform.net
certify-js.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
images.dmca.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
prod-rtb.ad4mat.net
r2---sn-1gieen7e.c.2mdn.net
region1.google-analytics.com
rtb-csync.smartadserver.com
s.tribalfusion.com
ssl.google-analytics.com
static-de.ad4mat.net
sync.mathtag.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.babup.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
certify-js.alexametrics.com
googlecm.hit.gemius.pl
www.file-upload.org
142.250.184.226
142.250.185.98
142.250.186.66
151.139.128.10
167.233.13.224
172.217.18.6
178.250.7.11
18.170.168.253
18.66.147.41
185.29.132.241
185.86.138.153
188.114.97.3
2001:4860:4802:32::3
2001:4860:4802:32::36
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700::6812:19ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400a:8::7
2a02:fa8:8806:16::1370
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3121::3
3.9.22.61
35.186.193.173
35.190.0.66
35.204.158.49
37.157.5.84
51.15.15.22
74.125.133.155
84.200.5.215
85.114.159.118
92.123.148.9
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
0249999410c061ba68ab7d0bd34c304b3401ec7a6ab06d4a509af1c7c2bd7d1d
026311d38d4e265040c57d8e74d65942576cffeb375724d93c7ea4ac8f187d67
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0e42867786a891fb5580e5e58b56a366255c3bf47b21362cc9cb66de0836ab98
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16562f8e37397449cc960ca61b93725cdf75640e2c48cc67608de4ac4cdbf416
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20e7d77d34502a37cffd2389357474f8a3d079178bf4ad297b975312abed9e2b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
28d1764b929a95aad8c00aa782bf66c9ab265c40e5ff9ff6fc4226f0af7a94a1
28e2378b644b4548b6256a5ceb1edc4a3944f07a1a523a6bf1d642fd7a4c6d66
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ca1d7beb3fa520f5bbca05d24008e905923cd91a6c88c5c98069e8e1da872f0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3995cce58f1cdee5eae096dd7f1aaa355e063ce5dd3eb577d8938acae984d1e7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3f633b70fa95e3a10e5a1bc2197cd3d6686f183457bf2518af4cfd95412c0275
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
4678201b0274f75c6f34a6810d09fe2e90eb9cd736c0cfd7487f1d7974569c4b
469f96205ef0665e6044f3331a2e36deb8eee539b9157da9619cc9fb95fc36d9
4c0579eb5fec67ac6a9b340e3c8f7902db02d11e43f8321ff7b06e3471181b75
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
5318d795a0307f85dbf86658086878144f557f25968877763a6c53e430b73d3a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6a44c7abe21f0c75b5b7de8a7ab235f795a083fab8f6191eea1eedf5e0109175
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f890c1c9aa257234b4bd4e274e0febaf4cff004095124acb4f64b2ff54efe37
711c485712a312c2d2cf10b6299b62c92700fa2d7d6987c0c96acd2cf634604e
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
7658e1bbe6b728582c3d2d8daa908309c6ddedf3d29ef69c3eb3bd921a587e44
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee
7e234254eb97c999d6c48886ec582715c99b676292cd0cc9d54e64f47c520622
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88b749d44c9fff01b69abcd947993dfba0cb5c6fce60c37bab12ded84f0473b2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
989d64143daa6c7a6dc9a598a13411c777588c26f58066b40817ec6b7faef877
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dfa9d85321e1f67e3baf4a371a580174b96d6febccfcf85f1c20db04351095c
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
c3e09b743758ee6c93e3417711285714a940448063534a8620d502f5842326a3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d92b00061fde9cbf6d311a89b11e36744158f283b458f7dc453f1d3f83fae6d8
dbeccdf1d902dca9f931c9370112f7d81bf941b113763e6a8b42412034916c23
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
df7fe9ff4e84b63863f1ba7700f7af7446adb24a59ab48848dcab753bea1e1b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9502fd322edbf67c27e6a19ce5c1b763d577ba4026fabc09ce55aa80d81afa4
eb7ea5b3a2ad6bc7b333551229a3cad277bd1f3c635595a7273ee11781f83dab
ecf19dea0f9bc0fa6790badd009310b9bb26082c64b85080c656cc805bd5d321
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f52d7af57493f0a372baa99cd91be08dc6e6db510beed86e46274fca1c694d9f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb4abc3ff8bd8490e05e0cdf814bbb3879186c4b9f38d635d48ddc1a7bf85f3c
fbcf92da9d738d8b4e2433d51ec4278b7fd26456de7c28aca695e8a9c13cea54
fc08f9515bd3023bfea5224538657ef40732a96741489ac9ffc21f25b128f496
fd52bc8708398a69f603e979d7f1871976c369547570836aed22f4f93b36e676
fe7b7c64b288eee54b8c78466bdbae2ec9da8a48cece88aea0c99d34b15cf6c4
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.babup.com Open in urlscan Pro 51.15.15.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

89 %HTTPS

53 %IPv6

36 Domains

54 Subdomains

37 IPs

8 Countries

4805 kBTransfer

9112 kBSize

30 Cookies

31 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

89 %
HTTPS

53 %
IPv6

36
Domains

54
Subdomains

37
IPs

8
Countries

4805 kB
Transfer

9112 kB
Size

30
Cookies

227 HTTP transactions
4 data transactions