www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/tnai4qzf7rik
Effective URL:
https://www.babup.com/file.php?get=tnai4qzf7rik
Submission: On October 11 via manual (October 11th 2023, 9:52:46 am UTC) from VN — Scanned from CH

Summary HTTP 254 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 22 domains to perform 254 HTTP transactions. The main IP is 51.15.15.22, located in Tooting, United Kingdom and belongs to Online SAS, FR. The main domain is www.babup.com.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.

This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 25	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.15.15.22 51.15.15.22	12876 (Online SAS) (Online SAS)
57	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
1	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
1	169.150.247.38 169.150.247.38	60068 (CDN77 ^_^) (CDN77 ^_^)
2 19	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
3	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
36	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
12	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
5	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
14	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
3	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
8	193.108.153.5 193.108.153.5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.219.162.37 3.219.162.37	14618 (AMAZON-AES) (AMAZON-AES)
27	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
4	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	35.210.149.152 35.210.149.152	15169 (GOOGLE) (GOOGLE)
1	142.250.185.68 142.250.185.68	() ()
254	33

25 188.114.97.3 (Amsterdam, Netherlands) 7 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.15.15.22 (Tooting, United Kingdom)

ASN12876 (Online SAS, FR)
PTR: server.babup.com

www.babup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f110.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 193.108.153.5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-5.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.162.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-162-37.compute-1.amazonaws.com

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.149.152 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 152.149.210.35.bc.googleusercontent.com

tps-dn-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	804 KB
37	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443 ad.doubleclick.net — Cisco Umbrella Rank: 173	302 KB
27	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	517 KB
18	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 951926	436 KB
16	google.com mts0.google.com — Cisco Umbrella Rank: 4394 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com	116 KB
13	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 541 rtb0.doubleverify.com — Cisco Umbrella Rank: 941 tps.doubleverify.com — Cisco Umbrella Rank: 562 tps-dn-ew1.doubleverify.com — Cisco Umbrella Rank: 16418	252 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	535 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
7	file-upload.com 7 redirects www.file-upload.com	3 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	3 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	327 B
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	33 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 518 www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	38 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 547	861 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	174 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	628 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	148 KB
2	babup.com www.babup.com	9 KB
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1376	175 B
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 13957 Failed	5 KB
0	alexametrics.com Failed certify-js.alexametrics.com Failed
254	22

	Domain	Requested by
56	pagead2.googlesyndication.com	www.babup.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com www.googletagservices.com ad.doubleclick.net
36	tpc.googlesyndication.com	googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
27	s0.2mdn.net	www.file-upload.org s0.2mdn.net ad.doubleclick.net googleads.g.doubleclick.net
19	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.file-upload.org
18	www.file-upload.org	www.file-upload.org www.babup.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.babup.com
12	www.googletagservices.com	googleads.g.doubleclick.net www.file-upload.org cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
10	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	cdn.doubleverify.com	www.file-upload.org cdn.doubleverify.com
7	www.file-upload.com	7 redirects
6	googleads4.g.doubleclick.net	www.file-upload.org ad.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googleadservices.com	googleads.g.doubleclick.net www.babup.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	connect.facebook.net	www.babup.com connect.facebook.net
2	tps.doubleverify.com	cdn.doubleverify.com
2	ad.doubleclick.net	www.googletagservices.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.babup.com www.googletagmanager.com
2	www.babup.com	www.file-upload.org www.babup.com
1	www.google.com	tpc.googlesyndication.com
1	tps-dn-ew1.doubleverify.com	googleads.g.doubleclick.net
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.babup.com
1	ssl.google-analytics.com	www.babup.com
1	images.dmca.com	www.file-upload.org www.babup.com
0	certify-js.alexametrics.com Failed	www.babup.com
254	36

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.com
www.file-up.org
www.dmca.com
safeweb.norton.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
www.babup.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 36 frames:

Primary Page: https://www.babup.com/file.php?get=tnai4qzf7rik
Frame ID: DD4E2098AB6E822E71D9B7EA57FE227F
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: DC8CD9A7FD5F7458ECF20CBD20D7B11F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1697010761&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960347&bpp=5&bdt=577&idt=987&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1086418602636&frm=20&pv=2&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1010
Frame ID: 7ECED2B4DC94F66FCB87257B7DE162EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018
Frame ID: 82D7625EDD429BACE0DFE29AFAC54A20
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960768&bpp=4&bdt=998&idt=608&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r8OEsjJGP8&p=https%3A//www.babup.com&dtd=611
Frame ID: 7E227CD9A893181B29033E21E95EB061
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960774&bpp=1&bdt=1004&idt=610&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=nMYMJJrwON&p=https%3A//www.babup.com&dtd=614
Frame ID: B9F26860BD2792E43A4068B9F8780FC1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 5CFF7C96F13DBA45390524CE2C056931
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: BB53521C5043E937C1EF2FCCF6A83E85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1697010762&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017962344&bpp=1&bdt=2575&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D327a01ceb8ef7404%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MbnyOWp_1C0yaMl61U-1EzwlqgX4w&gpic=UID%3D00000c94b86af46d%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MZaN9Kgn3DnaS_L2horoVnk5ER8PQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&psts=AOrYGsm_tMe2VxEllVu093a9ScO2i3CexwJ2QpUhpUD-PHIIUwsPoSEzv7jUhoG_o9CkCyYHmcupx6X4tAGe-sD6syMaPWa7%2CAOrYGsli9UvRqWp7FiQWNhqVWqbcfOc-93SOBjJDYuRPWDCJIBeGGlIgMbGe3ACrakFlSM-aL5du9WG8lX0z-ABw-e09tQ&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K69T7U93FE&p=https%3A//www.babup.com&dtd=464
Frame ID: 54E55B109911C18797F8956173A9922E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697010762&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017962344&bpp=1&bdt=2574&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D327a01ceb8ef7404%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MbnyOWp_1C0yaMl61U-1EzwlqgX4w&gpic=UID%3D00000c94b86af46d%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MZaN9Kgn3DnaS_L2horoVnk5ER8PQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&psts=AOrYGsm_tMe2VxEllVu093a9ScO2i3CexwJ2QpUhpUD-PHIIUwsPoSEzv7jUhoG_o9CkCyYHmcupx6X4tAGe-sD6syMaPWa7%2CAOrYGsli9UvRqWp7FiQWNhqVWqbcfOc-93SOBjJDYuRPWDCJIBeGGlIgMbGe3ACrakFlSM-aL5du9WG8lX0z-ABw-e09tQ&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=0nt9ara4pL&p=https%3A//www.babup.com&dtd=469
Frame ID: A29BC26DCD96E60845EBE35EEDE344F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A97CE404363D1B2A0CF3919D4B0E34A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6F201836A58DD52B82CFC0E560920BC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: CFE1EE9FB502C8FDBAC8F2059A4FA439
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 975BA458056F7B1876F5C05C80F0BF97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNWMWSk-SaaqHbrXjhB4d5YvfVESRI257se2yECY_XBFK2oMyCUDFTpVLEe_ua07abal33Zq1C5fRWuLimqBG_lKHsd8FA
Frame ID: 6879F7F0AED9C9EE442474F4238EE1A3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 30B28952DDACEB37A6E475A1B6E038CF
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNX4lrbIJ4z3sqZzvOV10bFlg3FMLP-CIwXKgNSes2jbI4k9vghdL-6WJ0cLtRGQxe3muqhiS4eebpCIRMzhed2X7UgvyQ
Frame ID: 8DB4FD25DDA7BB010AAC813856694FAB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 05E34BFAAD75D48D35DF185EF3731271
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNXNkgq554TVLlVd0ulQPcEN-CzZSwVmq5A-quD7tntDxgBTEfJxit9hYP5zEC9iPpCnf9cjrsLORcWPhzGIt-2MFX-YCQ
Frame ID: 8AD9C0BD3E0E10D8D579CA80B422945B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 96753932C9F73CF2CCDEC6537B898CD9
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Frame ID: 6BAEBD72DAF5D77CCF4DF2969BA9EB4D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 385BB124B29F1F8A218285EC1A04CECC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C03E987D35DF9C91D933B31213882AD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8F95C02DB9B6F61683D31C719BD85EFF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91E373C72D05FF5E07370F50992DF0F3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
Frame ID: 67981394A92AD1C42A1F0F2579763EC5
Requests: 24 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: 4B76055D37EFFF69F977EA81E1CDB0E5
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: 1E67B36D8D74F2F483587BF07C0C3498
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=23d1zg;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=4HU1RJ_40U;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=164;prcl=s
Frame ID: 3111155866D9E76D0E31C9EB5EA2A314
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=plgh0r;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=4HU1RJ_40U;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=172;prcl=s
Frame ID: 31615100FFC0C891B8CC59552B066DA1
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4841A4B587EDF3F6672E9758CAE4321F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01328AE5F49F02800B76CF1BEFACEC17
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 0E1DBB125BDD4EED2F809B8DA7D3F4E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 5E0744ABD132D0AE0DE412DF4738CECD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46199EE71DA4948A0F34EADD9E456D03
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9149B9A2C31C25279D5274BA7D95E7BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/tnai4qzf7rik HTTP 301
https://www.file-upload.org/tnai4qzf7rik Page URL
https://www.babup.com/file.php?get=tnai4qzf7rik Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

254
Requests

89 %
HTTPS

0 %
IPv6

22
Domains

36
Subdomains

33
IPs

6
Countries

3482 kB
Transfer

9191 kB
Size

17
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.com/tnai4qzf7rik
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/tnai4qzf7rik HTTP 301
https://www.file-upload.org/tnai4qzf7rik Page URL
https://www.babup.com/file.php?get=tnai4qzf7rik Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/tnai4qzf7rik HTTP 301
https://www.file-upload.org/tnai4qzf7rik

Request Chain 19

https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
https://www.file-upload.org/mngez/css/app.css?v=1

Request Chain 24

https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
https://www.file-upload.org/mngez/js/app.js?v=20

Request Chain 25

https://www.file-upload.com/assets/images/logo_new.png HTTP 301
https://www.file-upload.org/assets/images/logo_new.png

Request Chain 27

https://www.file-upload.com/mngez/images/anti1.png HTTP 301
https://www.file-upload.org/mngez/images/anti1.png

Request Chain 28

https://www.file-upload.com/mngez/images/anti2.png HTTP 301
https://www.file-upload.org/mngez/images/anti2.png

Request Chain 30

https://www.file-upload.com/assets/images/norton.png HTTP 301
https://www.file-upload.org/assets/images/norton.png

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=CmgjxaXAmZfi6Hffon88Pj8KqoA7iuLu8c8n096nTEWQQASCCurh8YPWlv4GoBKAByNma_QPIAQmpAsfNtip2h7I-qAMByAPLBKoEyAFP0HS71eWejdWrHwocIVOKnPr3_KuksQkqWo_e6RbSvY7rLKpis-YIrGQEKDk9O5RVijQQoLHJWsexEER-taBE3SPiRpzQ0qs10G7YOjqk2Vz5lEmlLyvx2XLSc8GcYVE28WSO2H0HFRz9JtVWskOhVOGiSmXskyET366iFeDbH0OSXtaK_8V7ofxKOvymyUgkYVFK3pvhep0p45LYPlpfUX9U0kuYY8POCmdhNqgcxScJRD08lBRhFa6TvQ0oNDBfG8tL1amaUsAEqPfngrwEiAWukorlS5IFBAgEGAGSBQQIBRgEoAYugAegpuUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5JwL0ggUCIBhEAEYHzICigI6AoBASL39wTqaCUJodHRwczovL3d3dy5mcmFua2Vuc3BhbHRlci5jaC9kZS9jYXRhbG9nc2VhcmNoL3Jlc3VsdC8_cT1iZXJsaW5nZXKACgHICwGYDMSc_e-yBNoMEAoKENDHge-CnpGITxICAQO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=74CWUQI_Fpo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNCXq5dIqjvueinUKB4L2yTTJ8L037KoI5kQWCgOywBKi4YVTOVoA_XBCKEmIPq0LWeHkhijwWWPG2bEot6e9dOcdixu_InfwYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41846d4599d4dfe00000000000000000%22,%222%22:%220x3512d12700ae8db70000000000000000%22,%223%22:%220x3ceb3df86bd14ab40000000000000000%22,%224%22:%220xa66df97b310081110000000000000000%22,%225%22:%220xc257742827b5143a0000000000000000%22},%22debug_key%22:%2212222385808010989727%22,%22debug_reporting%22:true,%22destination%22:%22https://frankenspalter.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067887816%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221387126747471363585%22}&andc=true

Request Chain 78

https://googleads.g.doubleclick.net/pagead/adview?ai=CvvE-aXAmZcrUHeql2OMPq8WtyA6P46Wuc8yqle-1EbCQHxABIIK6uHxg9YWAgMQEoAHf0dWjKMgBCakCx822KnaHsj6oAwHIA8sEqgS7AU_QM4-sI3TYKNtYqMvegCukxOfdeEW4ZesRIzJT1FgPXFufmhvYb8NjyMVM0-7odHqsKxWYkhMbjA4WchxI0GX96E_ZqHt0uucdWtgrA80UUtGb9W6vGjoshWJAf0KGgAxWuP2e0tbX1SD_QyGNlIYOklynvK1l_Yg_J-sficO-ffZTn489fT-cHjnJGHlOnKAAIuBd5OWBO799cb8PJTU2PYzxWA9fI4q6K7Gw6K2VlXQfRfzqtxEgYnzABIfu2-C3BIgFtuedjUySBQQIBBgBkgUECAUYBKAGLoAH34mmgwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJwQJodHRwczovL3d3dy51YnMuY29tL2NoL2VuL3ByaXZhdGUvYWNjb3VudHMtYW5kLWNhcmRzL2luZm9ybWF0aW9uL21hZ2F6aW5lLzIwMjEvcmVhbC10aW1lLXBoaXNoaW5nLmh0bWw_ZWZfaWQ9e2djbGlkfTpHOnMmc19rd2NpZD1BTCEzNTUhMyE2NjgyOTgzMDg3OTQhIXd3dy5iYWJ1cC5jb20hZCEhITIwNDI4ODQ2MDA2ITE1MjQwNTczNTE3NSZjYW1wSUQ9RFMtV0lTU0VOX0FMV0FZU09OXzIwMjNfRElHSVRBTEJBTktJTkdfTEVBRFMtQ0gtRU5HLU5BVElWRS1HRE4tUkVBTF9USU1FX1BISVNISU5HLVJEQS1SRUFMX1RJTUVfUEhJU0hJTkctNjY4Mjk4MzA4Nzk0LWOACgHICwHaDBAKChDQptbfm-a4zzASAgEDuBPkA9gTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MTc2NTIxODk4MzQxOTA5GAA&sigh=Ltkyv5EN9LA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNNUAOI22AUFZEnBbCZtPumjirxzVvNZpYnAH_Ld5GIeFotrAneS4GaV0yieiAETzjNizDpXlbco9wUl-_K71CTOWQkj6pKjIYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x54f5096d7369cac10000000000000000%22,%222%22:%220x5c1fa8965384d4bc0000000000000000%22,%223%22:%220x7a0c1a703a72b55e0000000000000000%22,%224%22:%220xe8dbb5846f2bfbaa0000000000000000%22,%225%22:%220x633fbcc76f5193d10000000000000000%22},%22debug_key%22:%2212817852285785222668%22,%22debug_reporting%22:true,%22destination%22:%22https://ubs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210812221663%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229173831035291725777%22}&andc=true

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1&C=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSZwazBklmhcMlRcl9fnOgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIrqftrMbfFgE9M7Z4zD930&google_cver=1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NDI5MzY1MzA5NjMwNDk2Mg%3D%3D

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDau7ufZ4gP6qbzJBbanZeU&google_cver=1

Request Chain 131

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2MmQzMDAtZDBjMS0yYmM2LWZhODItZjg5ZTMwYWQ4N2Q5

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEDU_uWHqI_PCGWhfLHw8rdA&google_cver=1

Request Chain 133

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlOTJlMTQtNjJhYi00MzMyLWE5NDktMjlkNTNhYWFiZWMw

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEGyRy5192Lct7qib2aclyTk&google_cver=1

254 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

tnai4qzf7rik Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/tnai4qzf7rik
https://www.file-upload.org/tnai4qzf7rik

27 KB
7 KB

803ms
219ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24c8ec1a7adf9755ce2a053e1310b90c94f656b0a50ea075b7f02c56726af55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81463622e90a422b-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 09:52:38 GMT
expires: Tue, 10 Oct 2023 09:52:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV8Nh3X26mYMNJf7ZvGH%2FDCTkZp2JSmr5iQlRpTR%2FDHJVtr4V02ZzyivsuvbRPTJrsjUb2qxsqsIThygEYQrwnnCZINmINjzNuZZh2HS8E3ZcUKf4f7pmWILa%2BCJlNlEpVmt3CTl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8146361e7f49bb25-MXP
content-type: text/html
date: Wed, 11 Oct 2023 09:52:38 GMT
location: https://www.file-upload.org/tnai4qzf7rik
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXmC3icI7jEZ4bDLsjEFD6szavU%2FlTWxv38UR3RxctQYYMwjxr4Oi5qAbbgsYd3Qqu%2F86lTm9NATXPfIMi4dH6i1v0Fg9KJn1YTm4YpfCPFfIzU8N9ubg6mMp5IQfJlhF%2BcVcqFp"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 177ms
175ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1070350
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVRtns8psTRyXs549LWEmDAvf1YGCjYK5HVxUIx7MYTg0lx1kMvKvhdN0kB2djeB6pFcXewAoBKZXw%2BTU1hWvxjOSzCDJZrXN3lfaY9BqNQCCxQrksxwJnv56pUv3lkU0FxPRBMk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 814636249a0d422b-EWR
expires: Sat, 30 Sep 2023 00:33:29 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 395ms
395ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E80DI1TGtnhj1mSS5dkuVHmsJrdPmUYtqsIU8%2B5ka9iMzU4mr6s%2BLBekiiNJzGMX%2FVdd6fsrT82jRLhMsRpJplT0ify6uk0YTK5NiJDZRLIRsiVDXerCJloojnSz1w7W45DEvg2k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 814636249a0f422b-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 132ms
131ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454195
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QUykoy8TjJiy3HysviMjjktsezxgJ5LcA4lzCIfCrKiJgYivbx8XA5pTrErte0OEeV4FKsjSz35RNw5R3NlUtqmR1Cn7SFkf89NtL995ZdlmBUGTHmKMoNK1fOjCK6yMRaGwZoO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 814636266b0b422b-EWR
expires: Fri, 04 Aug 2023 17:02:44 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 121ms
121ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 07:53:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6523b17d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K25Fc4FcwVaSlo9U%2BGh%2Frk%2BUpSCnVN8QXsSDobbA03LNcGJQlhwxD9kaojJ1CsfWKW9%2F9YdZiPE0fAYeDBV1326GKgOp0087j0sZwJa05BdMr0YGoT607LVxPQ3Zamys8a8SwE9X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81463625aa87422b-EWR
expires: Fri, 13 Oct 2023 09:52:39 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 133ms
133ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454352
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj2dWUuU6q0Y1HjwuL5xLi8Mfw%2BCZyCliyjLEzV2tvCIyK5Nfc%2BN81V79piwebL3p8IpEgrbqP1Sb4Wd2KjUi%2B8prizfaGqLSlDDVVrHJgXmWVcrfu9ruqx1rdfsj1S6EYojpSCj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 814636274b85422b-EWR
expires: Fri, 04 Aug 2023 17:00:07 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 198ms
198ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454351
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gx8qgJ9NYy1uNYswItdpDxPVjL0rkXacIlgtNF3jUthuKgMJ2%2BFWcfzQfm4Ku6yYZESNRNootNKIy6TTwpNFUUmEQBZV7c6GzgYvkCSxN4TIw5WClUr0D%2FND%2Bu7O5VV7DeCYE5lx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81463627fbe3422b-EWR
expires: Fri, 04 Aug 2023 17:00:08 GMT

GET _dmca_premi_badge_4.png
images.dmca.com/Badges/ 0
0

GET norton.png
www.file-upload.org/assets/images/ 0
0

GET
H/1.1 200
OK Primary Request file.php Show response
www.babup.com/ 23 KB
7 KB 218ms
88ms Document
text/html 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/file.php?get=tnai4qzf7rik
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 Tooting, United Kingdom, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips / PHP/7.2.34
Resource Hash: c830bc6034b2a619fd29e5e0bac25bbed6cfa097843bb18cdf8618241fd4a119

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6846
Content-Type: text/html; charset=UTF-8
Date: Wed, 11 Oct 2023 09:52:39 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.2.34

GET flags.png
www.file-upload.org/mngez/images/ 0
0

GET
H2 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 31 KB
0 192ms
191ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4704
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhp9dUbkLA53PhQ98WHBvWmEhF6Fn1qkbmDsomvgtv%2Bfm%2BIRXl0vKIrPW93xDJVSNQZ2bOl4IKOPW6D5rleiXCmluXMDObYTPQOPVbUnGHxtkGTQX2u8vshpJ5gSfLYCxPWU0FvH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81463627fbe7422b-EWR
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 0
0

GET fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 514ms
98ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

457a4976f2c1a5938a0f4f8e01a3b57842da6c63d0b9f5c31284c8dadeba1e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51195
x-xss-protection: 0
server: cafe
etag: 15677833091685734191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:40 GMT

GET
H/1.1 200
OK blockadblock.js Show response
www.babup.com/ 7 KB
2 KB 44ms
44ms Script
application/javascript 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/blockadblock.js
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 Tooting, United Kingdom, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips /
Resource Hash: 7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=tnai4qzf7rik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:11:48 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
ETag: "1b23-6038039110a59-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1948

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 445ms
47ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

76b57be2266c0e5cb783321882e9fea6d8fef9aab9dcfc628f8273ece98de65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69254
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Oct 2023 09:52:40 GMT

GET
H2

200

app.css
www.file-upload.org/mngez/css/
Redirect Chain

https://www.file-upload.com/mngez/css/app.css?v=1
https://www.file-upload.org/mngez/css/app.css?v=1

247 KB
41 KB

237ms
237ms

Stylesheet
text/css

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1070350
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3ao8caubrI0M7E%2F%2BmvYB8thbNMe7%2F712qy1X%2BU2m6J62k8uboQT3AtJT3r%2F6tSKBOP6vbB%2Bb3q8ltBO7CsTmTX8qjkrMkpqX5sfgCz79CNO1vo83O%2FG3OB8WLy6kwTeDeFa2UH9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 81463629dcf2422b-EWR
expires: Sat, 30 Sep 2023 00:33:29 GMT

Redirect headers

date: Wed, 11 Oct 2023 09:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1031
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CxcILYhKh6f%2BnhSjBlka%2BdIx5VK4b95R9a6AgZpLKcr%2FY8tM1Vv66REueitLnd7V09NyO7H%2F5xXku7oGsU2h1sLaWBc0a94hUOdYL4kK2sx0r0F1p0bi%2FMguotS8beMk0l8ZzeQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/css/app.css?v=1
cache-control: max-age=31536000
cf-ray: 81463628a9e4bb25-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 746ms
75ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

b1ec162fb40313327aa6b7f086ecb73f133f5808711b174bd9e3830b1330b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 09:52:41 GMT
content-md5: kR7fZYDAntbTPFv93zbklg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88121
x-fb-debug: iKHx+ZGL6dF/qN5N0Sfii+N7Ge4jQN08Txs2dM4i8R1UwbwcWKMXSNxCBPZYGlJeejArNZlperTyyAp7V07LqA==
x-fb-content-md5: c51da84a451dbd9757fc3a86a7e216ec
cross-origin-opener-policy: same-origin-allow-popups
etag: "314f5c16c7b5e0df7cef4c00fffcfe2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 08 Oct 2024 01:36:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 453ms
37ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

9975b846c61895bd1cc0f220bc75aa61245b7b3366eafa164bf587f69d185333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 09:52:40 GMT
content-md5: aSLbdXajalUnASqm93fDVg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: m9/NgT2XJU4Pjy70ReVkjYzS5SjsG/ziyZvqG9+y/1pW70BWRyNL19KvY/vc0aPErRVm0dXh9YQI64kP461NjQ==
x-fb-content-md5: 865f19565bdc6667f07c94b7b62f2f67
cross-origin-opener-policy: same-origin-allow-popups
etag: "2a40a9ce69e3708b056f70e87d8c341d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 11 Oct 2023 10:11:12 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 430ms
30ms Script
text/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 09:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 62
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 11 Oct 2023 11:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2

200

app.js Show response
www.file-upload.org/mngez/js/
Redirect Chain

https://www.file-upload.com/mngez/js/app.js?v=20
https://www.file-upload.org/mngez/js/app.js?v=20

235 KB
80 KB

462ms
461ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0YVKA5wNlDj1YmN7h%2BsZBgp%2FNIcFBVZB2m4nlZkVCtoFVpdgzD98vtr4joi5dCtSyy6ha6nJW%2F8nUsc4FRc0PUMhBSIreTxgJtspV4EDv28XXhQpkCWBGxvaIRZn4%2BmdU0UPy9O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 81463629dcf0422b-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 11 Oct 2023 09:52:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1031
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDgdl%2FpsZAC2xdsxYohac%2FiX3bieifBg2WsRHxjFUV98VSi85D5gjYcybRlLW4eqpKx9nwdq2jDEsGNjVAU55f3M%2BUKJ19l91e9KdarvwigS3%2Fe0n0rRgYOH7NoJETC2lOc8MS5Q"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/js/app.js?v=20
cache-control: max-age=31536000
cf-ray: 81463628a9e6bb25-MXP
alt-svc: h3=":443"; ma=86400

GET
H2

200

logo_new.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/logo_new.png
https://www.file-upload.org/assets/images/logo_new.png

3 KB
3 KB

200ms
199ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454196
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOSkKTe9gJ9kOZwC4qds2NeAtY5q%2BesZhd4o%2BQVzHq9qR4cl%2BCpPkmgN4sabxVlHCxsu5AbKCVkdmX%2B1YNM0YKpVYYwbQL18%2BBNS4077h8n6%2Bc0rVYOC6%2BiSnNcM8cOeywra%2FKC0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8146362d1ef6422b-EWR
expires: Fri, 04 Aug 2023 17:02:44 GMT

Redirect headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 235
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeDCbdUkRFmvMWoGGIjzrYGWGEvsnUpCnddbTVO4M5JxkVEVjL21EVzlAARAT%2BT7Qi7mGsVW2RygL4zudDsBn1MjpZRKxsyMO1dJxfLulW0yCdUd1OlGnTWZrP55DStLzwUtufEO"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/logo_new.png
cache-control: max-age=31536000
cf-ray: 8146362c1b750d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 443ms
33ms Script
text/javascript 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 22:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Oct 2024 22:22:56 GMT

GET
H2

200

anti1.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti1.png
https://www.file-upload.org/mngez/images/anti1.png

19 KB
19 KB

194ms
194ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454353
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXl7P9%2F1Hzs8RxlTQAlQiC8c5pvNvIrXd7FJNesHlhrTrPTD9haUMX4jXcdZUoVCDM9L1%2BvLbquAbg%2FWj8HwB7pLcXY89uSi4JmUHtWsAAfGkiFnm24TzOnWTcxdb43%2B%2F5BvbvqO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8146362d1ef7422b-EWR
expires: Fri, 04 Aug 2023 17:00:07 GMT

Redirect headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 235
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkIp%2FmqrRNdYCJz8%2B0cg4Sr%2BESCfgUWD2HdcFZYyBxysyxzRNtjwFpsw3B5rcfTuIlqGPe7twD2TtHDJvU3nynZAUOFmhRJ6pvTdNLjAfZe3ylAcDpc6MRL0vw%2Fd4OPfhN0azRgy"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti1.png
cache-control: max-age=31536000
cf-ray: 8146362c1b760d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2

200

anti2.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti2.png
https://www.file-upload.org/mngez/images/anti2.png

641 B
971 B

203ms
203ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454352
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POTPE5%2FkaufQn6MjGZmAT4t%2B2yPYHC2UvDsVEPKf3QPkZ%2BC9DEv9X1KNwS%2B6dWnLnxwarPnbLSj3WwALGUi9JDTUslEBaYIpF4REevOl5AaTKafCLAAOYRskbL2xS3wY0g%2BgSVbR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8146362d1ef8422b-EWR
expires: Fri, 04 Aug 2023 17:00:08 GMT

Redirect headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 235
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiGWVB0vybdp9a%2FfwK0BQUeQUh0eo3t8LQePvUqCvJgtRAitJaSxaXHBVbwOa2M1Cmh%2BrcpJ6rP%2BbfEnZ3FURzs4KOhRcB9dQ2eD%2FaOPcwHAf6qpKMPt2QL0d9HbH1mFGpTZISOY"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti2.png
cache-control: max-age=31536000
cf-ray: 8146362c1b770d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 41ms
39ms Image
image/png 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=tnai4qzf7rik
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 074fe178ca1e8d9a5559684365450454
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

norton.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/norton.png
https://www.file-upload.org/assets/images/norton.png

5 KB
5 KB

201ms
201ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454352
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoDDXIW92jiIx9zJB6y0wAfE9M6u9TnrhoKgFzjFzjGtLkUGf%2BLc0AquP6uv4%2Fpe9D%2BfHamJs2Yn5ujbUvAT1PhZeBxD0L5IWhLCBxrgbJFz1Udx%2B%2Boh6QtQ67xHgtu2ht90XylG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8146362d1efa422b-EWR
expires: Fri, 04 Aug 2023 17:00:08 GMT

Redirect headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy0G8ryxxj1JGLIqTH3E0obznATBXPY9W8XouDhh2QrfahZ2VVp00S2H3PLSedvPa4JEZAMGMcT5VnKelrJGxdD41hM5NG9DZiHw4nqBbYLtDwkt%2F7qetMntmgX8AJaCmHP%2FbUfo"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/norton.png
cache-control: max-age=31536000
cf-ray: 8146362c1b7b0d80-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 701ms
32ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e176029380934d269b8766e3ff0b3441

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

cb5c0deecc0fa2b831ea48adbc72a180c15843c89a4b87b661ede2b04d4d6828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 09:52:41 GMT
content-md5: Hwacf1oJBVn8PWaJo1jz5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86659
x-fb-debug: fIWJT4rLvaeZP0vWedIzaJC2y+MVkTiNJ9wLUeqiCjW5EZ/jcvUD+r40OFzNlXJP4pWjorQ/ClFlm32hIbif4Q==
x-fb-content-md5: d918a657c451813a7d936192cf8d9d00
cross-origin-opener-policy: same-origin-allow-popups
etag: "b3878d71e4cd02db2ad74f83e7efd1ff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 10 Oct 2024 08:38:00 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 141ms
141ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454325
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kvrcpw4uuq0b%2FmsS3XMVWW3BjW4T4nLnznewC625GWAe5RvsIWeinhwWgasjegi2kUg5XoHZHiH%2Fc41bOHYscRoHSoB7EZGFWvg%2FkDavse6AAL7wABTAvGoBosyiVChsStcObWTs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8146362c6e90422b-EWR
expires: Fri, 04 Aug 2023 17:00:35 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 861ms
181ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e29725b20bfd16f873b8cf3fae4f1867916e2bae5d1281b516613975747d197e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135147
x-xss-protection: 0
server: cafe
etag: 9589717192926943899
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame DC8C 10 KB
5 KB 454ms
61ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 69851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Tue, 24 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 45ms
45ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6ca9aab5dec0141d259134a4599efc5ccea30ebd6699f0a096bc96f2a79b97dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 09:52:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 439ms
40ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 09:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 68
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 11 Oct 2023 11:51:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 485ms
70ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je3a90&_p=1517553318&cid=949994581.1697017961&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697017960&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 51ms
51ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1517553318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=867131392&gjid=488978451&cid=949994581.1697017961&tid=UA-119779859-1&_gid=668886364.1697017961&_r=1&gtm=457e3a90&jsscut=1&z=553365818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 82ms
81ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1102185
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwoXcTAk4dgkbPXTG6b%2B34UNXpwGUrQmC1OdLWmopxbw%2BvGxIrGpXlOTb%2FBl5XyU60hOjZ0drNscQZAVZmjrkcoBtpgXMBc8c92cKXEz6FvBMQIfS%2BlyR5GZp5%2FWiylnmoOeOiJc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 814636327ad50e66-MXP

GET
H2 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 84ms
83ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1102185
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdtnbedquwjjSxB8AwqDSgZTF4cfgg7m%2BWWR0XzFjqu40GrDFrZifoqF5ttD6uYirYPAZuizTPhvv7tKxW72rNURafA92DYHP7f3OaEcpFyTB7pPYKtenpsLI6VqzVqthIGjGQTA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 814636327ad60e66-MXP

GET
H2 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 86ms
85ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1102185
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMWE8QMlRDQ5HWsCfBuyznCXkLKGZDUEELsoz3x%2FSWoqoLElp7Lmx8aVOyXcUQzS4DyhGbmXKfElBwv11ETRNNJWCPEh73ifNQfryWjb5LW%2Bt0s5JfvyURAoNuz4nVr2Uw2jxSpi"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 814636327ad70e66-MXP

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
327 B 61ms
60ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.babup.com&callback=_gfp_s_&client=ca-pub-9176521898341909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

92a6fee03fb491de905b87c7c75759b54a551024d7038d558456503af2b442d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7ECE 318 KB
71 KB 770ms
770ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1697010761&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960347&bpp=5&bdt=577&idt=987&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1086418602636&frm=20&pv=2&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1010

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bc78801bbe481e0889a9dae3f27741be88c962c181e66a79c97af2d4526e5b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72457
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:42 GMT
expires: Wed, 11 Oct 2023 09:52:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82D7 149 KB
45 KB 512ms
512ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6b10746a2757d284b989ff2029755090dbfc7de049c0bb44ca8a60696bbda9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45851
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:41 GMT
expires: Wed, 11 Oct 2023 09:52:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E22 117 KB
39 KB 449ms
447ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960768&bpp=4&bdt=998&idt=608&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r8OEsjJGP8&p=https%3A//www.babup.com&dtd=611

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2ccc4bce7ad912b9893140945cfc8a1158a20056a3691a1fc9510ba49128b724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40088
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:41 GMT
expires: Wed, 11 Oct 2023 09:52:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9F2 714 B
577 B 405ms
404ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960774&bpp=1&bdt=1004&idt=610&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=nMYMJJrwON&p=https%3A//www.babup.com&dtd=614

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

13a8ec3f171712819a01264d2bfa92de9911884df584c6d8076be2861d782d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:41 GMT
expires: Wed, 11 Oct 2023 09:52:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 7E22 4 KB
1 KB 429ms
40ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960768&bpp=4&bdt=998&idt=608&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r8OEsjJGP8&p=https%3A//www.babup.com&dtd=611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 09:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 07:56:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 09:52:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 7E22 23 KB
9 KB 477ms
86ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7E22 3 KB
1 KB 51ms
50ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:12:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7E22 20 KB
9 KB 449ms
58ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E22 187 KB
59 KB 472ms
70ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:42 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 7E22 37 KB
15 KB 93ms
41ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 18:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 18:09:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 82D7 14 KB
1 KB 417ms
82ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 09:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 08:00:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 09:52:42 GMT

GET
H2 200 nessie_icon_tiamat_f_white.png
tpc.googlesyndication.com/pagead/images/ Frame 82D7 239 B
369 B 426ms
89ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_f_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

1c3177b2bb09130b3eb00f3ec5cbc0a43c8c2dd90bfccb329359601cab1697b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 09:54:14 GMT
x-content-type-options: nosniff
server: cafe
age: 86308
etag: 8625321034218172526
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Wed, 11 Oct 2023 09:54:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 82D7 2 KB
973 B 412ms
85ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 82D7 23 KB
9 KB 399ms
72ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 82D7 3 KB
1 KB 393ms
66ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:12:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 82D7 20 KB
8 KB 387ms
59ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82D7 187 KB
59 KB 432ms
92ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:42 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 82D7 37 KB
16 KB 459ms
36ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 18:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 18:09:59 GMT

GET
H2 200 data=vFwA5h3sNG-CzY8Arbvicg3Mbv4AHzU06pYw4LMhr3MdbckjqBgOq2tEHbju_LkaSM0Sm24XB5pO6qtlnJXqxnMvb2jGj6KEHzfkhxripE0HitBIqHoAmsac
mts0.google.com/vt/ Frame 82D7 49 KB
49 KB 597ms
155ms Image
image/png 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=vFwA5h3sNG-CzY8Arbvicg3Mbv4AHzU06pYw4LMhr3MdbckjqBgOq2tEHbju_LkaSM0Sm24XB5pO6qtlnJXqxnMvb2jGj6KEHzfkhxripE0HitBIqHoAmsac

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

053e070a1299f494228cb4a0f6387c04ed16bf3ef08f42d1c6a7b0e744bd656b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50216
x-xss-protection: 0
x-server-version-bin: CggIBBCBm/moBg==
server: scaffolding on HTTPServer2
etag: 077990d69024ee037
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Wed, 11 Oct 2023 10:52:42 GMT

GET
DATA 200
OK truncated
/ Frame 82D7 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 82D7 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 153 KB
52 KB 120ms
120ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

55de4940155110787ee6a3ab3a412007a633a953e7eafb5f5be6ad3258a52233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53318
x-xss-protection: 0
server: cafe
etag: 6650635192478991248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:42 GMT

GET
H2 200 ca-pub-9176521898341909 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 559ms
103ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9176521898341909?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

7f6259ad7c782c5d772132b0c5173661c6ce9a1b4a84a4468ae7f702138242f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ie1Aha1KiLmJCv5mB_Zb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-ie1Aha1KiLmJCv5mB_Zb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6414428012348162828/ Frame 7E22 19 KB
19 KB 62ms
60ms Image
image/jpeg 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6414428012348162828/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

29c3a289ef7b6e18dda55b7685e73971931491f8ba2eef5215e2ba6e0f937aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 10:56:51 GMT
x-content-type-options: nosniff
age: 255351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19637
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 06:31:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Oct 2024 10:56:51 GMT

GET
H2 200 12961532006524180319
tpc.googlesyndication.com/simgad/ Frame 7E22 2 KB
2 KB 59ms
58ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12961532006524180319?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

309d1e7a0910dcd7e2287c939212d29f7819be564fbfebf35464ca6b0f55a92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:55:06 GMT
x-content-type-options: nosniff
age: 273456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1549
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 10:22:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Oct 2024 05:55:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7E22 16 KB
16 KB 423ms
40ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 487954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7E22 15 KB
15 KB 428ms
45ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 452750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 04:06:52 GMT

GET
DATA 200
OK truncated
/ Frame 82D7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 984e75b190b0aab44cdf4715843ffe264498048391458e84ecb00f6b446f1e04

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7E22 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08cd796d9f35e673a64293096ec9e16b165cc5e5eddeee9ec79d443fdefc1eb8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 82D7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CmgjxaXAmZfi6Hffon88Pj8KqoA7iuLu8c8n096nTEWQQASCCurh8YPWlv4GoBKAByNma_QPIAQmpAsfNtip2h7I-qAMByAPLBKoEyAFP0HS71eWejdWrHwocIVOKnPr3_KuksQkqWo_e6Rb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41846d4599d4dfe00000000000000000%22,%222%22:%220x3512d12700ae8db70000000000000000%22,%223%22:%220x3ceb3d...

0
0

157ms
67ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x41846d4599d4dfe00000000000000000%22,%222%22:%220x3512d12700ae8db70000000000000000%22,%223%22:%220x3ceb3df86bd14ab40000000000000000%22,%224%22:%220xa66df97b310081110000000000000000%22,%225%22:%220xc257742827b5143a0000000000000000%22},%22debug_key%22:%2212222385808010989727%22,%22debug_reporting%22:true,%22destination%22:%22https://frankenspalter.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067887816%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221387126747471363585%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x41846d4599d4dfe00000000000000000","2":"0x3512d12700ae8db70000000000000000","3":"0x3ceb3df86bd14ab40000000000000000","4":"0xa66df97b310081110000000000000000","5":"0xc257742827b5143a0000000000000000"},"debug_key":"12222385808010989727","debug_reporting":true,"destination":"https://frankenspalter.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067887816"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"1387126747471363585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Oct 2023 09:52:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 09:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x41846d4599d4dfe00000000000000000","2":"0x3512d12700ae8db70000000000000000","3":"0x3ceb3df86bd14ab40000000000000000","4":"0xa66df97b310081110000000000000000","5":"0xc257742827b5143a0000000000000000"},"debug_key":"12222385808010989727","debug_reporting":true,"destination":"https://frankenspalter.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067887816"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"1387126747471363585"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 82D7 33 KB
33 KB 279ms
52ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 362921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 05:04:01 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 181ms
65ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 09:52:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7E22
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CvvE-aXAmZcrUHeql2OMPq8WtyA6P46Wuc8yqle-1EbCQHxABIIK6uHxg9YWAgMQEoAHf0dWjKMgBCakCx822KnaHsj6oAwHIA8sEqgS7AU_QM4-sI3TYKNtYqMvegCukxOfdeEW4ZesRIzJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x54f5096d7369cac10000000000000000%22,%222%22:%220x5c1fa8965384d4bc0000000000000000%22,%223%22:%220x7a0c1a...

0
0

66ms
66ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x54f5096d7369cac10000000000000000%22,%222%22:%220x5c1fa8965384d4bc0000000000000000%22,%223%22:%220x7a0c1a703a72b55e0000000000000000%22,%224%22:%220xe8dbb5846f2bfbaa0000000000000000%22,%225%22:%220x633fbcc76f5193d10000000000000000%22},%22debug_key%22:%2212817852285785222668%22,%22debug_reporting%22:true,%22destination%22:%22https://ubs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210812221663%22],%224%22:[%2210-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229173831035291725777%22}&andc=true

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x54f5096d7369cac10000000000000000","2":"0x5c1fa8965384d4bc0000000000000000","3":"0x7a0c1a703a72b55e0000000000000000","4":"0xe8dbb5846f2bfbaa0000000000000000","5":"0x633fbcc76f5193d10000000000000000"},"debug_key":"12817852285785222668","debug_reporting":true,"destination":"https://ubs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10812221663"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"9173831035291725777"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Oct 2023 09:52:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 09:52:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x54f5096d7369cac10000000000000000","2":"0x5c1fa8965384d4bc0000000000000000","3":"0x7a0c1a703a72b55e0000000000000000","4":"0xe8dbb5846f2bfbaa0000000000000000","5":"0x633fbcc76f5193d10000000000000000"},"debug_key":"12817852285785222668","debug_reporting":true,"destination":"https://ubs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10812221663"],"4":["10-11"],"6":["true"]},"priority":"500","source_event_id":"9173831035291725777"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CFF 37 KB
15 KB 37ms
36ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame BB53 37 KB
14 KB 40ms
40ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1697010761&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017960352&bpp=2&bdt=582&idt=1012&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4dTjYUmeZ7&p=https%3A//www.babup.com&dtd=1018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54E5 436 B
280 B 692ms
691ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1697010762&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017962344&bpp=1&bdt=2575&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D327a01ceb8ef7404%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MbnyOWp_1C0yaMl61U-1EzwlqgX4w&gpic=UID%3D00000c94b86af46d%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MZaN9Kgn3DnaS_L2horoVnk5ER8PQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&psts=AOrYGsm_tMe2VxEllVu093a9ScO2i3CexwJ2QpUhpUD-PHIIUwsPoSEzv7jUhoG_o9CkCyYHmcupx6X4tAGe-sD6syMaPWa7%2CAOrYGsli9UvRqWp7FiQWNhqVWqbcfOc-93SOBjJDYuRPWDCJIBeGGlIgMbGe3ACrakFlSM-aL5du9WG8lX0z-ABw-e09tQ&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=K69T7U93FE&p=https%3A//www.babup.com&dtd=464

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e7722a4bd4fc9b485d47d6811ca4b788b9ca7119309b6993f5ed3b0e2cc40b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A29B 436 B
277 B 688ms
688ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697010762&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697017962344&bpp=1&bdt=2574&idt=-M&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D327a01ceb8ef7404%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MbnyOWp_1C0yaMl61U-1EzwlqgX4w&gpic=UID%3D00000c94b86af46d%3AT%3D1697017961%3ART%3D1697017961%3AS%3DALNI_MZaN9Kgn3DnaS_L2horoVnk5ER8PQ&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=1086418602636&frm=20&pv=1&ga_vid=949994581.1697017961&ga_sid=1697017961&ga_hid=1517553318&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31078363%2C42532403%2C44804782%2C44805098%2C31078297&oid=2&psts=AOrYGsm_tMe2VxEllVu093a9ScO2i3CexwJ2QpUhpUD-PHIIUwsPoSEzv7jUhoG_o9CkCyYHmcupx6X4tAGe-sD6syMaPWa7%2CAOrYGsli9UvRqWp7FiQWNhqVWqbcfOc-93SOBjJDYuRPWDCJIBeGGlIgMbGe3ACrakFlSM-aL5du9WG8lX0z-ABw-e09tQ&pvsid=1501777917228061&tmod=1419700115&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=0nt9ara4pL&p=https%3A//www.babup.com&dtd=469

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4ec08ad7ef544fbfbadd6a1400d6d9885a490eb77beac27f45e69047eede1423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 1A97 10 KB
4 KB 46ms
45ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 68323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Tue, 24 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 6F20 10 KB
4 KB 37ms
36ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 68323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Tue, 24 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame CFE1 10 KB
4 KB 60ms
59ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 68323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Tue, 24 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 975B 10 KB
4 KB 59ms
58ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 68323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:53:59 GMT
etag: 2603938475786422795
expires: Tue, 24 Oct 2023 14:53:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWky14JqXD6PZ6MVV9mGCk8wLauUyI9JM0bh6T4ACEaxTKzYi3fbJhwhz9xpIF_s2xl2ysaRxuT4a0OVJeodSv7UDBENQDKtLnRZcZq400flPPdwo61x8m-eiwnSVqayjABlmHuWQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
62ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWky14JqXD6PZ6MVV9mGCk8wLauUyI9JM0bh6T4ACEaxTKzYi3fbJhwhz9xpIF_s2xl2ysaRxuT4a0OVJeodSv7UDBENQDKtLnRZcZq400flPPdwo61x8m-eiwnSVqayjABlmHuWQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MDE3OTYyLDg3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsImlqVmR0M3NmMXRzIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ijVdt3sf1ts.es5.O/am=ggE/d=1/rs=AJlcJMxsr1VCOucfiMRXXY9yKWlqgBuGYw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

c29c77757fec31c480260666714c70dfbc595ddb5bb65aa9fc91d18ae0478cbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KMody6P-SW1EGkBGTxkJvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-KMody6P-SW1EGkBGTxkJvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 81ms
80ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 11 Oct 2023 09:52:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1A97 4 KB
744 B 43ms
42ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 09:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 08:46:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 09:52:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A97 205 B
520 B 33ms
30ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 01:08:26 GMT
x-content-type-options: nosniff
age: 549856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 01:08:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A97 604 B
696 B 34ms
32ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:55:08 GMT
x-content-type-options: nosniff
age: 154654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 08 Oct 2024 14:55:08 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 1A97 15 KB
7 KB 31ms
29ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:55:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 1A97 20 KB
8 KB 33ms
31ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:52:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6879 478 B
242 B 70ms
67ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNWMWSk-SaaqHbrXjhB4d5YvfVESRI257se2yECY_XBFK2oMyCUDFTpVLEe_ua07abal33Zq1C5fRWuLimqBG_lKHsd8FA

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 30B2 89 KB
31 KB 161ms
158ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 30B2 2 KB
1 KB 455ms
42ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890762&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0joKCW4RGxdlk9XR8sU03gJ&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Thu, 12 Oct 2023 09:52:43 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 30B2 9 KB
4 KB 458ms
41ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0joKCW4RGxdlk9XR8sU03gJ&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 09:41:56 GMT
Server: UploadServer
ETag: "182a72be22ed58ff71d810d74dc7cb7a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Wed, 11 Oct 2023 10:07:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 30B2 3 KB
1 KB 33ms
31ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:12:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 30B2 20 KB
8 KB 32ms
31ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30B2 187 KB
59 KB 45ms
43ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B2 42 B
110 B 74ms
73ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COvxBRV6oMC2O1_YDSpleRYticFPFPHm4XbYTukMwYDYJWnV1VZl9aPeMBp01qtykaL1mFz5x2LJY7Dc63oqiTDLPNI-Yn6LWO_7FS6N2N_u9o_XQ

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B2 0
121 B 73ms
73ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2063245552341333408&x=1&ct=77

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8DB4 611 B
310 B 77ms
75ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNX4lrbIJ4z3sqZzvOV10bFlg3FMLP-CIwXKgNSes2jbI4k9vghdL-6WJ0cLtRGQxe3muqhiS4eebpCIRMzhed2X7UgvyQ

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 05E3 89 KB
31 KB 182ms
180ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 05E3 2 KB
1 KB 422ms
37ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890762&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0ipqnRV4GtGJsG0BWMr5jhq&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Thu, 12 Oct 2023 09:52:43 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 05E3 9 KB
4 KB 419ms
33ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0ipqnRV4GtGJsG0BWMr5jhq&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 09:41:56 GMT
Server: UploadServer
ETag: "182a72be22ed58ff71d810d74dc7cb7a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Wed, 11 Oct 2023 10:07:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 05E3 3 KB
1 KB 49ms
47ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:12:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 05E3 20 KB
8 KB 46ms
45ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05E3 187 KB
59 KB 50ms
48ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E3 42 B
107 B 70ms
69ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5J7utAlcIxazJBRfngGJCVXevqKSAOFe4pnl4laKG59xH6d4A4XTYLBC4et7rKdwg7ulTeHpFiPPIGo8EyK_pRKkY4Pb9lfck0p6wNw9dCigEos0

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E3 0
56 B 69ms
68ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14158013190161399013&x=1&ct=77

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8AD9 441 B
244 B 108ms
106ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNXNkgq554TVLlVd0ulQPcEN-CzZSwVmq5A-quD7tntDxgBTEfJxit9hYP5zEC9iPpCnf9cjrsLORcWPhzGIt-2MFX-YCQ

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9675 89 KB
31 KB 174ms
172ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9675 3 KB
1 KB 42ms
41ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:12:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9675 20 KB
8 KB 37ms
35ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9675 187 KB
59 KB 73ms
72ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9675 42 B
107 B 135ms
135ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bz8Bbg8HP0cy87CNevhj_AVttYcOr4LlVlzvzta59jXb2LJg591p1V4U09JSV6Qdd5OuYII-oTQnuXYI1JQ45v1Hkyw1WM7MB906V8-3yvJjaZoiY

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9675 0
56 B 135ms
134ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14224486651865270928&x=1&ct=119

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxURqUCSu5pYyGjvYfEVC2fkourlcHADeHjRUo_L6DILgxL-IC-Z2Qh7gL2t56d6PP7BzEObTNyY7fJHnJDROQF2roMp-gMDGpkoOHCdUHE3_nfszWZ4MbaktcpLDuiL5_gbgb_qqA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 127ms
126ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxURqUCSu5pYyGjvYfEVC2fkourlcHADeHjRUo_L6DILgxL-IC-Z2Qh7gL2t56d6PP7BzEObTNyY7fJHnJDROQF2roMp-gMDGpkoOHCdUHE3_nfszWZ4MbaktcpLDuiL5_gbgb_qqA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MDE3OTYzLDExNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJhYnVwLmNvbS8iLG51bGwsW1s4LCJpalZkdDNzZjF0cyJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

274fc2680c0d8472de5618a221d7f6ffbd1f05cf56785e513248b055d3c1944a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X0az98YXPa5zGA_Ow9MW2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-X0az98YXPa5zGA_Ow9MW2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 6BAE 23 KB
9 KB 99ms
97ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6BAE 3 KB
1 KB 100ms
98ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:12:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6BAE 20 KB
8 KB 97ms
96ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BAE 187 KB
59 KB 102ms
101ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 6BAE 37 KB
15 KB 42ms
41ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 18:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 18:09:59 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6879 170 B
409 B 235ms
66ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNWMWSk-SaaqHbrXjhB4d5YvfVESRI257se2yECY_XBFK2oMyCUDFTpVLEe_ua07abal33Zq1C5fRWuLimqBG_lKHsd8FA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6879
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1&C=1

43 B
770 B

104ms
104ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNWMWSk-SaaqHbrXjhB4d5YvfVESRI257se2yECY_XBFK2oMyCUDFTpVLEe_ua07abal33Zq1C5fRWuLimqBG_lKHsd8FA
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeBtk7RJFDncPTLAyQdqQ66hI6nHgJY%2BFzseDVmRYJMCWh1opxdp8qusw5wTFrTH5%2Bn66dVFLAUaTNAwoITU1Qw1bssLi%2BGHK3FIxvNwRoyK6RrfbEq%2BFJwqXrnw13OA0rJJvrnb5ySlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81463640ba32f154-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dB4WV4U1sMn94xw3NM4Mo25KkG8mop98NzkhTwKMjMUDa%2BHJPEzkwIFE0uQ54GdsLy%2F%2BqGfCpF4CAPh7NVenE%2BrMpDwEVvSnDni4P%2BIZaaIuVDAns0dilkEUcjeCtp3s7o5hGI8RzEMDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8146363fdc19f09f-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6879
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSZwazBklmhcMlRcl9fnOgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1

43 B
731 B

69ms
69ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNWMWSk-SaaqHbrXjhB4d5YvfVESRI257se2yECY_XBFK2oMyCUDFTpVLEe_ua07abal33Zq1C5fRWuLimqBG_lKHsd8FA
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHbTOKtbOF3nTmgPEF1U03NwGQtytphNi4E6qzIwsDkhH%2BaLtHyid0U7egHRVZUZRNcta9tYE7Pw%2BSuj6o4TGqrsx6XdiKmjh3pJZ9GTTjbX4pNIW5QWjlSUYxkKmSghwLzaepjQETcAHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 814636411aadf154-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7SHDB7CGUltfk7UD8Pv6o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8DB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIrqftrMbfFgE9M7Z4zD930&google_cver=1

43 B
839 B

48ms
47ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIrqftrMbfFgE9M7Z4zD930&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNX4lrbIJ4z3sqZzvOV10bFlg3FMLP-CIwXKgNSes2jbI4k9vghdL-6WJ0cLtRGQxe3muqhiS4eebpCIRMzhed2X7UgvyQ

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
an-x-request-uuid: 4c23b58d-8a34-4bcc-a7dc-0a5483565cf2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIrqftrMbfFgE9M7Z4zD930&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8DB4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NDI5MzY1MzA5NjMwNDk2Mg%3D%3D

170 B
232 B

46ms
45ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NDI5MzY1MzA5NjMwNDk2Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
an-x-request-uuid: 604ec8c3-46e8-43ac-bf84-565af0fe1987
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NDI5MzY1MzA5NjMwNDk2Mg%3D%3D
x-proxy-origin: 92.104.172.222; 92.104.172.222; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8DB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDau7ufZ4gP6qbzJBbanZeU&google_cver=1

43 B
180 B

48ms
47ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDau7ufZ4gP6qbzJBbanZeU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYzq6FvQEwAQ&v=APEucNX4lrbIJ4z3sqZzvOV10bFlg3FMLP-CIwXKgNSes2jbI4k9vghdL-6WJ0cLtRGQxe3muqhiS4eebpCIRMzhed2X7UgvyQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDau7ufZ4gP6qbzJBbanZeU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8DB4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2MmQzMDAtZDBjMS0yYmM2LWZhODItZjg5ZTMwYWQ4N2Q5

170 B
232 B

46ms
46ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2MmQzMDAtZDBjMS0yYmM2LWZhODItZjg5ZTMwYWQ4N2Q5

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2MmQzMDAtZDBjMS0yYmM2LWZhODItZjg5ZTMwYWQ4N2Q5
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 8AD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEDU_uWHqI_PCGWhfLHw8rdA&google_cver=1

23 B
279 B

65ms
64ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEDU_uWHqI_PCGWhfLHw8rdA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNXNkgq554TVLlVd0ulQPcEN-CzZSwVmq5A-quD7tntDxgBTEfJxit9hYP5zEC9iPpCnf9cjrsLORcWPhzGIt-2MFX-YCQ
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Wed, 11 Oct 2023 09:52:43 GMT
pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEDU_uWHqI_PCGWhfLHw8rdA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8AD9
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlOTJlMTQtNjJhYi00MzMyLWE5NDktMjlkNTNhYWFiZWMw

170 B
232 B

45ms
44ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlOTJlMTQtNjJhYi00MzMyLWE5NDktMjlkNTNhYWFiZWMw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNXNkgq554TVLlVd0ulQPcEN-CzZSwVmq5A-quD7tntDxgBTEfJxit9hYP5zEC9iPpCnf9cjrsLORcWPhzGIt-2MFX-YCQ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlOTJlMTQtNjJhYi00MzMyLWE5NDktMjlkNTNhYWFiZWMw
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 11 Oct 2023 09:52:43 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame 8AD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEGyRy5192Lct7qib2aclyTk&google_cver=1

43 B
175 B

668ms
109ms

Image
image/gif

3.219.162.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEGyRy5192Lct7qib2aclyTk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNXNkgq554TVLlVd0ulQPcEN-CzZSwVmq5A-quD7tntDxgBTEfJxit9hYP5zEC9iPpCnf9cjrsLORcWPhzGIt-2MFX-YCQ
Protocol: H2
Server: 3.219.162.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-162-37.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 11 Oct 2023 09:52:44 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEGyRy5192Lct7qib2aclyTk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B2 0
56 B 108ms
107ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1954432296963&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B2 0
56 B 103ms
103ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1954432296963&version=m202309260101&ct=77&x=1&cor=2063245552341333500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 30B2 16 KB
12 KB 95ms
95ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXOIf6ma2Sfg_zFtoiZWV2cfTwPSwfI7L10gKCQgO3qy7FlGR-U8HIdw6n-JLPLhS_tdYE4dQmxGyh098fEMRiaXOTzZOmGHVp0PWfomZ7lOskW4CIinBj6fsoM-v6-r9Zm69VFOsn1sam-uck8MmK_wIuVL23VcULalqe6dyWqKDsjPU&cry=1&dbm_d=AKAmf-BLDGOfZiWlNMy3wBeS4dWI4VEd0E1ysuJo4XAU0yweC8U3CMclJtmUUHCN3Bk6rQ-1mHIMknKXeW80tOD1HLbmHtFid-OjV2LweGASUqoeRQizBOxGIA7hvq-HPygtnIEOSbWN268aaO62adoqiCJZIMH7sTCdAM9ltUf00jT0Go-h6-q6eeoJoI1CVnZNdGL3M-a3ZXXhby_LWFQf-3A3SRdn_IkN5xo-1zyQK8QrigPJJhkwz7BEaWAEU3g18rivKc57XhQJ-LY0UpbdTXUFu_amBHnjNeHpHdMTP2q855qKbOig8WGteToxnAz19NZVi8YYccG1a99fk9j8QiJUzQ3AXhFwfaWJtyuCKKMmUOl324nPyxVXwSLmH1FdRgtY9xo9EG9LryAw4F6kV4c8QdqtyhhcfurQOfueqVm1DiZi83z115hQ0PHDJYctJMi6nEqHu9OFMtQUYcwfmqajVTGQH0v_L0qyrGth-8I4KrMsdcPl8og5bfGVjSotJJnzMHD7lP7s2HI5EE3WTx95dgv03b2fk6SqXDVZXjyep2CbK-9gYJJh_YuAP02uXOpP69yCBAPNk1fbjEU6YdFeqfPykuvrcar2mkoo_3h5DmcsDsuM8aYKfYWOyEalA854qpwyWiY1m7XE1OpjwmGFob9Y_Fn6Ma_3INiM9tahajmyGzFBLgc_RmweYNyr4I109XxzF3YuIl2ug7B7l1Sjemfg-uNy8Zm5uwTwX3VLMUAJmo1zaiRcXobKTfu7WnqdoANFYEMDItVJTLv9vCBIrRPE6IKk42pfbxi405wfIRKdokAs1mCMfU6OZzRZ2-iuQHWn3GuCYSc-D2IbaXqzymz4BvSROsXT7CE3_hxBs47KYtDrBbLQf8SEtE8oRX1uha1buSvj0G2Q_NtpKxBBFJad7WwWZlKbnbrcrVO0O95CDpyfhfNFW6vZbtJ-x6tkrnLF9zNyWyM999r3jLO92wmJ37CYVev0VMT7F4AGLuTTN6Dyyicld3t2aJfPu98ttiGsrfkZJyuvk-GcxxCFPRWaIiNJbwafu18DgCeUY7q2XB3r35CyoVstWt20sDCSRKw1wl9KP7btumL49_srG1Vr9A4bQpaSFZBbid7AxKLf8X_9rYBtOr4fr-bExQyyyZJu0IYz6qiVrXUlrDmdVOOIr-LzTGKFifl5v1tNAv0viEd6qVoVjU9iAMZMuThA_ADk2-snVfFe64MGnEv3X2nnLiVfffDIB7s1QJBr7xuRgRkAnEb5U5c4cKKQZWKjm2HaBr2o9-lMiBxhRJooh0zSbH4RlPQ4P3h0f6_MlX1khqe3WnCxZL_yabIkbsOETx4Sqt1VkslnKnU4Yo2vukIO_CY87fO2Tm-PsN0RzTf57qZEh-t6qJSOCtqFgQLeO78eEVgB8Gaanz2DwjgwaSdOPpLJg6WxfsL2ceLktiCZfliAI0OfQ-po27o43_4rWwp-TcBmfBV9Df_k3xfQN3itmDpz2GmeIOr5DWw9F_ueJEtjy1LHD18XPM3LUVq-GPLooxdunY9kGXRHn-p6B85cqpsoKAroowRdMZhWF7g7RZpG5CYYQSARaRmen5D2KiZQZfMxWCRHdQ7VAuI5ujs2VlpaAEf1msDk7Q9DRKqwjQnBLoWkSkd8YUxS9Uy_YDBZMpGRHytC9bSJk38qsLDTJCpH2tRG_Y2q-Sq0h3h2cc837eP31YZ2UJXwj0QVo9uEhBdgM65SeQFEKPSiIWvorjrkuVOGrRrWH7aydrt_NNdcPd5OqR6z1umadF93Uul68Qr8Q0wFy37t2DpMnltoUTki3xrVl2p53vgCBHAvXy6Yln5VyXF2LLgM7vu_3ZXOroUvryztzYfUGmYec7zSKzqVtBZ0Wi17t6ON2pKBro7qFqzTfaC-BDOP4IXrqV2n223de_6q1ANb8FTj2LErDZEfRSj-ztktCM8s_5bqR5Q7Sy9qw9ZtaEaXxkBwRUE5W4ORKjVdDjJZWA-z3Ae5c7KnCFR1KnpTe8U7teiqGFgMl4kLS5V8eh4iJAl_mJIRC7bQQKcjFGsIksoMQQettTqJqhkLmbIM91Yk4HSoO0CeKutJkvsFxhzNGIy7A9Oine2466Nm-RG1rwDFIUg2a3-gCc5l7VQSkEe8WLuxhFEIUqj5MST_CMzroqgFy8Ah_S9EeAZXmPkg7xDjpHLs-3zIiCQ5AR0qHvTi5vvhlnrRcAEWP-x1R_D-9aia6xg4PTaT7Qby0p8rIOH5M8XucpWzRU-mGyWs2upRM98hWRD_Spt-CHHqOu84yeJCnhjjIj8MPi4WVHDI5rgU2diEW37Su9VH_9JhuzaiacRgIw4V0xjxzCTYbjnDKJTLniBzBOE6quFa65HbjkcUosBaAH7t7m3qgQWFI8PL3YjcrFAtUhUzHz0ee1arJUV6YIX-bdMDj1ATrkAZ-kP0dTNGvXwAjlkXcIOjweKFr-bNLLydYlStCqC5FkdCjA0j9txzFfhC2cFXaozaCn7QbceX7gYgxifm2T-AzZgQg1IzU7U2oBi7CQdS1pgAg5z9iMlbjK1mPZmDWwke_KezIo7GXL-rA51El5rizboQGYgvUnHfbzb_qDExEK4gjgdYMATYcCCbpX9gBmQasqZiOoAQJu5doo25Vzau1PEjNBoyNN3JPYXE0T41avNTG-GJmjLcIv0Ie-O4fUA_EjJET78h2O4hrCR2gePoEpHt3i6R1GHvPnG0OfPYK6KRzWWBHyuisxwpfqaCTK5ksS4TZ2fQxUeTbuo7xamdueX05J1Xezqum0nGvUkLDItYUOCmECm9I0AXHWWohHK4Q3giE_gcF46Y5t8iL6NIc23ZFzGTgoKkRujbRXaggrsDQboaakgBwLJTkua8K8zBWf3f2ZRppPt24-uEnZZni-uLNO7d68zb_fvyka2G6n9pR35A09kIOkt5gU2WEDn18CkuhnjNwJt-3oO0jbGBC7U_lHuZQHVVMMyoCAFfOD0gMDmNoKbivvSxR15VKUcdXGy5xVXOog1PbSLMFNf06oZ-PXzY37NhNRoal0fRuR1I2vZuBdYtgPyO-P4WvcY-Dws4MMa2UyYF9lTxcCaws0MkJjeoOVRX-qtgZk6cS_fZzAlxllJToExzZKiEYfxunmB-qMgmrHPpPl5ChF-cVcU0UPK1jfOdZQPqXhlk8h6w6gv_5SgFa8J1qUOXm9EB1xknBZsmL6n08MCH_a2pJGwO_af0Tl6qRTuB6wHt0T8BjWowdqLkqjopF5i3xidzMcRC1ut3GZrpLqEk8BUoQYyOnjTMIXp8HMDXD9k9gHyr3UZoamGhfPP_s7se54D4LoAPLa-VAMUI_BZnWRnIpMQsBP16IIquDH6Mj9YrtepY0y2HgDFQSziX38-uIg8e02JOg7o0RLkGVNebLbLmGtyc8fPgyvITkj2VL5DRGSXzTWwm5_qIn8jzQebOOL80oe6OlN83OBoMTJC1FNdgxCd2nUZ6dOC_LB8cIJ8txtzlG3rsVtO5q2Ja9rrTbKhv1HV35kWc-94oFg75_M4GVhByyOj1KedYnCBh4XMkSYZQ5oTq1zKbcyBNHBbmR1O70-4pyFcEX4g-Nb8dH8UQENpRP8yLNUwstNs8uZC088ai733PrdDXIEkjM7eQupCst7KJGTL02Z726SDn5goLgjGJ-BDwkGJHgnMcjk6Gdr8_tDLMXNrT&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=2063245552341333500&adk=3062569608&idt=190&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

64bf45a08d59438086ecfe95f16edcc19f1d9862d71858ed0434dc8f7a0100e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12203
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E3 0
56 B 67ms
66ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4699842256095&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E3 0
56 B 73ms
73ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4699842256095&version=m202309260101&ct=77&x=1&cor=14158013190161400000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 05E3 16 KB
12 KB 84ms
83ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5EOcNbBQkKzpNFLdFi-qgPce5EA45Z4LChepllEAu37p4A6oOAbVTnlOyWGyU95k_prE36Tm0WsOKlY2YHhEA4FRfOYoisAVREGrv_7zWxxscgdmUJ25S1dRqf6fr6KWqMXPWhZ1SD0DeTwd2UrbqmWQeVqv9UVjS5L9TErEnQLOHbGI&cry=1&dbm_d=AKAmf-C7gDJ2zlhb4Du8khJd3pYYjkSghSJYWY7JUM0KiF-yPdx3ZwMWz8nf9E_Yig0ot4rWFRhCSpoh1VsodxnEycM62GSLQUZxS3UKvwAfUaAGEdthagpRDG1tU1BXZZH-Yfcgp1qZfUZX4saQSaOSMGHSlw3L2pSfvpsmtOhTRG3sSVib3LxQC85Oz73O0YbfuveXahh3FoZpEw-4EUq08-Y-sojyQ1dSKJENhPD1M4iWDKX1PGYt8vBjUJogx8Yz6eUHHi2Ixdtn_NFqgeRNui2CDdBPwWd-UKNTOf8tvlbIchS0sJKL1T7-OALOh3nSdrGlNsKeJucinD216toC4RDM1pfGt48AYE4jApRTXFzvmzxRKcMOL0GFc57v3efXVnW2XhBMqPbybCV1yms3Wdu7KwX7y27GDTO-eaPZLwEOOpt9_rADL7dHkGer61q6mLMsoWUUWdQynylmkBThZrM-BC9Y0HnEzd4ZWqZpRl4kRNqvXptL4mDmnX6yrhHOEVU9-MBSpW6_hFhb3kw3qY6EH9Io1insMJNkq8Olp028FzDlHRwZScARLBAebYRo3HH18AFtOdcXNp-JPfVd5Ea0Er2evP_R3S_5hQ5Q3u6XoJu5MZcH0qBsvEymD3d5uLYCStE9RO790oTjp_zWEdd2cgWeA1VvOMacQgORKVhsWbtwBctyqTERYxML4RMbn8xmCqOVS9B-FwNt6NfSg3sqSNP6egs02c-5DmYwgYeujriGsIH9ajQO4aarMxvdsOgGhteJtSeb0rz9p8Lwg9mdA0Z8CXs5BWeduVBRbbXMaKpsOptCphc8S1_4tiDbQ98iw1FMBhh877tazmSeWw86f8BEQW5ZKu-A-MPk4viXsvnE3zp7Qw9joqxJxy5EI-JwOn4QJxRD3DDXkPc7dWf9TjX3vmjQ-8JT8nABxykRk61-VPLK-O4VoKymLbRNZlEqc8iFIHSHvOQrswxJFkefd0hKr9h6DQXh1M-24daf8B-YFSRjo3nPlOPnx9zce1Pmy1f2I-kQC7L4L9rD36EGK5Fqr_rQNG5-HF-lHMvafhlsCkGvLRP_tAeFbEHhsMuk2vuJTvTVsmGYOcn6NGngoXIn-5vuFOdDW92jKSKoIKFnQhFgZQHDBIc5_ffDDsefGjl3IpNhKhPMILugmUgD4ayo_PWlnCZXQE5luCJ-Pcv0Jp_z2hfdnnNKlE4cI59f9WHo2JuLdtT911_HF5DZSLYpC7EuG1AcUzbmnO2Ge1gzhQfr5dbGO4S8JqSdh1go6ERoZhCCAXsCO-pSKpt9SOSHy8rGx4zTn-EaaR_o9R__TU_CSFvJ9Vx_NK0pwOay9DcCGk_JLujtmfoNbC2Jw4IfJQ9ovCMLK34npr8ATEyRgBBYahlfAARZARiuKY83mutusPj6NrU8JPDi3LC1TmRroHN3RyZyvbBp2AY5PIoYOlCmuvNxOa8t9uwk79bIfuKyHuibGZ5UirvVxfp0baW05YIWFe-mHomhHLjfz5twbrobu25M8r5JfKFvp80QHLLdgl5QV9DAhBOXHFITJSTG2YP3cHypfoO5xKvAgShrSHY-rIJfQxg5mpDsIfR_IbptfFTBLag0OADqFFIi-FEOON4yQHQc9JpevDsnIx-PHEHygx9OFdCWPu_x0kXOc4mI1wkb3B6NfFXv58DsRBmRAG-bPf23wLDAcv5QowT91VudGYF830YjcIwSuSJ5seSyp1P1ubgLE_q3lTQKk4r-ttSjILOL99kYovsOfbJzV3PRgM8e1cm7Q6ltynePte-DqU43gbrZdLzwGRcHQgXiLes-CNLYZ8bZ8bSh24JXhw21oSL3DFTQ3ivydIasL_wm0gWrsBtxoJjhK_xoY_Bt3BVkAhmAdwyt_xJhr3IFeAgg0exEFTPaX_zEl-0P0_2-U74cCwrAiWW7eigCDrrv4cJRXfxeh6pWJISjbspN5zRpNjhtwCkMTQOXTaSh549juwdGPTpr_ExYP_2sN6AoLco1nL3IxH0tV4isTSaHMw4BQdK0XeUmUVx8PR7vO0gufNcJsqHKHaZyPnvsvszA2NByeMXqNe988oMbgEkNXJXZepra4tOokxvgF3HqidYOnjsGJRXVx8M87X2ThxlK_E5xnwjgumUI0muyrE4ubyIAM2626UeaohEy8su-6pWeE_6p5ldvJ6t8YrLNvZ08N3epzHy5H6c1Cyun9CzxTZYEPPKDEHpnOkntgzhzzHSnJlGMEOu3DsYjrpgi1XSEysf1JSnS1pHZSeyV9qkB3WyM_fYvKv0Bnh7qy0yh4ryTjJP15NwLwlV6f4JXoKzwP50a2SMtqCyMnKbauVYiLUiiKz-8RSf6vTLHG1loEX4q-C8RuJpALeF6MYiHr18692ulJJYgwvexkUuQhUjmJp1ArSEwHoVCvd3U4V5R8m0yrS3pXl-8469V47JkGGv0grh3E0UHM0TqClH0G6YqzOuZXgPPB7uJImvgIJqBIz5XVBxk74hbkOxq0qQSqUlXFXmI_c45gACNwPkDB_cDhrTwiJZo2YeT30Jb-Kc1X3GDL1t8vP9e0UhwUdGBpK-wltxBBkaJ-kswufN9z8EXYPuOAnewHAWQ4LOJE7ZaykjemglgHxV3Q61KFX_QKNSegJCsDe0f0YbKA9Pzc-VhcRSfDhBq9Zh6pPCfO6BwMDOB_hBmreVwQVuaeSOuSgppEVewfkmi2Jg8cJ278oQpaZp39SmYjFgDEjySbUDJMwCj5WzeZZttx5rC2K-8RQWoqUXQAo3OvbtqwObWqXZjxPu8AWtx__FSAWaiBGn-z1V2A7GFknyJEpKGh6t-fnLdhjIRNAAqLPxzcBGnYh1TEf3mU36Xxq-bE7hHAD753waqwRck-bbQVZBJXlWcnmipIl9EmJcR2E4rz-aQ6QvVFxjSDA6xuUjJBxESJgBaiDG8OxfmPjs7nfZhh0200INqhklkNqQ0E-f7FqhJUwbGMn-nS6PcFEfHlrwj-QqG78TLfBTpguTrHdWYKb5FkanbGbIoqMBw0uvDbm91epK8n_MtalDKzkwvex8MD0QWxDhCZVuSA_CF2NmKKdqLKyIjWat8ODkAujKEDwx3Kb9Tp-a1y6dt7hjQW4j3B4x5JFK3fsf1MVKzw_uf3RyLz-cC00YQaTHhpTeMsgL8AoVp14jbKdlX1TFEWBNnbjNLNFLzkILPEN0LvX37MelGt-bPfL2YGkxXDHsUnNnXYJSescpAnYngSvcpySJFheY7_T5NhY6UCWaeoy5QphBWF3sp9CuqWYk1My9mp9bmCnbLCIqiiiXr6476o8nIjJfuoCyB0dyuWgBYDukeKSP8WCAVc-0WIWldr_T6xYJMXvedetr-lZ584wWexCZEcUZoOhE92-8DqxRxOayfsvl9gqbQJhwYxlt0DNnDnHlmOvL1sf48_-DXEMn2EUeiSK_Bq3LUpR4RtMTg_4IYj4-bMLWdNcEwE191o5Amfapg4bAqIx8T1IG1JXXPtEZB_I2f5ZqpWtrxrO_yK4z6M7ckbQ-yhZrqqJznWfGN5qw9QMmAueoxmzG-JZDdeCQRxNtZ8kYq3JFaYJR4s3vNHDBd8eiZb4u_JT_sqNmN6ZeZwObxKz1SclKwV52K2WYC2fyDT0Pw7iaUPDLStpJygAcKla3d0uqqAe4ISKJxxxBkKXPyCwub0pNlyv_Xo6tAvq1GTfMM&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14158013190161400000&adk=1935140218&idt=202&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

38feddba3a0b65a3c296b7fb5299ae45e46b71c42e551b8c7aa58a4c8aa71d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9675 0
56 B 69ms
68ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2382800049830&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9675 0
56 B 67ms
67ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2382800049830&version=m202309260101&ct=119&x=1&cor=14224486651865270000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9675 91 KB
38 KB 78ms
78ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA0IlhAwBz1SF6t_2tfvzU9tnr0-fWxsXRIDA45xQLbqcw34Z7aDoyl5546LhkoIINZpdG1tNvT2ou0JCo9vQMgtN3wTVH0QyC3nFt1vfGiK7RxHw_pP004PpTGASNii97Rx0EDuncmP7NJS-QAU91VvQi933EyWJoXKKCZ2gZkHnKdQxNudpoF3PFi2VVongw0xOP&cry=1&dbm_d=AKAmf-DsxH1MhLi-9efLlHBGzNZwPsmDJizzTzMJ-VmlBDOIvBBZPUSD6F1RO-24K0pKVytMUYmB_ekgqykzxhDK99BlS3K6xP7zIsubH7A44kdKaUTYepf3l82kP-AgnwRaVBCVzhiDSqcHLEvJ0TWBfXKhGdELX9AuibacN_cEGIb1Y9G9gfgPY7iejz6sTRdWZdLeQ9FH3Wj2r2OExn2s-GAREBrDLh9mzByGU_BDgV0y9fVFvjSahKCoNFigV55vmQh_BO84leC8euVUqFdTPorB_eAkgDlYGH4mWveG69LXlENWyXcIeig6u9J7qFvuclxCnxaPnVW46VFXvo4jbzjfdF_W0rFAaIZC5HLU4ez0PzxRdtUBpWnpIKBv4Pf-JtEPUXGGDZlHpxA8eY7UIKnXNpJmxMF7DCDE202VGNc4pkowHjo46tdLgH11IRnWTF6UVhVobWf_LdxScNWkPWXo-nTcHjU6lZBFTFcLD8jhZKVVtFUUmfLJcfDyWqJa0uYCOHNPPsCzY1b-B1rWyuxY5Gt5UnfoKwMLtBMP2i_MA58XBe20jJc7YiWCz21DUxtTiS5fXChq_NAzShCCiIP43c72mchYAxffScei07VY0mP9mVgnZ5nodZZ6Eyj4MxGKJcLmjHOZSBLLCITY9VX9-ZtFnMr9dlQpTQuNMGqKMPQwl82sG0Iu1g7kPLW5O5GWE4GjNf0utKZjZR0RuNwFClNfu44cbrjiqkT8isUDwh30doL6KcddN00c0WTkJh8-mB3dnniOEfkVGanm3obdbsCwI0Q1Px-CTNWE3YbZ1Ynwwd8sS-DLIKxz9HqGTZLfABlrzSXAOZWLJI5QcDsq3iNV1OQDslW57hVADvpI_o4FaYWYeWB6_xc6CaVIutgg1IbsoG9WPzxobl9DogPwKmqwrYfHNSqDdvmXKtBmfOlclQ2Y38U2DCCdvc9baTvNHBL-4wefvfdneOfuoGzRpaSVXicStdrfoKI5zJX31YMp2hUg-xg6unvpqch2uQ5kwqeIgmFVG6zwnBfxQK9mkWafmfrnUp57tbveUleYUav05PGmOpm77zr12jWEhmHbrR80vmjCRZOCg2kVTsu9JWB1oaGIdBmptqyNpjS4w6rAspcKar7KtjSHZXKlEQN3Yf1ZjJbpOOMLfLp2oGVagGU_QD2NPlDB9j6pl2HsWLSQ5ujXkLR02Ti0THZLzG_jdY6wgfX-NlcbKtE0gjMU7r4Jm5PQcdllZKSwB_j0i5xStLCoscrZuT4Z9jk4RsZ3TKV4WptbURltFfCUzcHYfkDdgeSSA_W0SwKfTQ5aIC5ED47nHY6vaYanIR41yxgZ5qBJVwXiaOEEAlFsSxY17L6Iht0Xv1ViaUVKUoc22NblBMzhatHC1V_eZZ9ool_m1pWCoeqrsHPMz3whX7-kqV7FBXePFaBXjO_1Q9sTF4Q4tfRlk9LQ1HfUfKMXoXCavTlk1CybayfKiyIFjvnFJGPz42V2uxX29HM_9DLQafC9d3SriswBFuAXSHObTIp3eSUj4tKTaeNoGkD_oFa_FIOfV8yMWqfuyQTBfWFb00EhPrTgwL4ukevYCqSmCSfhQBXbYS4yxXfDSKrZNJM4Vv8Bc3cTEOjh2vQe0FxQsWgx1Jqi5jHNvv59f75Sd1R-65ulrbRh5t_3sLi_YqaAwsVfp3HjMqVYe2s6kebOtUmwR5-5ECl0yvvUeKtEuYvOO4G5qPONygPDOdtMEWgJ0DEbTUEXjQ468oE14qWki4_-V1ywJWUhIRRGj4zcW9tMrFNb4H0Y_SVmx6VqQMTiljbUbzsZf_Djph4T5glJTLsG9NORCiirHkc7nVZ8hfh6fRS_A-7oPbcN5mILpSY-RtKUMQPcJGzK5PfQ8hDgUy-YS9uLgZs6of_GNv4tEZISHNe3MvyOmZEJBQ7Nzu6HYR5AU4163DDIw8EgVJfa4oEom-pHPO4dK-5Snzo6D3ZUppqdnvaJ56WuAsmdsfJRwydm7RAcYJmaO3ynij50vFxnKGEgX4C11vK7gINsNTWiyz56PodKgGqH32j2AGG06ZWQ_RmPI9LWvcahyaO88uJjcr9ZWFRMNpLLHEIiPlv213XlqYihFNO4SRaWpg7qblTC4L9IhBuFfo2hEP541OyeHS3Imc-UArMU8NxoGVB-yyhWD6_VRtfzS_K1cku_Jh-vkm2_QgDhoYJNX1IaFbPFRG3IBJ5UlgT180O7XpfTgtXjhGd_UPoGxmz5wObGQhhlSOrNr6jaeXesr_eL2CoSQYXKByuLMg_hg1dbWLxRX9YCqLm9jcRvAosQaVUA_9DcJiK7vMphMKxd4TaIfAH6gWABQqeoS5_jXnSOV0hJkJL-GTB_RAE6GZpo3hGVkRysC8ReYm_n4NhGHK6PvA2ouBuF0uGJJNygf86gKZIi2iZ0SZqlvKeiPkjMl_jOkXSasPfONz5jwrnWb-a3peqZ8TOM9UBm7LwiK544W63BaHWle1eVhXekHSXqsBUMm_HubPLdc90j01-0LwPDAvKbnr0Q1pLGSaoDfYhYpqeQJlu_avt1ksGiM4X3_tx2z6ZPDUFROFruanOLW1AooSPkEOzi5nwl02ZLtpclR8Dvue-ahveKrpDs1NpaLWk4EI4tuE35dyxpSiu5C8Zf8HIEKkZ-W_BlnHGnpir95uI5YHkk1_8kB95P-JJDFFrkR35pD4Hp4ILPypUv3T4a5mTqm3YDtTK2KIfizFi5eVOTWVQ74XKUHSsjCIWbBOJWtAhXmMVAyNnmhITU4ySQsuqbA-LFKoUWRhngWtJtrn3pX3Ro_C9yFGxqE-JxpYe5FhFlYL9BSAWH_AnQZorswdRR9WeDFuHE_AC9rlhIj_rYWz1iRPvsua09Ys_rcthWSuFgO7hrYvO9Zl27g92eQ0ltW0bCS9HEdJhTIJAvnSwtXnU2bZEQEOF0FuPfUzrGmb9PgEBfk5s9QaKYmZB8IbXjRNRhXD5EqSSSA_6ffeK8VqTD_A-YcdvOZ5xc170sF3awS1s-yzKSMTNGW3GYija9Y9sVggDNUxmlTKKZL9n9ki6-fqd_cjUYPfz4U1Wv7ViYqM28xvQlI0-Ze3gR-AWbh5gHnE2UwmSY1u3onmouB_s7i0bIl0POzNg6wvQ-Scfjh_Lx_1eDte-b7L9MNEY6E08R1dHI6uoy0hOsfVzLJc846YlRmB2rN172ZrN9wCj4Z0F-q9XvVZjN_CFdsCsPK4OBpMhNQB7ErUJleY9CB8Bp4g6VETRs6Y2iFJdAtW1BcSEOacBQpr5MbbBdXHJLxHBfu4hDG-Y-Co9WjCPjIWkxym9avpKXZkFsKnEkZpOCyNiMYfyQTj9Z-XQaC2PMQkh6Tx8jkz61mQa_jcp5mn7urPZd0dB1fuTKkGXeaomWSuX4inKq_7znbubyfrjjpsLGiSuN4q5uppzIYSyn103XAaFjN1e6SGjZ-5UOVshKa1MwjfCuxP1bivdEUHvF81A7t9IAN05OxiHzLRVX4DfAhALdRVwLiBeULwQRp75Rb6jAzmpJ4uYmeNjE7LiMP1-xtdTeamvp7gUMGO0MM55tHm_ujJRNIwQ6s1XJCyrDx7Go5Ta2GNxi1wOsYD4SoQOnjKBLKgiSTNpQVKecDz0XY7Dnlc0f2AqE5U6tu975jjcfplB0Ybc11PIoeIi6F4cUJCDiTbp3zqS5GI8_xSu0d3J70okIAtFULZCxTAMFe7t2DPWCaC4R6uGS0Oe6sEVyW1UmGorjKYwLthcpd8GXZBdDCbNPzK9tF_Ruc2ZafusblGv0Tadf5Nn3P67m3F-5rx_kH9NP9ulTkSJoH597dTsI6Xju0h3o3naG_jbiKWhoYONZFgpCsRhNPF6tijryPrhnKVuIoMqmGdv7gvu_KeyHAPo254SJwEDEotpsMg&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14224486651865270000&adk=1405019969&idt=183&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

382618321bb19859cf68b11ca7e6794ea2cf41946dc7c061b10d165a25495e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 385B 37 KB
14 KB 41ms
41ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 30B2 41 KB
14 KB 33ms
33ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXOIf6ma2Sfg_zFtoiZWV2cfTwPSwfI7L10gKCQgO3qy7FlGR-U8HIdw6n-JLPLhS_tdYE4dQmxGyh098fEMRiaXOTzZOmGHVp0PWfomZ7lOskW4CIinBj6fsoM-v6-r9Zm69VFOsn1sam-uck8MmK_wIuVL23VcULalqe6dyWqKDsjPU&cry=1&dbm_d=AKAmf-BLDGOfZiWlNMy3wBeS4dWI4VEd0E1ysuJo4XAU0yweC8U3CMclJtmUUHCN3Bk6rQ-1mHIMknKXeW80tOD1HLbmHtFid-OjV2LweGASUqoeRQizBOxGIA7hvq-HPygtnIEOSbWN268aaO62adoqiCJZIMH7sTCdAM9ltUf00jT0Go-h6-q6eeoJoI1CVnZNdGL3M-a3ZXXhby_LWFQf-3A3SRdn_IkN5xo-1zyQK8QrigPJJhkwz7BEaWAEU3g18rivKc57XhQJ-LY0UpbdTXUFu_amBHnjNeHpHdMTP2q855qKbOig8WGteToxnAz19NZVi8YYccG1a99fk9j8QiJUzQ3AXhFwfaWJtyuCKKMmUOl324nPyxVXwSLmH1FdRgtY9xo9EG9LryAw4F6kV4c8QdqtyhhcfurQOfueqVm1DiZi83z115hQ0PHDJYctJMi6nEqHu9OFMtQUYcwfmqajVTGQH0v_L0qyrGth-8I4KrMsdcPl8og5bfGVjSotJJnzMHD7lP7s2HI5EE3WTx95dgv03b2fk6SqXDVZXjyep2CbK-9gYJJh_YuAP02uXOpP69yCBAPNk1fbjEU6YdFeqfPykuvrcar2mkoo_3h5DmcsDsuM8aYKfYWOyEalA854qpwyWiY1m7XE1OpjwmGFob9Y_Fn6Ma_3INiM9tahajmyGzFBLgc_RmweYNyr4I109XxzF3YuIl2ug7B7l1Sjemfg-uNy8Zm5uwTwX3VLMUAJmo1zaiRcXobKTfu7WnqdoANFYEMDItVJTLv9vCBIrRPE6IKk42pfbxi405wfIRKdokAs1mCMfU6OZzRZ2-iuQHWn3GuCYSc-D2IbaXqzymz4BvSROsXT7CE3_hxBs47KYtDrBbLQf8SEtE8oRX1uha1buSvj0G2Q_NtpKxBBFJad7WwWZlKbnbrcrVO0O95CDpyfhfNFW6vZbtJ-x6tkrnLF9zNyWyM999r3jLO92wmJ37CYVev0VMT7F4AGLuTTN6Dyyicld3t2aJfPu98ttiGsrfkZJyuvk-GcxxCFPRWaIiNJbwafu18DgCeUY7q2XB3r35CyoVstWt20sDCSRKw1wl9KP7btumL49_srG1Vr9A4bQpaSFZBbid7AxKLf8X_9rYBtOr4fr-bExQyyyZJu0IYz6qiVrXUlrDmdVOOIr-LzTGKFifl5v1tNAv0viEd6qVoVjU9iAMZMuThA_ADk2-snVfFe64MGnEv3X2nnLiVfffDIB7s1QJBr7xuRgRkAnEb5U5c4cKKQZWKjm2HaBr2o9-lMiBxhRJooh0zSbH4RlPQ4P3h0f6_MlX1khqe3WnCxZL_yabIkbsOETx4Sqt1VkslnKnU4Yo2vukIO_CY87fO2Tm-PsN0RzTf57qZEh-t6qJSOCtqFgQLeO78eEVgB8Gaanz2DwjgwaSdOPpLJg6WxfsL2ceLktiCZfliAI0OfQ-po27o43_4rWwp-TcBmfBV9Df_k3xfQN3itmDpz2GmeIOr5DWw9F_ueJEtjy1LHD18XPM3LUVq-GPLooxdunY9kGXRHn-p6B85cqpsoKAroowRdMZhWF7g7RZpG5CYYQSARaRmen5D2KiZQZfMxWCRHdQ7VAuI5ujs2VlpaAEf1msDk7Q9DRKqwjQnBLoWkSkd8YUxS9Uy_YDBZMpGRHytC9bSJk38qsLDTJCpH2tRG_Y2q-Sq0h3h2cc837eP31YZ2UJXwj0QVo9uEhBdgM65SeQFEKPSiIWvorjrkuVOGrRrWH7aydrt_NNdcPd5OqR6z1umadF93Uul68Qr8Q0wFy37t2DpMnltoUTki3xrVl2p53vgCBHAvXy6Yln5VyXF2LLgM7vu_3ZXOroUvryztzYfUGmYec7zSKzqVtBZ0Wi17t6ON2pKBro7qFqzTfaC-BDOP4IXrqV2n223de_6q1ANb8FTj2LErDZEfRSj-ztktCM8s_5bqR5Q7Sy9qw9ZtaEaXxkBwRUE5W4ORKjVdDjJZWA-z3Ae5c7KnCFR1KnpTe8U7teiqGFgMl4kLS5V8eh4iJAl_mJIRC7bQQKcjFGsIksoMQQettTqJqhkLmbIM91Yk4HSoO0CeKutJkvsFxhzNGIy7A9Oine2466Nm-RG1rwDFIUg2a3-gCc5l7VQSkEe8WLuxhFEIUqj5MST_CMzroqgFy8Ah_S9EeAZXmPkg7xDjpHLs-3zIiCQ5AR0qHvTi5vvhlnrRcAEWP-x1R_D-9aia6xg4PTaT7Qby0p8rIOH5M8XucpWzRU-mGyWs2upRM98hWRD_Spt-CHHqOu84yeJCnhjjIj8MPi4WVHDI5rgU2diEW37Su9VH_9JhuzaiacRgIw4V0xjxzCTYbjnDKJTLniBzBOE6quFa65HbjkcUosBaAH7t7m3qgQWFI8PL3YjcrFAtUhUzHz0ee1arJUV6YIX-bdMDj1ATrkAZ-kP0dTNGvXwAjlkXcIOjweKFr-bNLLydYlStCqC5FkdCjA0j9txzFfhC2cFXaozaCn7QbceX7gYgxifm2T-AzZgQg1IzU7U2oBi7CQdS1pgAg5z9iMlbjK1mPZmDWwke_KezIo7GXL-rA51El5rizboQGYgvUnHfbzb_qDExEK4gjgdYMATYcCCbpX9gBmQasqZiOoAQJu5doo25Vzau1PEjNBoyNN3JPYXE0T41avNTG-GJmjLcIv0Ie-O4fUA_EjJET78h2O4hrCR2gePoEpHt3i6R1GHvPnG0OfPYK6KRzWWBHyuisxwpfqaCTK5ksS4TZ2fQxUeTbuo7xamdueX05J1Xezqum0nGvUkLDItYUOCmECm9I0AXHWWohHK4Q3giE_gcF46Y5t8iL6NIc23ZFzGTgoKkRujbRXaggrsDQboaakgBwLJTkua8K8zBWf3f2ZRppPt24-uEnZZni-uLNO7d68zb_fvyka2G6n9pR35A09kIOkt5gU2WEDn18CkuhnjNwJt-3oO0jbGBC7U_lHuZQHVVMMyoCAFfOD0gMDmNoKbivvSxR15VKUcdXGy5xVXOog1PbSLMFNf06oZ-PXzY37NhNRoal0fRuR1I2vZuBdYtgPyO-P4WvcY-Dws4MMa2UyYF9lTxcCaws0MkJjeoOVRX-qtgZk6cS_fZzAlxllJToExzZKiEYfxunmB-qMgmrHPpPl5ChF-cVcU0UPK1jfOdZQPqXhlk8h6w6gv_5SgFa8J1qUOXm9EB1xknBZsmL6n08MCH_a2pJGwO_af0Tl6qRTuB6wHt0T8BjWowdqLkqjopF5i3xidzMcRC1ut3GZrpLqEk8BUoQYyOnjTMIXp8HMDXD9k9gHyr3UZoamGhfPP_s7se54D4LoAPLa-VAMUI_BZnWRnIpMQsBP16IIquDH6Mj9YrtepY0y2HgDFQSziX38-uIg8e02JOg7o0RLkGVNebLbLmGtyc8fPgyvITkj2VL5DRGSXzTWwm5_qIn8jzQebOOL80oe6OlN83OBoMTJC1FNdgxCd2nUZ6dOC_LB8cIJ8txtzlG3rsVtO5q2Ja9rrTbKhv1HV35kWc-94oFg75_M4GVhByyOj1KedYnCBh4XMkSYZQ5oTq1zKbcyBNHBbmR1O70-4pyFcEX4g-Nb8dH8UQENpRP8yLNUwstNs8uZC088ai733PrdDXIEkjM7eQupCst7KJGTL02Z726SDn5goLgjGJ-BDwkGJHgnMcjk6Gdr8_tDLMXNrT&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=2063245552341333500&adk=3062569608&idt=190&cac=0&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 05E3 41 KB
14 KB 32ms
31ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5EOcNbBQkKzpNFLdFi-qgPce5EA45Z4LChepllEAu37p4A6oOAbVTnlOyWGyU95k_prE36Tm0WsOKlY2YHhEA4FRfOYoisAVREGrv_7zWxxscgdmUJ25S1dRqf6fr6KWqMXPWhZ1SD0DeTwd2UrbqmWQeVqv9UVjS5L9TErEnQLOHbGI&cry=1&dbm_d=AKAmf-C7gDJ2zlhb4Du8khJd3pYYjkSghSJYWY7JUM0KiF-yPdx3ZwMWz8nf9E_Yig0ot4rWFRhCSpoh1VsodxnEycM62GSLQUZxS3UKvwAfUaAGEdthagpRDG1tU1BXZZH-Yfcgp1qZfUZX4saQSaOSMGHSlw3L2pSfvpsmtOhTRG3sSVib3LxQC85Oz73O0YbfuveXahh3FoZpEw-4EUq08-Y-sojyQ1dSKJENhPD1M4iWDKX1PGYt8vBjUJogx8Yz6eUHHi2Ixdtn_NFqgeRNui2CDdBPwWd-UKNTOf8tvlbIchS0sJKL1T7-OALOh3nSdrGlNsKeJucinD216toC4RDM1pfGt48AYE4jApRTXFzvmzxRKcMOL0GFc57v3efXVnW2XhBMqPbybCV1yms3Wdu7KwX7y27GDTO-eaPZLwEOOpt9_rADL7dHkGer61q6mLMsoWUUWdQynylmkBThZrM-BC9Y0HnEzd4ZWqZpRl4kRNqvXptL4mDmnX6yrhHOEVU9-MBSpW6_hFhb3kw3qY6EH9Io1insMJNkq8Olp028FzDlHRwZScARLBAebYRo3HH18AFtOdcXNp-JPfVd5Ea0Er2evP_R3S_5hQ5Q3u6XoJu5MZcH0qBsvEymD3d5uLYCStE9RO790oTjp_zWEdd2cgWeA1VvOMacQgORKVhsWbtwBctyqTERYxML4RMbn8xmCqOVS9B-FwNt6NfSg3sqSNP6egs02c-5DmYwgYeujriGsIH9ajQO4aarMxvdsOgGhteJtSeb0rz9p8Lwg9mdA0Z8CXs5BWeduVBRbbXMaKpsOptCphc8S1_4tiDbQ98iw1FMBhh877tazmSeWw86f8BEQW5ZKu-A-MPk4viXsvnE3zp7Qw9joqxJxy5EI-JwOn4QJxRD3DDXkPc7dWf9TjX3vmjQ-8JT8nABxykRk61-VPLK-O4VoKymLbRNZlEqc8iFIHSHvOQrswxJFkefd0hKr9h6DQXh1M-24daf8B-YFSRjo3nPlOPnx9zce1Pmy1f2I-kQC7L4L9rD36EGK5Fqr_rQNG5-HF-lHMvafhlsCkGvLRP_tAeFbEHhsMuk2vuJTvTVsmGYOcn6NGngoXIn-5vuFOdDW92jKSKoIKFnQhFgZQHDBIc5_ffDDsefGjl3IpNhKhPMILugmUgD4ayo_PWlnCZXQE5luCJ-Pcv0Jp_z2hfdnnNKlE4cI59f9WHo2JuLdtT911_HF5DZSLYpC7EuG1AcUzbmnO2Ge1gzhQfr5dbGO4S8JqSdh1go6ERoZhCCAXsCO-pSKpt9SOSHy8rGx4zTn-EaaR_o9R__TU_CSFvJ9Vx_NK0pwOay9DcCGk_JLujtmfoNbC2Jw4IfJQ9ovCMLK34npr8ATEyRgBBYahlfAARZARiuKY83mutusPj6NrU8JPDi3LC1TmRroHN3RyZyvbBp2AY5PIoYOlCmuvNxOa8t9uwk79bIfuKyHuibGZ5UirvVxfp0baW05YIWFe-mHomhHLjfz5twbrobu25M8r5JfKFvp80QHLLdgl5QV9DAhBOXHFITJSTG2YP3cHypfoO5xKvAgShrSHY-rIJfQxg5mpDsIfR_IbptfFTBLag0OADqFFIi-FEOON4yQHQc9JpevDsnIx-PHEHygx9OFdCWPu_x0kXOc4mI1wkb3B6NfFXv58DsRBmRAG-bPf23wLDAcv5QowT91VudGYF830YjcIwSuSJ5seSyp1P1ubgLE_q3lTQKk4r-ttSjILOL99kYovsOfbJzV3PRgM8e1cm7Q6ltynePte-DqU43gbrZdLzwGRcHQgXiLes-CNLYZ8bZ8bSh24JXhw21oSL3DFTQ3ivydIasL_wm0gWrsBtxoJjhK_xoY_Bt3BVkAhmAdwyt_xJhr3IFeAgg0exEFTPaX_zEl-0P0_2-U74cCwrAiWW7eigCDrrv4cJRXfxeh6pWJISjbspN5zRpNjhtwCkMTQOXTaSh549juwdGPTpr_ExYP_2sN6AoLco1nL3IxH0tV4isTSaHMw4BQdK0XeUmUVx8PR7vO0gufNcJsqHKHaZyPnvsvszA2NByeMXqNe988oMbgEkNXJXZepra4tOokxvgF3HqidYOnjsGJRXVx8M87X2ThxlK_E5xnwjgumUI0muyrE4ubyIAM2626UeaohEy8su-6pWeE_6p5ldvJ6t8YrLNvZ08N3epzHy5H6c1Cyun9CzxTZYEPPKDEHpnOkntgzhzzHSnJlGMEOu3DsYjrpgi1XSEysf1JSnS1pHZSeyV9qkB3WyM_fYvKv0Bnh7qy0yh4ryTjJP15NwLwlV6f4JXoKzwP50a2SMtqCyMnKbauVYiLUiiKz-8RSf6vTLHG1loEX4q-C8RuJpALeF6MYiHr18692ulJJYgwvexkUuQhUjmJp1ArSEwHoVCvd3U4V5R8m0yrS3pXl-8469V47JkGGv0grh3E0UHM0TqClH0G6YqzOuZXgPPB7uJImvgIJqBIz5XVBxk74hbkOxq0qQSqUlXFXmI_c45gACNwPkDB_cDhrTwiJZo2YeT30Jb-Kc1X3GDL1t8vP9e0UhwUdGBpK-wltxBBkaJ-kswufN9z8EXYPuOAnewHAWQ4LOJE7ZaykjemglgHxV3Q61KFX_QKNSegJCsDe0f0YbKA9Pzc-VhcRSfDhBq9Zh6pPCfO6BwMDOB_hBmreVwQVuaeSOuSgppEVewfkmi2Jg8cJ278oQpaZp39SmYjFgDEjySbUDJMwCj5WzeZZttx5rC2K-8RQWoqUXQAo3OvbtqwObWqXZjxPu8AWtx__FSAWaiBGn-z1V2A7GFknyJEpKGh6t-fnLdhjIRNAAqLPxzcBGnYh1TEf3mU36Xxq-bE7hHAD753waqwRck-bbQVZBJXlWcnmipIl9EmJcR2E4rz-aQ6QvVFxjSDA6xuUjJBxESJgBaiDG8OxfmPjs7nfZhh0200INqhklkNqQ0E-f7FqhJUwbGMn-nS6PcFEfHlrwj-QqG78TLfBTpguTrHdWYKb5FkanbGbIoqMBw0uvDbm91epK8n_MtalDKzkwvex8MD0QWxDhCZVuSA_CF2NmKKdqLKyIjWat8ODkAujKEDwx3Kb9Tp-a1y6dt7hjQW4j3B4x5JFK3fsf1MVKzw_uf3RyLz-cC00YQaTHhpTeMsgL8AoVp14jbKdlX1TFEWBNnbjNLNFLzkILPEN0LvX37MelGt-bPfL2YGkxXDHsUnNnXYJSescpAnYngSvcpySJFheY7_T5NhY6UCWaeoy5QphBWF3sp9CuqWYk1My9mp9bmCnbLCIqiiiXr6476o8nIjJfuoCyB0dyuWgBYDukeKSP8WCAVc-0WIWldr_T6xYJMXvedetr-lZ584wWexCZEcUZoOhE92-8DqxRxOayfsvl9gqbQJhwYxlt0DNnDnHlmOvL1sf48_-DXEMn2EUeiSK_Bq3LUpR4RtMTg_4IYj4-bMLWdNcEwE191o5Amfapg4bAqIx8T1IG1JXXPtEZB_I2f5ZqpWtrxrO_yK4z6M7ckbQ-yhZrqqJznWfGN5qw9QMmAueoxmzG-JZDdeCQRxNtZ8kYq3JFaYJR4s3vNHDBd8eiZb4u_JT_sqNmN6ZeZwObxKz1SclKwV52K2WYC2fyDT0Pw7iaUPDLStpJygAcKla3d0uqqAe4ISKJxxxBkKXPyCwub0pNlyv_Xo6tAvq1GTfMM&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14158013190161400000&adk=1935140218&idt=202&cac=0&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 555666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9675 111 KB
39 KB 412ms
31ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 07:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 07:03:24 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 9675 11 KB
4 KB 37ms
37ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CA0IlhAwBz1SF6t_2tfvzU9tnr0-fWxsXRIDA45xQLbqcw34Z7aDoyl5546LhkoIINZpdG1tNvT2ou0JCo9vQMgtN3wTVH0QyC3nFt1vfGiK7RxHw_pP004PpTGASNii97Rx0EDuncmP7NJS-QAU91VvQi933EyWJoXKKCZ2gZkHnKdQxNudpoF3PFi2VVongw0xOP&cry=1&dbm_d=AKAmf-DsxH1MhLi-9efLlHBGzNZwPsmDJizzTzMJ-VmlBDOIvBBZPUSD6F1RO-24K0pKVytMUYmB_ekgqykzxhDK99BlS3K6xP7zIsubH7A44kdKaUTYepf3l82kP-AgnwRaVBCVzhiDSqcHLEvJ0TWBfXKhGdELX9AuibacN_cEGIb1Y9G9gfgPY7iejz6sTRdWZdLeQ9FH3Wj2r2OExn2s-GAREBrDLh9mzByGU_BDgV0y9fVFvjSahKCoNFigV55vmQh_BO84leC8euVUqFdTPorB_eAkgDlYGH4mWveG69LXlENWyXcIeig6u9J7qFvuclxCnxaPnVW46VFXvo4jbzjfdF_W0rFAaIZC5HLU4ez0PzxRdtUBpWnpIKBv4Pf-JtEPUXGGDZlHpxA8eY7UIKnXNpJmxMF7DCDE202VGNc4pkowHjo46tdLgH11IRnWTF6UVhVobWf_LdxScNWkPWXo-nTcHjU6lZBFTFcLD8jhZKVVtFUUmfLJcfDyWqJa0uYCOHNPPsCzY1b-B1rWyuxY5Gt5UnfoKwMLtBMP2i_MA58XBe20jJc7YiWCz21DUxtTiS5fXChq_NAzShCCiIP43c72mchYAxffScei07VY0mP9mVgnZ5nodZZ6Eyj4MxGKJcLmjHOZSBLLCITY9VX9-ZtFnMr9dlQpTQuNMGqKMPQwl82sG0Iu1g7kPLW5O5GWE4GjNf0utKZjZR0RuNwFClNfu44cbrjiqkT8isUDwh30doL6KcddN00c0WTkJh8-mB3dnniOEfkVGanm3obdbsCwI0Q1Px-CTNWE3YbZ1Ynwwd8sS-DLIKxz9HqGTZLfABlrzSXAOZWLJI5QcDsq3iNV1OQDslW57hVADvpI_o4FaYWYeWB6_xc6CaVIutgg1IbsoG9WPzxobl9DogPwKmqwrYfHNSqDdvmXKtBmfOlclQ2Y38U2DCCdvc9baTvNHBL-4wefvfdneOfuoGzRpaSVXicStdrfoKI5zJX31YMp2hUg-xg6unvpqch2uQ5kwqeIgmFVG6zwnBfxQK9mkWafmfrnUp57tbveUleYUav05PGmOpm77zr12jWEhmHbrR80vmjCRZOCg2kVTsu9JWB1oaGIdBmptqyNpjS4w6rAspcKar7KtjSHZXKlEQN3Yf1ZjJbpOOMLfLp2oGVagGU_QD2NPlDB9j6pl2HsWLSQ5ujXkLR02Ti0THZLzG_jdY6wgfX-NlcbKtE0gjMU7r4Jm5PQcdllZKSwB_j0i5xStLCoscrZuT4Z9jk4RsZ3TKV4WptbURltFfCUzcHYfkDdgeSSA_W0SwKfTQ5aIC5ED47nHY6vaYanIR41yxgZ5qBJVwXiaOEEAlFsSxY17L6Iht0Xv1ViaUVKUoc22NblBMzhatHC1V_eZZ9ool_m1pWCoeqrsHPMz3whX7-kqV7FBXePFaBXjO_1Q9sTF4Q4tfRlk9LQ1HfUfKMXoXCavTlk1CybayfKiyIFjvnFJGPz42V2uxX29HM_9DLQafC9d3SriswBFuAXSHObTIp3eSUj4tKTaeNoGkD_oFa_FIOfV8yMWqfuyQTBfWFb00EhPrTgwL4ukevYCqSmCSfhQBXbYS4yxXfDSKrZNJM4Vv8Bc3cTEOjh2vQe0FxQsWgx1Jqi5jHNvv59f75Sd1R-65ulrbRh5t_3sLi_YqaAwsVfp3HjMqVYe2s6kebOtUmwR5-5ECl0yvvUeKtEuYvOO4G5qPONygPDOdtMEWgJ0DEbTUEXjQ468oE14qWki4_-V1ywJWUhIRRGj4zcW9tMrFNb4H0Y_SVmx6VqQMTiljbUbzsZf_Djph4T5glJTLsG9NORCiirHkc7nVZ8hfh6fRS_A-7oPbcN5mILpSY-RtKUMQPcJGzK5PfQ8hDgUy-YS9uLgZs6of_GNv4tEZISHNe3MvyOmZEJBQ7Nzu6HYR5AU4163DDIw8EgVJfa4oEom-pHPO4dK-5Snzo6D3ZUppqdnvaJ56WuAsmdsfJRwydm7RAcYJmaO3ynij50vFxnKGEgX4C11vK7gINsNTWiyz56PodKgGqH32j2AGG06ZWQ_RmPI9LWvcahyaO88uJjcr9ZWFRMNpLLHEIiPlv213XlqYihFNO4SRaWpg7qblTC4L9IhBuFfo2hEP541OyeHS3Imc-UArMU8NxoGVB-yyhWD6_VRtfzS_K1cku_Jh-vkm2_QgDhoYJNX1IaFbPFRG3IBJ5UlgT180O7XpfTgtXjhGd_UPoGxmz5wObGQhhlSOrNr6jaeXesr_eL2CoSQYXKByuLMg_hg1dbWLxRX9YCqLm9jcRvAosQaVUA_9DcJiK7vMphMKxd4TaIfAH6gWABQqeoS5_jXnSOV0hJkJL-GTB_RAE6GZpo3hGVkRysC8ReYm_n4NhGHK6PvA2ouBuF0uGJJNygf86gKZIi2iZ0SZqlvKeiPkjMl_jOkXSasPfONz5jwrnWb-a3peqZ8TOM9UBm7LwiK544W63BaHWle1eVhXekHSXqsBUMm_HubPLdc90j01-0LwPDAvKbnr0Q1pLGSaoDfYhYpqeQJlu_avt1ksGiM4X3_tx2z6ZPDUFROFruanOLW1AooSPkEOzi5nwl02ZLtpclR8Dvue-ahveKrpDs1NpaLWk4EI4tuE35dyxpSiu5C8Zf8HIEKkZ-W_BlnHGnpir95uI5YHkk1_8kB95P-JJDFFrkR35pD4Hp4ILPypUv3T4a5mTqm3YDtTK2KIfizFi5eVOTWVQ74XKUHSsjCIWbBOJWtAhXmMVAyNnmhITU4ySQsuqbA-LFKoUWRhngWtJtrn3pX3Ro_C9yFGxqE-JxpYe5FhFlYL9BSAWH_AnQZorswdRR9WeDFuHE_AC9rlhIj_rYWz1iRPvsua09Ys_rcthWSuFgO7hrYvO9Zl27g92eQ0ltW0bCS9HEdJhTIJAvnSwtXnU2bZEQEOF0FuPfUzrGmb9PgEBfk5s9QaKYmZB8IbXjRNRhXD5EqSSSA_6ffeK8VqTD_A-YcdvOZ5xc170sF3awS1s-yzKSMTNGW3GYija9Y9sVggDNUxmlTKKZL9n9ki6-fqd_cjUYPfz4U1Wv7ViYqM28xvQlI0-Ze3gR-AWbh5gHnE2UwmSY1u3onmouB_s7i0bIl0POzNg6wvQ-Scfjh_Lx_1eDte-b7L9MNEY6E08R1dHI6uoy0hOsfVzLJc846YlRmB2rN172ZrN9wCj4Z0F-q9XvVZjN_CFdsCsPK4OBpMhNQB7ErUJleY9CB8Bp4g6VETRs6Y2iFJdAtW1BcSEOacBQpr5MbbBdXHJLxHBfu4hDG-Y-Co9WjCPjIWkxym9avpKXZkFsKnEkZpOCyNiMYfyQTj9Z-XQaC2PMQkh6Tx8jkz61mQa_jcp5mn7urPZd0dB1fuTKkGXeaomWSuX4inKq_7znbubyfrjjpsLGiSuN4q5uppzIYSyn103XAaFjN1e6SGjZ-5UOVshKa1MwjfCuxP1bivdEUHvF81A7t9IAN05OxiHzLRVX4DfAhALdRVwLiBeULwQRp75Rb6jAzmpJ4uYmeNjE7LiMP1-xtdTeamvp7gUMGO0MM55tHm_ujJRNIwQ6s1XJCyrDx7Go5Ta2GNxi1wOsYD4SoQOnjKBLKgiSTNpQVKecDz0XY7Dnlc0f2AqE5U6tu975jjcfplB0Ybc11PIoeIi6F4cUJCDiTbp3zqS5GI8_xSu0d3J70okIAtFULZCxTAMFe7t2DPWCaC4R6uGS0Oe6sEVyW1UmGorjKYwLthcpd8GXZBdDCbNPzK9tF_Ruc2ZafusblGv0Tadf5Nn3P67m3F-5rx_kH9NP9ulTkSJoH597dTsI6Xju0h3o3naG_jbiKWhoYONZFgpCsRhNPF6tijryPrhnKVuIoMqmGdv7gvu_KeyHAPo254SJwEDEotpsMg&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14224486651865270000&adk=1405019969&idt=183&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72532
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:43:51 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 9675 30 KB
11 KB 39ms
39ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:57:20 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9675 41 KB
13 KB 35ms
35ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
DATA 200
OK truncated
/ Frame 9675 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a448014d09745138c8bc19d9859d77c88e5e91f928866b162db9efd7a3ab44af

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C03 22 KB
8 KB 40ms
38ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 504191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8F95 38 KB
13 KB 57ms
49ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 551172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 91E3 22 KB
8 KB 54ms
51ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 504191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame 30B2 60 KB
20 KB 53ms
50ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890762&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0joKCW4RGxdlk9XR8sU03gJ&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Thu, 10 Oct 2024 09:52:43 GMT

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame 05E3 60 KB
20 KB 38ms
38ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890762&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0ipqnRV4GtGJsG0BWMr5jhq&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Thu, 10 Oct 2024 09:52:43 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 30B2 1 KB
926 B 196ms
47ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_682350076138&jsTagObjCallback=__tagObject_callback_682350076138&num=6&ctx=1828362&cmp=115750&plc=4890762&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=682350076138&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.60&dvpx_strhd=0.60&brid=3&brver=89&bridua=3&dup=null&turl=https://www.babup.com/&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0joKCW4RGxdlk9XR8sU03gJ&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=15&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=9.60&callbackName=__verify_callback_682350076138
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d66fb5eb1178ba91ee72064847c0383ec2dcfb4c4f062f5167f91b85e58dd358

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/10/2023 09:52:43

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C03 37 KB
14 KB 29ms
29ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 05E3 1 KB
927 B 157ms
49ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_201134567830&jsTagObjCallback=__tagObject_callback_201134567830&num=6&ctx=1828362&cmp=115750&plc=4890762&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=201134567830&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=89&bridua=3&dup=null&turl=https://www.babup.com/&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0ipqnRV4GtGJsG0BWMr5jhq&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=15&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=5.30&callbackName=__verify_callback_201134567830
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 2f3c961eb0ad17a40983a3c3040add42d6c060faecceec186641bf811c966c79

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 09:52:43 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/10/2023 09:52:43

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F95 37 KB
14 KB 38ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 91E3 37 KB
14 KB 42ms
41ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82D7 42 B
174 B 75ms
74ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssivUH-DCV24_MTHOQOr14QWjTX7v9Y686ku_yGSnPdPxK2rHnqYfv8gZNHcB8TpHbZRNFa9x0ogUfzLtwTInktpPrzoOFgjWEaFv3K3-2QISM7_9r8VPUQg8Am9AvtPCFZ5howSWB0YzASSZe2kmHBHAztsKsLhJFpu3xxsSCDyf_uybYyOeUVx8FyercpMMmL1pBzhIhcCeeSWVeuXXKOiiZGB1IC4w19_9nJfx4LXsmb3Cx-CyrEEb5IlrLe-LOu20Vvj1tmOn5z8OLffhjk7bPtPTsLAYKedKUAn6WlRoLxRcVGKCsJ9iNZK15i3iH1Q78UFoSr8Ezy5jM80E0pD71Q5gHEEJwUhjbtByRxIFNwUF3TDzWy2f_3eLCalmRMnMrV-iUoWijBRCKS77QLuIe9QCzNmvL_JYYeY97I8IF0rvQUjk5hJk6jFCsXvBvDM2OVgqbqC7i0XgnhNVSOCJpybxDoZcfCUCP4KwcwuNUKC4M-33Q8X8XKzdoSTmfShwwJJY2ccFis2Q1M7KcffUhWtOXdhgnXYsQvBabxzxr1h6NtdUMEM50yz3h75wsfv-o_dhS9kkCLc0mtd9RALOMIHcgFShcnteKoF2Vq7dgH-1StJoXmUnyx57IxwtW9UDb9JeqP5tUKn07gvPQqyrTiZLoV13u1QsnUMIcTeMWS981XSwfQcBD6_k1-i14Shvce0Tuhm6qjkVTYAu9w2wZhuXuWQrFTbuSPEljy76lOrEEgdih1kYCBg8hurvncmAMMtBy6Ywwh1RmXHfKya9sQUaBT79NlaIs1PlrlqUIq4zM2b_yZMzeNnZLYpx3CexAXZToR_EtvJyZ2Ub-u4R_5gCAofdJS101D3-m2G5ou2xMVhlk2po5W5MvVXi2PqXXEGfr1lReVC_EdcWjRKV8cyKL60zqP32ejmZPANohGXiWtyjNUY6t448yoU5fww6g0n3k8YmC50ytNWhtwQAHImTq-KlX_iVtbRW794dto5aLHveZ9A5eCdhjmQ_mheeLPIkBOpgNbD5YDYUvrnq67pimOedurP2cc8uboOzt7lk6ftQVAkdlXPNtApbJbYtZ5WZ3gzbzLmiIloAOkM_kPaDLFN8_wUiQ99qypL1fN8eEy0ajqdDwi8QWPl4pUfgDg9iAxCl33PJ3JNDtOuYMUrqtAhSyaLvi1LacDsWxOVT8_nUywVOhMepOt2sc&sai=AMfl-YTTKRXxyiU143BAhR938ZsAsUAHhnrRc82miK50J1x0Wz_Ct-FEq4EBP6-sE3qNkFN6QEEbQ8dBObyXcod6Dr7AxPtMElJV1lNLYS1vRZI5CYrx-L-42lBHXHlirY5EoPUpXQ1wymn4VH8kLjZiQcg35qWZKvJ8AhI&sig=Cg0ArKJSzMzDSQzRXfjyEAE&cid=CAQSTADICaaNCXq5dIqjvueinUKB4L2yTTJ8L037KoI5kQWCgOywBKi4YVTOVoA_XBCKEmIPq0LWeHkhijwWWPG2bEot6e9dOcdixu_InfwYAQ&id=lidar2&mcvt=1027&p=0,0,280,1110&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2300165494&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017961372&rpt=1386&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E22 42 B
108 B 80ms
80ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBMW8fLFvmDGBsAK7JV-50t4_PElg_pUJfkQPKKWiN7xVvBs_97rBA5y1JscEN91SucwW5OztVEU0IEgXcnekKYHP-XR69gmaiuk0GgqQmX48hDXa8Pf2E1b-W9RCQ00O1W5UcfmIdkkoGmrUiT6LJgl1x_3UfoW5uWocU&sai=AMfl-YRO2APCZ4hfrS3JGtFuBUTqVp9dgxY1uu-C93CpID1HZVnZ4pRo7ImswW-sB6KxafH7h8xgcUpJcvugqMwM1ZpMx8KeWBMQGRSSCOFvIQhnSsDKTmjJC686I9cTNPqSqgmjPwUrnsyTvmBHgg&sig=Cg0ArKJSzPZdDuA-yEZpEAE&cid=CAQSTADICaaNNUAOI22AUFZEnBbCZtPumjirxzVvNZpYnAH_Ld5GIeFotrAneS4GaV0yieiAETzjNizDpXlbco9wUl-_K71CTOWQkj6pKjIYAQ&id=lidar2&mcvt=1030&p=0,0,280,1110&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3654258318&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017961380&rpt=1358&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 30B2 24 KB
10 KB 36ms
36ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 11 Oct 2023 10:38:32 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 05E3 24 KB
10 KB 38ms
37ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 11 Oct 2023 10:38:32 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/ Frame 6798 4 KB
2 KB 753ms
41ms Document
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

473aae51528adc32bd350a29e318a8001cf46ee6d948c34ef79a87947130c5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 159062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1484
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:41:42 GMT
expires: Tue, 08 Oct 2024 13:41:42 GMT
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9675 0
0 176ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFHTUt1YfIjhjJNdZlBoxdAcRK1Ho7g88QvplXLTph_1TlyL6wwPiIcYC_0DuazBc70OSoZBFB5m7pNWGLDT19PJe4hFTvjW3HvQ9FgDv7yN0nweyQLkE3VmvcQs3ivX6gX5IicUL_mQqPWbEuGH3l8dfnVOPReTQMyA2jq7vCeS-Sm1dDWTCB9Oul_g5hP6v1L38tlgXA_fRw_a42EAIsqd80JTBY8Bb_84BheX9sDdntdu5j9MJoiDQlqygUkGEkn0btHzfyKqLUv3gZjn2IeSGIfEucZTcDmti1Fdd8_w97qicAm7fUmWVxlWym_8kK9HE5omzT7N92e9faNGmcGat_02v-Xfk0VVZw0DXy9F8nlH7sExLxB-bnkADWw3tzICdSF0jwTrIriOeQg5MWw73jdcPFtJVjVMnENmbM2UuGe9SQeyRRzdsSW3JP3o0kqgOGAqUST6cGpAE7OTokp84jEGGJT3wCaiBUoANj2hzhfNsdy6jxp2KVL8pzAJgFAQdljUSxW0NnQczlpH8bzy31HVWLlzEYDVjh6WG1P7cvemXOoEqXK2htiWxLMXzd9lPizLKzHadgafQt8YyzEFkTiEBJDM9Tey6sjZ1i01BNWo3Uvuo2ngddidgLMkmpFZfwvAAntFSJf_tz0CCbmmc2ot_KLxS_wQdxQQEHYQG8tLQ8ZRQTxRc0R0iJkgJtPwVVqGZ3PdDfcwD4tnktEOIFdUfpTTlD5nxTjwq-4v-xieaiz0fKNs97sl2FQ0RWh915aIftjEqNp6YoYtfAX5icVLaG4Yya2h4_-abRtz-rnnpP2j3zVpNXwFCEPSP54uWBXrs4KOixQ3ZZU9qG6R-tVlLdB3yrfeejAccxqXa5SU32H_kFFD6seqMzDPx7clPfGHONvqcj75G9IWcJz7Q1gHNLk5jYYpaQW9Foi8dxKRDrXP9V7ItFFizJmWQ-HZBcnQNzTvGhDLIDMyAJL7H_PFQNUZ8PaJqssr-6Y3Ip8Wvn1JOp5JoVRe5dw2SU1_D2Z1apwV1FKcMOf6YfQSZMTrzJSQGr5y5GBvLc44i39N_5dtbgDSxwNYlAG8SGGVjyoz6QFtPqJ2hfz8FQ5-SeCEEg1VheD0eISs4pMXIR9e6CgK0E9T9DJ5u-Hm7y2N3W9Dt_uoqEsJB9axMuHJVHLpTsSc03LramvGJHkZ4Yno5FySE6tln10A5AofUqH89ut1sftz2BCMjXUDvsGIJcdffa--oLZ_6tNvu3GQ&sai=AMfl-YRinooyoh7Wtx08QzmiWlzyeAs_zhXAUzS79NIWQn9DGoake3OOO9Al6tTdl0uM-IPkDlCzr6W-vv-teWwVBsE9ivyAKzKgXvQsfsMGq-PYfyI5t-vLALhnBKRfwK_bwDGx0ilD3RVXcO3tXwEjYW5GTpe5IcPIZMSnN9hWv-6qTL_67Ab-Hu3Kn5rEA9NLZ8FDSKcTRImJlkmwxCODK_XHpWLdItGexn0LpU61-kOFmKgUTmLuIJ53uUGDMYFswHJr7Jic-YgSAnQ6kBd4m1IaafCqRUFq1E2O&sig=Cg0ArKJSzCTKLNpwdGFVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=464&cbvp=1&cstd=461&cisv=r20231004.69563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 30B2 57 KB
23 KB 31ms
31ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 21:04:20 GMT

GET
H2 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 05E3 57 KB
23 KB 49ms
49ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Oct 2024 21:04:20 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C03 0
56 B 75ms
75ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiS_Ba3AmZbPMEoTUgAeXs7DwCwAAAAA4AeAEAg&bg=!Li2lLWLNAAYMG8UMLBs7ADQBe5WfOL9cgR0z_fFE2ez2xXpYyFqkxuPP2O7gM53EZ1ss9GYWqEQdku_TnroOsJ926H_FAgAAAMhSAAAAB2gBB5kDE-mogYfny4zqJ6mnNPEDt23fLTdqroJDDx8-xWlKwGxVLdiOSFYg8d_6JJt4cbHInskfBbY8RQ_Eb95Wj8uWVueeAOZcKlbDWZ3s8aRGLGT8h-agkEf1cxu6MmYFwOQdNs_qBSDK2op472g5mn97-3rur3XZ-tudJ-qcBe05CGC_B-0t6unfg1YTWoM1PBIPPl5X1qUvFXTX27ojJj_ee9ZuaMGO5k4bB-2-sUMB0cFJ61tJbW5Yye3Uh6FrXDqI4rGdb4kitEJJeBRN-ZkSI4_rJWMojoPA5J_R02I-jokldnLQFnob-GGiRssj0Q1cO633HpOL6ZAdz8j3wfBoOOH_6iohi1qqExfbG8iGy1uf_0808WdU5KrUTYW_XgnGriW0h4HChVHUsZJqxdRKTV472GBcSI58Cp7ufcROsAJKN_dCv90I3xIp7VPfaUGHCtsl-70_ZLzwufg8CF8TLzFAhM1w5GkgSx1AzmI14cs8G2abrIsItmt3qs7Kh9Xi24TH9F_jnyrfNUmIlttwJEFc8tObYswLssdrhmF1FzPLD53VpNuTzmv5P75_Fs-9ckV7SBp6CqrzvhIfmHc9RSzbtvLaATG0kzJknWAF9Y2mV8msiFNimiqTQ_zchDk7ydjlvGPf4bbJBo7OEIdGTVJfoF2t2XRtQp-7XDzRUxJ0sJ9mpKIIvFCzqoX0Z-yqE0KOn7DrZDQgXO1u8vFNliqQmPsSPE1vkrdwRck5hV6SfDJdu6IgVeUL1ZEJWdS894Okz69aAFaAp9fPuBb8r95J9sxChPJIApGMr4FA93unVvYIhTS9NmsuFjh0mTJ6yNRSukflBHjDJtRRjK414I4XDCS-CYWHaMZlGUCbNMsr4SFlTBtzlA8ohl7K1HskKJxZ2UeItJdWrBv1VpNV3Q0xxtXNm2X3gcZe5pv3cLnCo7EtXsEpa5yZMcurT1JZsDn07P9YpzkrCt3M07T-lBiCYeHC_uehL84i5pw9jof1sR1ihx-xsqQDfuWIRTvE52ThyBrTs4oAnwlYi9KroE5PRAs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements4803.js Show response
cdn.doubleverify.com/ Frame 4B76 420 KB
99 KB 32ms
32ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4803.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 08:04:58 GMT
Server: UploadServer
ETag: "6e216fbcbcd9255ae84b27ab277cefe7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101040
Expires: Thu, 10 Oct 2024 09:52:44 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F95 0
56 B 81ms
81ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BW0Zca3AmZb-sFMKRjuwP5qCc4AYAAAAAOAHgBAI&bg=!zM-lz4DNAAYMG8UMLBs7ADQBe5WfOM1u-v1Y08Z5gft3aUH8lkPJHWIhfozzII--C3urzqPNXVGK-uT-6xqIixWNzjnTAgAAANNSAAAAB2gBB5kDBbhaImw2nCNbNdTdBtGux573cEzvk-XMI77-fZwahGiQp1euSJW6a196V8BfZV5pXWUBkcIH7WBNkQkzEla2l_LzOQlYdPLW7FZ2t-ZMiBWnv00YCfnG-akQQuOgc0BQtfEAgh9H32hpoWz-i-GxGKoCaP6_E41ZNA1UIyW4Xy1boWlKOhnfmnMRvMADJZiDgVoSdA7VNq0NI7LP9MrTkYmhojDJOvr_vut-JAKupGNNejXr_tfobUEC_J0C9mqKbzW43Sgl4mfqYCPFDzv5AAxBcJ8VyDJDjo6CeT_A6kg2DHoSn-KkMgPW0-RTyjIRWLf4AWAeZyOnWusM4r9TFpvdQvGOTQ2Jq95MKrWuQHCy1F0BU-TsV1hQQM7QMRgwnFm2_ZKXA3NAxzM6Q_32m6L4u3zgHVZTKnYY32x5TGLKOFhZyxy_5pQxTkE5kX62z7pR3qoCVA75rU2Jm4Lcr6_i9QyUAMC956JdsrpWdYU0S3mRaJboFeRZYbY_wJmgckUe-u3qwJ79ty6D7akC_dSou0n4uMnu2UddHVfyU-wMpD35cq-fAW4PQk-W29lfPT6sXzosNSerNDa0qlS7W-lOZd3I-Z7NwEPSx7hiL1fJyHE8wDyfgCBOVL6luXF2G8TJ1gKiffeSRWRz-d5Iw8WUoaWFqZ01-o_EcrOuhT7LGi88dyfoHAfl2SGiM8USAVbPOpMuxzARusFtDeiSi-RyGXY0OUFLvVA72SMYkQBzu8_B82ahzvfz6sKJvOJy9sh7SsmKsalwUJYXm7g3_hKENjwFxVvflo7Jz3N6tLMB2tcYIq53bpVEUXblurWFPl5Aia9VEhlW3YN_nOQCAP83vRKA2KyGUpShmP1sG0j3O5y1TI6eaT0tYqVLT34FPGi77u6ExfuMXrvRSOzJRiVabq1iqWEyl_ZPVGuNxMeqhL-HesFSSH4k_VL6kwu3hcmjtxFVzE34GdtNcQF3qtGNnzS2Cj6Mhh298XNatZAUHSpa1Q2tA2Qz7MAcayeiqkFT5-uC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements4803.js Show response
cdn.doubleverify.com/ Frame 1E67 420 KB
99 KB 32ms
32ms Script
application/javascript 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4803.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 09:52:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 08:04:58 GMT
Server: UploadServer
ETag: "6e216fbcbcd9255ae84b27ab277cefe7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101040
Expires: Thu, 10 Oct 2024 09:52:44 GMT

GET
H2 200 B9689862.280626343;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=23d1zg;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 3111 63 KB
29 KB 173ms
79ms Document
text/html 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=23d1zg;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=4HU1RJ_40U;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=164;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

54418239ecb85f4abdb424a3a40ff547e89569f749cfdf352b1427f7a603cb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91E3 0
56 B 72ms
71ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byd4xa3AmZdWaFJaKjuwPoOeK6A8AAAAAOAHgBAI&bg=!lZalltnNAAYMG8UMLBs7ADQBe5WfONBALF6iE7d5Emm9KpC4aTA5-v85gFSzMuU8bm4PeszarLdFimL2Hu13XdZqJjZwAgAAAMhSAAAAB2gBB5kDET8N3UkXGG7AgsX1gwQSRc01UWAGWe3Vv0InpbeDfmgJySLX64jdnzDU_UDu-uHpWbSMX3_xK0JaG2QQCfl5bgf1khBRYUaDhQ6MerjnNj2A_b10KVHr-7YV2_KdpSjjJIuXPUQIox4JN3ts7swFDlVd-0_NrovBQPnzbmE-nqxDxsLF4pmKxDJyPS4b0WvbfmYhHzFORKn33wS8ciHh7oSJyIkH2nWjbeRm2RU1PYbnrgqVR9FHV2mkWgS_szHPpX4OS3upOErwJQ3RSnQxRe-3NFfq2d3BvuipEbqgeJNco2NbUMANIH07h5BPn2RFawQp3YN43KYHqc-0foGC9jeqWPFTx3oxooIJWxEUjO1sxrs00p2bNxBka5j3GgXDrEb3sc21ppTmPVGLgX2Z57f9E4_VgvZ2HMfgL85xUyNlDuYyFzlw_jsXSsomMBcFlGa3i0JRO9ans08OulW7wzEaE3D81dCl879oPDi1XAeN-o2w8eujePKgXlWcyrdeciIcA9kXc9_vd99GbgthM5J5t3_rc-BWrGTvF_t1-XBDPCtfkisIy8Nlgkr7uS2JskEMlwXr1fuhtWq5JlOmIfKse54wVpZeCh43FnnQRM7EXSg7_tu6i3gBqmNwF0w1TZeAk_ENCMlIvC5qw6MYNUQGTip6WOx5Uglws59u3jpE_BUMlbeG46fZgzQv0AbIgs8PMQB-RaOZHrb3nTuVJtpUcBCdjMp0ttW_AXHp5ExWybXuNfl7xCgx-_xHZ7H9sjgNp_LhkoG_-1flgKsJAQzQDOynypbcRRr_Cd0D8jXLhED3sxM-QbA2lcld_plrLAN3KZLfY60DqEo7WQeXAuIGoPvI1RGzYqscsHx6PGpTNfysgFY-myDiI_9-3M7YHSNNZO6Sheh6pwlNC-O1TU-EfVSHQOCfNcU9cAeyBWTjbooOYkIfW9OYbgw7yIPmFRSk9kuYOQGiSzX3P5IntfzL52OElDUzD3a7YEcBaSpPNjlpRRnmcvO33-KZvDMJi45eqVnXWkCHqW9o57HpyYAs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9689862.280626343;dc_ver=97.287;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=plgh0r;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 3161 63 KB
29 KB 173ms
90ms Document
text/html 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=plgh0r;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=4HU1RJ_40U;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=172;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

47c0d11b0e6dc711591fbdbddadf33bd6bbe23f948b02e737ec5d5cc2932c177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29143
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 4B76 694 B
731 B 272ms
48ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=117&ttfrms=38&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1697017964130188&jsCallback=dvCallback_1697017964130398&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=15&brh=3&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.babup.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0joKCW4RGxdlk9XR8sU03gJ&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1175014345576.082&dvp_tukv=134118969145.92514&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_tuid=576236642360&jurtd=2430248848
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 601482e264816df8c9be5c8168acda34de9ca5f4d165c24424e8f9242c31e54e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 09:52:44 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/10/2023 09:52:44

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 1E67 1 KB
885 B 139ms
53ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=229&ttfrms=12&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1697017964277659&jsCallback=dvCallback_1697017964277927&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=15&brh=3&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.babup.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0ipqnRV4GtGJsG0BWMr5jhq&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15170561229&DVP_DBM_4=396449614&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=162950.04179364076&dvp_tukv=17243476.35403432&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=1311643468166&jurtd=1308403874
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a69df09142ec8e7339c030c1efa910ed3a608bc259609da87fd9e7ceaa5c2ec5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 09:52:44 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/10/2023 09:52:44

GET
H2 200 2457098971912548461
s0.2mdn.net/simgad/ Frame 3111 173 KB
173 KB 419ms
108ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2457098971912548461

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;dc_eid=40004001;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=23d1zg;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=4HU1RJ_40U;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=164;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:20:41 GMT
x-content-type-options: nosniff
age: 304323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176805
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Oct 2024 21:20:41 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/ Frame 3111 10 KB
4 KB 30ms
30ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a1ff5e441184a332c1230e3082320d940687d1354e845be0ef0c079af4b32642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4269
x-xss-protection: 0
server: cafe
etag: 13754952903490634883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 14:18:16 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 3111 11 KB
4 KB 45ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:43:51 GMT

GET
H2 200 2457098971912548461
s0.2mdn.net/simgad/ Frame 3161 173 KB
173 KB 344ms
42ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2457098971912548461

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=plgh0r;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=4HU1RJ_40U;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=172;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:20:41 GMT
x-content-type-options: nosniff
age: 304323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176805
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Oct 2024 21:20:41 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/ Frame 3161 10 KB
4 KB 34ms
34ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a1ff5e441184a332c1230e3082320d940687d1354e845be0ef0c079af4b32642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 14:18:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4269
x-xss-protection: 0
server: cafe
etag: 13754952903490634883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 14:18:16 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 3161 11 KB
4 KB 56ms
56ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:43:51 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
517 B 47ms
46ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.3823847671076295

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-ys2WkU_-EaICSzd4s0mWiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-ys2WkU_-EaICSzd4s0mWiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
253 B 95ms
95ms Image
image/gif 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.699867160550422

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-_wbzfNtdvuyRO4krh-7T4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-_wbzfNtdvuyRO4krh-7T4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3111 187 KB
59 KB 89ms
89ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3111 0
0 145ms
143ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4wGYlnAgId5iRe0xWVoeQf5PuWz6VkE7GXY16xzjeO1ImQEfXAs-9HeJ5iIMi_On9HKfTkz8DzdcFS2eq7aHCOLEyMFzFx-rmHYduRTR_yFbBF8PHU-egRmEvLRsrUQEs4_T1272kpXnAagGE_7xK6-E81jHvBId4&sai=AMfl-YQEVtOsuREM-u9tLr-69zLTdoY16pQdPpHb59JnIqKxUyAvGCjh3gzycQSZq0utonDq1Y8tC8wno3C5mAchBnmIRS3Clcp96wkd3A&sig=Cg0ArKJSzPyRKBECJGRmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231004.91333&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3111 41 KB
13 KB 57ms
56ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3161 187 KB
59 KB 88ms
88ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:52:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3161 0
0 137ms
136ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsotKL5j4J4etDi7b0TF-XaXigbVN9GZvTfQDCNdinHkq4GcqTK5ue3XAq14w3OijGST6CGM32lTFx4ezTb7lFOOsjTrEpOpSHylZ6gK-4s0Ts_VsDOsoWhgAl_V9eaW6pnMXN5WVWRAA3IY0ynP8UiOramnH7TzbO&sai=AMfl-YSb1IwsOAVxoHKGC0CqmrJjX2BIcYMRZwc80fl5PhXMIOcA_niQSLoHXm01YoArvz8V3DSfx_xk8rkWQadjwwfl54UYxOdz-7j4Uw&sig=Cg0ArKJSzDlikzSE_xjAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231004.88235&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3161 41 KB
13 KB 65ms
65ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3111 7 KB
6 KB 126ms
126ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

053788222b6b71a1921cf2e5f0b19e3cdc4a61c1c771baa3e363237b7081de50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5731
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3161 7 KB
6 KB 126ms
126ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6a4c6c5f469c7f9bedacbd8c0e46536ea0c4522f9b3bb5a1ef1c8cc86ad08c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5712
x-xss-protection: 0

GET
H/1.1 204
No Content event.jpg
tps-dn-ew1.doubleverify.com/ Frame 1E67 0
116 B 269ms
125ms Image
text/plain 35.210.149.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=b6939ec7e0d74dc6b1463571ac45c3d6&consid=&api=1&rc=true&cbust=1697017964445874
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.210.149.152 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 152.149.210.35.bc.googleusercontent.com
Software: openresty/1.21.4.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 11 Oct 2023 09:52:44 GMT
Server: openresty/1.21.4.2

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4841 22 KB
8 KB 83ms
82ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 504192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0132 22 KB
8 KB 81ms
80ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 504192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 731ms
42ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KIrlmjhT3Rp2B-WtJwNRsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KIrlmjhT3Rp2B-WtJwNRsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4841 37 KB
14 KB 31ms
31ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0132 37 KB
14 KB 35ms
35ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 08:37:12 GMT

GET
H2 200 ad.css
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/css/ Frame 6798 550 B
373 B 125ms
125ms Stylesheet
text/css 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/css/ad.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

261aa98c46a19c3fc1463a3ed7d9017b957cfbecbde7ed05cbd04ecfba629d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 300
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:41:42 GMT

GET
H2 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6798 112 KB
38 KB 127ms
126ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 09:52:44 GMT

GET
H2 200 bg.jpg
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 10 KB
10 KB 34ms
33ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

8d255013c6a96aeef77385bca6dd8a7be51e028659833cb46c58771827209aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:16:40 GMT
x-content-type-options: nosniff
age: 131764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10050
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 21:16:40 GMT

GET
H2 200 arrow1.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 39ms
35ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/arrow1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

06e5bd787d900d77d4d0c294a2f4f6abcf5d3aae8ccad701fe881184af3589b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1636
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 arrow2.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 46ms
42ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/arrow2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d9b0512f83947d25efa60fee2227ac13a2b228936869bea5e5503b4856d4afe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1629
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 logo.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 49ms
44ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

0c4952a4fd935fda08fb4a5450939c5491ebdff358da26a4be553847bf57f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:12:39 GMT
x-content-type-options: nosniff
age: 531605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2094
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 06:12:39 GMT

GET
H2 200 cta.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 45ms
40ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

2b16939b8b92e7f165ed073c1822935d06e6882f1854992d9b604ee3def977c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1741
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 cta_hover.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 45ms
41ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/cta_hover.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

ba360b3cfc8d290f28746c03a638dc1260e729b91da48c1be12a9ae563ae9ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1721
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt1a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 57ms
52ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

5a1f05b0a03701f90c5f2f76500312985a8683179437abbc603d6dd8ec819823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2058
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt1b.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 3 KB
3 KB 44ms
40ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

ccc4933d215817ca707d09272eb500e115047f3913303937760c8e34c1bc2c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 05:34:48 GMT
x-content-type-options: nosniff
age: 188276
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2882
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 05:34:48 GMT

GET
H2 200 txt2a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 3 KB
3 KB 57ms
53ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

b6c59e6668d757af5c06b8c0784c1b00fca6a6b04b072a1ec99bc793b78bc2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3168
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt4a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 1004 B
1 KB 55ms
52ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

6089d031a41ec078833de572fa22a15e446ce6acf24b5499eb2d90d1c8aab0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1004
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt4b.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 935 B
1000 B 53ms
49ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d034e3ecd52afe7ce040dbabe96ad8bc14ce754b645a87b84d0f154d64759880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 935
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt4c.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 906 B
971 B 54ms
51ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

0a5ccf7cd2d1acc758bce046d62e3807cabf85c28efcda4312d824fe2ccafecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:16:40 GMT
x-content-type-options: nosniff
age: 131764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 21:16:40 GMT

GET
H2 200 txt4c2.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 938 B
1 KB 54ms
50ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4c2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

c25760f125351ef490fe9ad805f3344593900dab94a871b6025e0e9c473f6ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:52:45 GMT
x-content-type-options: nosniff
age: 529199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 938
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 06:52:45 GMT

GET
H2 200 txt4d.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 1 KB
1 KB 51ms
48ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

ff13cbcbc1b8cf32dbccec69349c0f21117f7d114a837885728368f3d12e3b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1193
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt4e.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 1017 B
1 KB 52ms
50ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

9fda5e932922ef819725fa102f4ebb05e86cad17058c39eef0ba7d71f3600e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1017
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt5a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 1 KB
1 KB 51ms
49ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt5a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

364ab71172dcec756bfbc3f25958e7d8a6627b52383045afbbc64c2fbb7624a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1176
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 txt5b.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 2 KB
2 KB 49ms
47ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt5b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d8800badec2656c4ae6ac9a525b0d20f941d8ee7cfc49b6a52f726ab1294819c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2459
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 ad.js Show response
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/js/ Frame 6798 5 KB
1 KB 41ms
40ms Script
application/x-javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/js/ad.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

50cefe740de73e699556e3dd40822eec48b3a90ebf1f2bbd868f2dd7bd03c704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1409
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 18:07:43 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3161 0
0 111ms
110ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsotKL5j4J4etDi7b0TF-XaXigbVN9GZvTfQDCNdinHkq4GcqTK5ue3XAq14w3OijGST6CGM32lTFx4ezTb7lFOOsjTrEpOpSHylZ6gK-4s0Ts_VsDOsoWhgAl_V9eaW6pnMXN5WVWRAA3IY0ynP8UiOramnH7TzbO&sai=AMfl-YSb1IwsOAVxoHKGC0CqmrJjX2BIcYMRZwc80fl5PhXMIOcA_niQSLoHXm01YoArvz8V3DSfx_xk8rkWQadjwwfl54UYxOdz-7j4Uw&sig=Cg0ArKJSzDlikzSE_xjAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=300&vt=11&dtpt=299&dett=2&cstd=0&cisv=r20231004.88235&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3161 17 KB
6 KB 88ms
88ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 09:52:44 GMT

GET
DATA 200
OK truncated
/ Frame 05E3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12f2d6b36011d584ff0a11788ded0ac2282175906370f7e50f7353faed0b5b41

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3111 0
0 76ms
75ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4wGYlnAgId5iRe0xWVoeQf5PuWz6VkE7GXY16xzjeO1ImQEfXAs-9HeJ5iIMi_On9HKfTkz8DzdcFS2eq7aHCOLEyMFzFx-rmHYduRTR_yFbBF8PHU-egRmEvLRsrUQEs4_T1272kpXnAagGE_7xK6-E81jHvBId4&sai=AMfl-YQEVtOsuREM-u9tLr-69zLTdoY16pQdPpHb59JnIqKxUyAvGCjh3gzycQSZq0utonDq1Y8tC8wno3C5mAchBnmIRS3Clcp96wkd3A&sig=Cg0ArKJSzPyRKBECJGRmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=389&vt=11&dtpt=388&dett=2&cstd=0&cisv=r20231004.91333&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3111 17 KB
6 KB 59ms
58ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 09:52:44 GMT

GET
DATA 200
OK truncated
/ Frame 30B2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89a9264ea6907510a5fa2113f2ba4086c78196b099e5af78cc6489d579f50735

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E1D 37 KB
14 KB 29ms
29ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 09:20:38 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4841 0
56 B 71ms
70ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn6zvbHAmZYWbDeKN9u8PoZ6gqAwAAAAAOAHgBAI&bg=!paalpunNAAYMG8UMLBs7ADQBe5WfOMKK8HSdpc_URGHwSuhLPH1YxaBhcDgT0NykLME3sXH9rTLAq3BHl6RXM4Gj9C_MAgAAAJVSAAAABWgBB5kDFiTou9gTSNXoI6O-hb6TTA7o5mHeh_KLEruRnP1icH4F13YvS50vjpxP8Sir7ljGsJnk4G6Hx1RaI79UUOQY9qBTCEuTJQJ4wjG-rAar3_hzsUHOsPOnw8_7AHd9jaEY90s2mSSotTHT6q-nujz3c_ROkkS_7SIjKaI78Lt9WqNXknr7xiJP8atOV7zx9hx-tEyWSJC8-aO2IU_WgQTTcImEHEyNE1zJ2Wim7C-fgUx_qOnISVBlQ0RVretMqpSs4er9wKVZ7TRMfW80-iB3t1MSJ1UDbIo3XF2dPv-5XejVIVskBGs7adZyMM9bnfUt3CdvkuvgKpH5pudLuyIlHRmsEEm55Vg0aneOgUmg91F9YUE38PoyxXEQwZ2lJwIn9eG-ad2KNlgCK1onQtgp-_0sA7s85RMNnqjXw7p_0JJ5nQ5yAqZg8dVLaVaDVVmsF2e83J-EweUm_K0pBC65Gw-LT0g8It6M4hLozhkL2lQcG2jCMfi_NoMIZxovu5nOtfRlnpI9Pdh0mOiHT3jPPXLpK7wlJMYTtxHajPyQuTjkDdv8WaYdowCnt90Xxi2IUwKOHJ_GLOFcgk6V4UI_7VK_HdK2wNYFCNE6-W38s6WMwxl08sxiGHPbmFt47gwq3VJqLZ9n4dblUDmFMfDHqx06pWUl_vZGhUsMu-UIna4pa5bWobdj-dkojf-OXT9nDSsNpYMvJaHE0RvlCBYBxYuHHy-iyZszoHg0-9TR69kRlGGVnhWDeUy3AFoOCqvPiZsUWiyMHEatSsFU9URB0CZSQRBkDtItyjLed-8ua0iDpSVHtbfldhRbQKmH4Sgqil96taLMBoB0W7CptauQi09-CxpK1sQ6LjkurCo239wko-pWcutUoAwOzFKiqJvzBKljKazC_WXFcCp5WsGt-SlZbP8xjLpCufiGseYLo2YptPDnBwpbLkjvnc5ZfO1RqWqtt3mfDRuiCIWqzxOIVSL4d43Ggw2G9nSF4IQMe8CHowu88nRs8y0bgHyC2te_OcXbXCDWa2ikC3w48CbbISOIo3cj1-I

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0132 0
56 B 70ms
69ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkXlzbHAmZbKpDdSl9u8Ph6a08AsAAAAAOAHgBAI&bg=!x8SlxIvNAAYMG8UMLBs7ADQBe5WfOConJQnWlhWFdvFQVXB8zUmeABhT3PbpgEOGJTrAf2-IhACq8xMw96pfAHbwC6KTAgAAAIpSAAAABmgBBwoAPnY9nJs-lDWHHge6cOL-WbQ3czn5PAzDjYQhCBGQYoFbcWBHZSJri4pIHFDH9lDV_tvra-z4hGh6iFrxGMttmQMgyFD6WY6dhZ_gdfKvV5pSD1F4XjWbCWB1bA9s0ItDtQv6Gb-N476PkpHQmZRQrc8N31VRSz-HDqy1J4jNjcUgfdEGldSNfRv6fZvRkwsFo9_kC04xwPCHwOlSBvIVr6JW_yJs6tl05UiLOZ-MrSJUEfMKDYwyFunSspWBIRY_UAPZB96MRt4-ubHP8cm3WltQXGF9zGTLh8Hin0r067bkt-BpwGDYpbTtxzfcxlLeZbzvy3EOBJWCkLkJdEnaOZk8UA_bEkFTwfvL6sf9ESKXHiOwyhhcG-rvY33Uk_oG33PcNFCzrbI7WOPJwzF3XIDe-hytHa4ubigSuaihi9gSt3oc-to0R0fZzJwxF8N0XodwQOOs9G_deWzP-RdTC6pWzohwS8J7v9mE8yX0VEQvd9jGUwaINi4_dsJDDltQdRhwP5fo51KHgWyF8QfPELSjqK-V6n7XVBYCZZwjnyzH7pL43W4OUYxUNqGSq9pMgAfco0J4Tdwq5Z4g6EsA48TJRczTMHz7iwAzEewLRwSYW_OCLkLSG373k90Twfn30FGzZPcGvxVmuKOGD7SXnQlylB2rWixejxG2lRvR0MveYTir5steloiTWNo9CGLtkJLFvoxKDyZvH54yOvNjz7AeAiPl3c_zmAkKaLs0mFAVaS1Jx25zeia48PiGr62cnBN95zP_dVHYy74nWnzq7ElIAphvQRKC-fGm1CNxsy0uRy1gYzKtqW-EvzFebUEP0Nb3cN8Qqj-_P4uwqwbUPE5xyHhP7EvxHbRNfuo60fXVN_a1Fomp7ezGmMaFD0RlTrCXf23BujfNDXpY6qFmcyJzaVZTwo_K71vCwpfjYddqeon9Nhc6V-wRU4PdELXbdv3FPdSQN5jQLs_EyDR6Tb9hOZP9MGIZF42bqRWcahRAKV6OqXZavPzoOCK6ZJ9hyyZVeSif1cskgdOrdJHv1WU9OL4XFcFEDhQ_JHWa-YMzkiNV8f1RdY32Su8K__bS0obGSruz8VtD-RnBzsSB_ptvAZtUjHby13yl8fXKdEItujgKmIcHYuSWjJSNN9RVBHo

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E07 37 KB
14 KB 29ms
28ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 09:20:38 GMT

GET
H2 200 tool1.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 17 KB
17 KB 32ms
31ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/tool1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

af4f5aa27f85bfa88747d5a7332f5a5628ae3f908485a4957362f70fc269af7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17817
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 tool2.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 18 KB
18 KB 35ms
34ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/tool2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

7d9ee7de58fa69370d433666da0e80a06ca6836c2678abba05daec1dfd7fc813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18420
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H2 200 tool3.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 6798 18 KB
18 KB 40ms
39ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/tool3.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

c329da97b9a2236aeb54522f463bb58978faa39f249be90bb0a704cfa9576405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:57 GMT
x-content-type-options: nosniff
age: 159347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18107
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:36:57 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9675 0
0 70ms
69ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFHTUt1YfIjhjJNdZlBoxdAcRK1Ho7g88QvplXLTph_1TlyL6wwPiIcYC_0DuazBc70OSoZBFB5m7pNWGLDT19PJe4hFTvjW3HvQ9FgDv7yN0nweyQLkE3VmvcQs3ivX6gX5IicUL_mQqPWbEuGH3l8dfnVOPReTQMyA2jq7vCeS-Sm1dDWTCB9Oul_g5hP6v1L38tlgXA_fRw_a42EAIsqd80JTBY8Bb_84BheX9sDdntdu5j9MJoiDQlqygUkGEkn0btHzfyKqLUv3gZjn2IeSGIfEucZTcDmti1Fdd8_w97qicAm7fUmWVxlWym_8kK9HE5omzT7N92e9faNGmcGat_02v-Xfk0VVZw0DXy9F8nlH7sExLxB-bnkADWw3tzICdSF0jwTrIriOeQg5MWw73jdcPFtJVjVMnENmbM2UuGe9SQeyRRzdsSW3JP3o0kqgOGAqUST6cGpAE7OTokp84jEGGJT3wCaiBUoANj2hzhfNsdy6jxp2KVL8pzAJgFAQdljUSxW0NnQczlpH8bzy31HVWLlzEYDVjh6WG1P7cvemXOoEqXK2htiWxLMXzd9lPizLKzHadgafQt8YyzEFkTiEBJDM9Tey6sjZ1i01BNWo3Uvuo2ngddidgLMkmpFZfwvAAntFSJf_tz0CCbmmc2ot_KLxS_wQdxQQEHYQG8tLQ8ZRQTxRc0R0iJkgJtPwVVqGZ3PdDfcwD4tnktEOIFdUfpTTlD5nxTjwq-4v-xieaiz0fKNs97sl2FQ0RWh915aIftjEqNp6YoYtfAX5icVLaG4Yya2h4_-abRtz-rnnpP2j3zVpNXwFCEPSP54uWBXrs4KOixQ3ZZU9qG6R-tVlLdB3yrfeejAccxqXa5SU32H_kFFD6seqMzDPx7clPfGHONvqcj75G9IWcJz7Q1gHNLk5jYYpaQW9Foi8dxKRDrXP9V7ItFFizJmWQ-HZBcnQNzTvGhDLIDMyAJL7H_PFQNUZ8PaJqssr-6Y3Ip8Wvn1JOp5JoVRe5dw2SU1_D2Z1apwV1FKcMOf6YfQSZMTrzJSQGr5y5GBvLc44i39N_5dtbgDSxwNYlAG8SGGVjyoz6QFtPqJ2hfz8FQ5-SeCEEg1VheD0eISs4pMXIR9e6CgK0E9T9DJ5u-Hm7y2N3W9Dt_uoqEsJB9axMuHJVHLpTsSc03LramvGJHkZ4Yno5FySE6tln10A5AofUqH89ut1sftz2BCMjXUDvsGIJcdffa--oLZ_6tNvu3GQ&sai=AMfl-YRinooyoh7Wtx08QzmiWlzyeAs_zhXAUzS79NIWQn9DGoake3OOO9Al6tTdl0uM-IPkDlCzr6W-vv-teWwVBsE9ivyAKzKgXvQsfsMGq-PYfyI5t-vLALhnBKRfwK_bwDGx0ilD3RVXcO3tXwEjYW5GTpe5IcPIZMSnN9hWv-6qTL_67Ab-Hu3Kn5rEA9NLZ8FDSKcTRImJlkmwxCODK_XHpWLdItGexn0LpU61-kOFmKgUTmLuIJ53uUGDMYFswHJr7Jic-YgSAnQ6kBd4m1IaafCqRUFq1E2O&sig=Cg0ArKJSzCTKLNpwdGFVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1461&vt=11&dtpt=997&dett=3&cstd=461&cisv=r20231004.69563&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/tnai4qzf7rik

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
83ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4b1653d1ee070f1c5ce99f637e6adc5d2f4c76b59ce89d57a5c20b0170a5897c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12087
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 09:52:45 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4619 13 KB
5 KB 30ms
29ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:20:37 GMT
expires: Thu, 10 Oct 2024 09:20:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9149 829 B
1 KB 437ms
51ms Document
text/html 142.250.185.68

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

13cb30eac571e5b40668694c68e4717cb3ddcc6b4d56b572c3cbea25cb1dba59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wk_GkR5onhhVchoGTVXRZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Wk_GkR5onhhVchoGTVXRZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 09:52:45 GMT
expires: Wed, 11 Oct 2023 09:52:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4619 37 KB
14 KB 34ms
33ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 09:20:38 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9675 42 B
108 B 67ms
67ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZy4x6KSmsmuUc6XlzdGrFc3EXe4-fK6Q3pRgFG_ZP7c9xgcLtMClYWzGHw7-3kG1hwbu_J0boeCpdMs2U5ycfY9gwzuCtAaccmZz7x9GxWx9zvflnjEG186UutlDF&sai=AMfl-YQGHEcZW_BTU-6AN2JsaX4QSPuPj_zG1VYIxrj4M1z9wuNw_YnOUnfqRBCRGAE-AHUDg4kcPFmbs4uDA2g2QQBXrM7Bbf8f4POeIQIu3doARjIa03XhAbfBgDFomcYtwQF4W2uu0p-OZkS9aQ&sig=Cg0ArKJSzKMPzqHcaDH0EAE&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&id=lidar2&mcvt=1012&p=0,0,90,728&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017963098&rpt=1002&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad728x90- Show response
fundingchoicesmessages.google.com/f/AGSKWxVqmuR2UHyJPZDzqPfxN5LnOhRHzu8-NkLKjyNHUl24dQFzkwxFyEJnJC1n7YutGSgjY0V0XiAoCfDa-Z6h7AUqiBTGZqpl8w1-hO3hoFBnpPPkay_xgIRdHSrNRCQt-eEIElGegFY8WXnv_RZXSc-547eyN... 54 B
297 B 50ms
50ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVqmuR2UHyJPZDzqPfxN5LnOhRHzu8-NkLKjyNHUl24dQFzkwxFyEJnJC1n7YutGSgjY0V0XiAoCfDa-Z6h7AUqiBTGZqpl8w1-hO3hoFBnpPPkay_xgIRdHSrNRCQt-eEIElGegFY8WXnv_RZXSc-547eyNZQSF_1htbWXdrbjAjy6DbScwYZtGu31/_/misc/ads..ar/ads//sticky_ad./ads.load./ad728x90-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ijVdt3sf1ts.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyOha332GaUQAyltJTof-mFfmmeNA/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

d3d6fb4fa4c781de1e100b65589b3cd37f7333846bf8b69f189f31fed8e9ff85

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oPBg90WEwahE2tpTaJ8e3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oPBg90WEwahE2tpTaJ8e3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
146 B 32ms
31ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 17:22:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 17:22:58 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KWNCNqi-V8sS4dBorskNBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-KWNCNqi-V8sS4dBorskNBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg== Show response
fundingchoicesmessages.google.com/el/ 0
201 B 69ms
69ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DD60Jv1pdkjIPJtEpYgRdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DD60Jv1pdkjIPJtEpYgRdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 4619 0
42 B 29ms
29ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gMIOGw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg== Show response
fundingchoicesmessages.google.com/el/ 0
200 B 62ms
61ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W6oHVmzCW8jzxXmOwvKqPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-W6oHVmzCW8jzxXmOwvKqPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HHXHkh1YDcttvaHGumftNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-HHXHkh1YDcttvaHGumftNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUpxmX4WE91rWmp0wTtkmlKYYLpQrJfsB1qgSeAl67E_HkO87fe_1hwkW7msWo0Itp-bjSLCVc3rVr-ooVQdAwiXBs2x06AGTjUXtK1mGoMvQe9Khyp7oSTEMgIR9L0wgrwy6J42Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 78ms
78ms Script
application/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUpxmX4WE91rWmp0wTtkmlKYYLpQrJfsB1qgSeAl67E_HkO87fe_1hwkW7msWo0Itp-bjSLCVc3rVr-ooVQdAwiXBs2x06AGTjUXtK1mGoMvQe9Khyp7oSTEMgIR9L0wgrwy6J42Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk3MDE3OTY1LDIzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsImlqVmR0M3NmMXRzIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

5178c2b6e6e67b90c59c7acea94bd473c0205e29af5e7559c12b8af3ba736b1f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-brqVteNEBWqWwUs056v9vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-brqVteNEBWqWwUs056v9vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxWsPl0eVjXKgJ0XkYdWYZL3hFpV9z-KnzZtQh1bsEYMAeoiY_yeyzyGe68Vkmkj6lOj1rdskraXVXFCgH9JDwk8KDjrfszu9i4txGrke9kt1C3z5PbFJlkrkk4WDB4-DXkbGgwiXw== Show response
fundingchoicesmessages.google.com/el/ 0
199 B 44ms
44ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWsPl0eVjXKgJ0XkYdWYZL3hFpV9z-KnzZtQh1bsEYMAeoiY_yeyzyGe68Vkmkj6lOj1rdskraXVXFCgH9JDwk8KDjrfszu9i4txGrke9kt1C3z5PbFJlkrkk4WDB4-DXkbGgwiXw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ofXkGuGmPe9Ob-2y3LCdRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-ofXkGuGmPe9Ob-2y3LCdRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg== Show response
fundingchoicesmessages.google.com/el/ 0
200 B 81ms
81ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUI_IZOUgG_W-idDgCgJaNJsV-m3BLWxnYkktJxs0dZYS4_Z6VQi8HvIEb4GFP41uXl4C-7PuK1mId_5cV5nUFHmsmigJGA0KAHvBwFkKsP1SCgj4XV7zTimavMEA9QBBCg6Pz_Tg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_xwx6hzTFYwgL84NJvLHOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 Oct 2023 09:52:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_xwx6hzTFYwgL84NJvLHOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9149 0
0 65ms
65ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=1501777917228061&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E3 0
58 B 66ms
66ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4699842256095&version=m202309260101&ct=77&x=1&cor=14158013190161400000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3161 42 B
108 B 68ms
68ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmnhsOlMJHx_CKy4g-KViETkbOVYGxeEJcP4r-JJAys5_PHxh_2DK-mlmZ_lg_amOKBRQmZGg2knL9e5o6j-ESMRCe22xyg6MNhJO2lvsXAFxbY3u90Ee1Fw&sig=Cg0ArKJSzL-6spyd_CneEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=4102376853&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017964098&rpt=627&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=1501777917228061&bg=!KyilKGfNAAbjlzx0w5c7ADQBe5WfOJt-AwbGTY6GDAAAAr4wwHQ3PBsUzw3lWbjCXmqsqqJcBwpACrp1ZefMVkeekSByAgAAAFxSAAAABWgBB5kCwz3JoywJV98CNPLOfEy9Mno7bau8TVi8nqCLY2tFoYbMgJ5J8frq3abRPs5xLkoUTznauTuzuXsBzjM7pfXNtakPXi4iCs9pcdq3zN4pBZ1K9Qh0C_SefhD_3kHJz8-3r5NP3g5eRsmUBcSHCWHH3KQv6juvTE4nRETbe1mPp6GBEwC0bjsb8-LYKDKw85d-TjuADFk2KCPGflRDJz8urrUHsm4W4DPzl8UO2g6Dm-h7Zp_Y39OzmoTOeQBkUkYIDhb66apCt2DDiYgu4pILs87zYtlwNsYreQlT2YTFJoUm_IEgtmp5Ns-YzOL5p7E4Mp2YQ4iuSNVVAX-RL5mUAwcccvoStuTLfGNA1H--f-WMKTxEt8p09CRdHAbSblgvO9ewdISXXut9m23bbUj_JGKHVOdnWU5tnaGWosgafYC2IB-xINvtJhaAd7yxvW_L-CJCglsG8n_WATkNvR7eZchcF9ZWzQbQwyQxsnW-NTi4K8uV-OJVPQ1oPaY3r_icnhLZ4GfArThHc73nasmsnM9JKCYTs3Tq2EFtLnvmRbDRVnl2mmPcFDqj9XUtBEhHPwfGbpGJEs17K3xNUXgr-6QVSIryIMVMcuZJKlxWf-XnWVq18mtRjWHXc_2UuK91yEM-R9z-LLcedmmgYMZLZI-pbQgIeIZ0IG9P7ohNeg9suooXxqZ1FQnU4R16qH6NwMHsv09If8_2sUpj56nV8Aolx0U3HxyGuOTgn_mSQX-rElO0XdU8PhBJheqLOJx2v33ZWWVDo2yvMJWV9QhtGdRK4UC1slLvEmmrnq6uiE04kP6-G2swFSKPCbXCFhAy1B-VonXGGvJin9qB8-vkoI4RyDaDLXODT80jyYazTlf8OlMiSG4DACW4oAfIn2BsOhppJfFfTJkYDeI4vcQOvfVMGDHb7fEYDLC1QvwTuwslahc7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 05E3 42 B
108 B 73ms
72ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXIyE-kTe2yQqOhPsWEGawyHtYxLoTURvm3ZpJB4QKHcaj3uG9nh_damK7J7d1dmu4CX_dVoRyg0jcv4nRf8GkZVlBNniD6jqrKbRuFItCijjT1uZ38cs_TOFi-mH5SZCZqOZITt0-CA&sai=AMfl-YQPiXKQrGOV2WnP7szcPr06EDfUcsS99gIt407tvdMEwr3tzzU5VSyp6vYITY6mY-ETHgOauBOHHcLmUKjL2CD_6H_-Bv-a7cimxGm0kb8pacL25Wxe8mXebYFNwT-62rKpdl0MQz-9r0XGRA&sig=Cg0ArKJSzOsUCAs1FRhdEAE&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017963078&rpt=1001&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30B2 0
58 B 65ms
65ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1954432296963&version=m202309260101&ct=77&x=1&cor=2063245552341333500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3111 42 B
108 B 74ms
73ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0ZwQ15qJWo3YEfzIq0tY25__vVJ2pmbfPxDoaG9JCSIlWwuKhvpYyjalPByRT8Bqz2824-vBiUtgJ2IsIOJeTDR7wzA4le4Oto7XNfthi&sig=Cg0ArKJSzM45MnUvwsq1EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=160236217&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017964087&rpt=717&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30B2 42 B
108 B 71ms
70ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcg-Mi9WF5c6u3n1K1zlAoE2aUX38epjxgykq2hwD6p4QlCUk6gPmY9WUTny7Dbpm0HImHC-a95HzLyo2yDsR-nmPXvR2gvxgNqo7DtgjgfPjrxlgB2_-t1lQoh8KPAfCsGdN1lyIyYA&sai=AMfl-YS--o5qGvHODL6HcTkCUgTxylciSFEy2HbleX4XNFYbcXtJv--pxSqHY53Goz0ADPqPP3GEYz4PKEjfc0DRWGx_9FTMKEKoUTF4uC_Dr6NsFsVG2voGhhlppBES92NJ1_yg13fJOvHW_Uzjow&sig=Cg0ArKJSzCsILemFQpJnEAE&cid=CAQSTADICaaNC4xM4ApSPRLpNXlKKyBMws5ReKzrNlUEtL2Tzv-GAlA53C0g6LY8i8P2qqQhp5veTZIkXkGP3KZs2sDy4ScWqLnDjbPoydIYAQ&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697017963039&rpt=987&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9675 0
58 B 63ms
63ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2382800049830&version=m202309260101&ct=119&x=1&cor=14224486651865270000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 09:52:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.dmca.com
URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766

Domain: www.file-upload.org
URL: https://www.file-upload.org/assets/images/norton.png

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Wed Oct 11 2023 11:53:39 GMT+0200 (Central European Summer Time), path=/
.babup.com/	1970-01-21 00:59:37	Name: _ga_3T7TKCZCC9 Value: GS1.1.1697017960.1.0.1697017960.0.0.0
.babup.com/	1970-01-21 00:59:37	Name: _ga Value: GA1.2.949994581.1697017961
.babup.com/	1970-01-20 15:25:04	Name: _gid Value: GA1.2.668886364.1697017961
.babup.com/	1970-01-20 15:23:38	Name: _gat_gtag_UA_119779859_1 Value: 1
.babup.com/	1970-01-21 00:45:13	Name: __gads Value: ID=327a01ceb8ef7404:T=1697017961:RT=1697017961:S=ALNI_MbnyOWp_1C0yaMl61U-1EzwlqgX4w
.babup.com/	1970-01-21 00:45:13	Name: __gpi Value: UID=00000c94b86af46d:T=1697017961:RT=1697017961:S=ALNI_MZaN9Kgn3DnaS_L2horoVnk5ER8PQ
.doubleclick.net/	1970-01-21 00:59:37	Name: IDE Value: AHWqTUn9Y0VZUQmlGxcUFPLVms3mCqVvf1jMbJWeYo7LrfEcuzz37qAd2NvTba9kpwc
.googleadservices.com/	1970-01-20 17:33:13	Name: ar_debug Value: 1
.openx.net/	1970-01-21 00:09:13	Name: i Value: 55a13f93-b031-4a95-b5b4-6acf9e687a44\|1697017963
.adnxs.com/	1970-01-20 17:33:13	Name: uuid2 Value: 5464293653096304962
.adnxs.com/	1970-01-20 17:33:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jn=!_u!]tbPl1M>e)ZlrFUfJ+tGXxoT?16]#Se.0iBMuq6^FhD*U(HOHNacVZ4OYpV3If)y3KL9D3I?+X8Wk.X
.teads.tv/	1970-01-21 00:07:47	Name: tt_viewer Value: 64d43f73-a6c0-4d0c-8296-6998bf8ff5b0
.casalemedia.com/	1970-01-20 17:33:13	Name: CMPS Value: 1204
.casalemedia.com/	1970-01-21 00:09:13	Name: CMID Value: ZSZwazBklmhcMlRcl9fnOgAA
.casalemedia.com/	1970-01-20 17:33:13	Name: CMPRO Value: 2239

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 103) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
cdn.doubleverify.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.dmca.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
region1.google-analytics.com
rtb0.doubleverify.com
s0.2mdn.net
ssl.google-analytics.com
sync.teads.tv
tpc.googlesyndication.com
tps-dn-ew1.doubleverify.com
tps.doubleverify.com
us-u.openx.net
www.babup.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
certify-js.alexametrics.com
images.dmca.com
www.file-upload.org
104.18.26.193
130.211.44.5
142.250.185.162
142.250.185.194
142.250.185.206
142.250.185.227
142.250.185.68
142.250.185.98
142.250.186.102
142.250.186.142
142.250.186.168
142.250.186.34
142.250.186.35
142.250.186.40
142.250.186.42
142.250.74.194
157.240.0.6
169.150.247.38
172.217.16.130
172.217.18.1
172.217.18.110
188.114.97.3
193.108.153.5
2.16.97.41
216.239.32.36
216.58.206.38
216.58.206.42
3.219.162.37
35.210.149.152
35.244.159.8
37.252.172.123
51.15.15.22
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
053788222b6b71a1921cf2e5f0b19e3cdc4a61c1c771baa3e363237b7081de50
053e070a1299f494228cb4a0f6387c04ed16bf3ef08f42d1c6a7b0e744bd656b
06e5bd787d900d77d4d0c294a2f4f6abcf5d3aae8ccad701fe881184af3589b1
08cd796d9f35e673a64293096ec9e16b165cc5e5eddeee9ec79d443fdefc1eb8
0a5ccf7cd2d1acc758bce046d62e3807cabf85c28efcda4312d824fe2ccafecd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4952a4fd935fda08fb4a5450939c5491ebdff358da26a4be553847bf57f478
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f2d6b36011d584ff0a11788ded0ac2282175906370f7e50f7353faed0b5b41
13a8ec3f171712819a01264d2bfa92de9911884df584c6d8076be2861d782d79
13cb30eac571e5b40668694c68e4717cb3ddcc6b4d56b572c3cbea25cb1dba59
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1c3177b2bb09130b3eb00f3ec5cbc0a43c8c2dd90bfccb329359601cab1697b1
24c8ec1a7adf9755ce2a053e1310b90c94f656b0a50ea075b7f02c56726af55e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
261aa98c46a19c3fc1463a3ed7d9017b957cfbecbde7ed05cbd04ecfba629d39
274fc2680c0d8472de5618a221d7f6ffbd1f05cf56785e513248b055d3c1944a
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
29c3a289ef7b6e18dda55b7685e73971931491f8ba2eef5215e2ba6e0f937aa4
2b16939b8b92e7f165ed073c1822935d06e6882f1854992d9b604ee3def977c6
2ccc4bce7ad912b9893140945cfc8a1158a20056a3691a1fc9510ba49128b724
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3c961eb0ad17a40983a3c3040add42d6c060faecceec186641bf811c966c79
309d1e7a0910dcd7e2287c939212d29f7819be564fbfebf35464ca6b0f55a92c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
364ab71172dcec756bfbc3f25958e7d8a6627b52383045afbbc64c2fbb7624a0
382618321bb19859cf68b11ca7e6794ea2cf41946dc7c061b10d165a25495e8d
38feddba3a0b65a3c296b7fb5299ae45e46b71c42e551b8c7aa58a4c8aa71d34
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457a4976f2c1a5938a0f4f8e01a3b57842da6c63d0b9f5c31284c8dadeba1e09
473aae51528adc32bd350a29e318a8001cf46ee6d948c34ef79a87947130c5c0
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47c0d11b0e6dc711591fbdbddadf33bd6bbe23f948b02e737ec5d5cc2932c177
4b1653d1ee070f1c5ce99f637e6adc5d2f4c76b59ce89d57a5c20b0170a5897c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec08ad7ef544fbfbadd6a1400d6d9885a490eb77beac27f45e69047eede1423
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
50cefe740de73e699556e3dd40822eec48b3a90ebf1f2bbd868f2dd7bd03c704
5178c2b6e6e67b90c59c7acea94bd473c0205e29af5e7559c12b8af3ba736b1f
54418239ecb85f4abdb424a3a40ff547e89569f749cfdf352b1427f7a603cb26
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55de4940155110787ee6a3ab3a412007a633a953e7eafb5f5be6ad3258a52233
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5a1f05b0a03701f90c5f2f76500312985a8683179437abbc603d6dd8ec819823
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
601482e264816df8c9be5c8168acda34de9ca5f4d165c24424e8f9242c31e54e
6089d031a41ec078833de572fa22a15e446ce6acf24b5499eb2d90d1c8aab0c5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
64bf45a08d59438086ecfe95f16edcc19f1d9862d71858ed0434dc8f7a0100e6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a4c6c5f469c7f9bedacbd8c0e46536ea0c4522f9b3bb5a1ef1c8cc86ad08c86
6b10746a2757d284b989ff2029755090dbfc7de049c0bb44ca8a60696bbda9e1
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ca9aab5dec0141d259134a4599efc5ccea30ebd6699f0a096bc96f2a79b97dc
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
76b57be2266c0e5cb783321882e9fea6d8fef9aab9dcfc628f8273ece98de65d
7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee
7d9ee7de58fa69370d433666da0e80a06ca6836c2678abba05daec1dfd7fc813
7f6259ad7c782c5d772132b0c5173661c6ce9a1b4a84a4468ae7f702138242f5
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
89a9264ea6907510a5fa2113f2ba4086c78196b099e5af78cc6489d579f50735
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d255013c6a96aeef77385bca6dd8a7be51e028659833cb46c58771827209aa0
92a6fee03fb491de905b87c7c75759b54a551024d7038d558456503af2b442d8
984e75b190b0aab44cdf4715843ffe264498048391458e84ecb00f6b446f1e04
9975b846c61895bd1cc0f220bc75aa61245b7b3366eafa164bf587f69d185333
9fda5e932922ef819725fa102f4ebb05e86cad17058c39eef0ba7d71f3600e87
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ff5e441184a332c1230e3082320d940687d1354e845be0ef0c079af4b32642
a448014d09745138c8bc19d9859d77c88e5e91f928866b162db9efd7a3ab44af
a69df09142ec8e7339c030c1efa910ed3a608bc259609da87fd9e7ceaa5c2ec5
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
af4f5aa27f85bfa88747d5a7332f5a5628ae3f908485a4957362f70fc269af7a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ec162fb40313327aa6b7f086ecb73f133f5808711b174bd9e3830b1330b2d0
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc
b6c59e6668d757af5c06b8c0784c1b00fca6a6b04b072a1ec99bc793b78bc2a2
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba360b3cfc8d290f28746c03a638dc1260e729b91da48c1be12a9ae563ae9ea9
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e
bc78801bbe481e0889a9dae3f27741be88c962c181e66a79c97af2d4526e5b74
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c25760f125351ef490fe9ad805f3344593900dab94a871b6025e0e9c473f6ac2
c29c77757fec31c480260666714c70dfbc595ddb5bb65aa9fc91d18ae0478cbf
c329da97b9a2236aeb54522f463bb58978faa39f249be90bb0a704cfa9576405
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c830bc6034b2a619fd29e5e0bac25bbed6cfa097843bb18cdf8618241fd4a119
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cb5c0deecc0fa2b831ea48adbc72a180c15843c89a4b87b661ede2b04d4d6828
ccc4933d215817ca707d09272eb500e115047f3913303937760c8e34c1bc2c5e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d034e3ecd52afe7ce040dbabe96ad8bc14ce754b645a87b84d0f154d64759880
d3d6fb4fa4c781de1e100b65589b3cd37f7333846bf8b69f189f31fed8e9ff85
d66fb5eb1178ba91ee72064847c0383ec2dcfb4c4f062f5167f91b85e58dd358
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
d8800badec2656c4ae6ac9a525b0d20f941d8ee7cfc49b6a52f726ab1294819c
d9b0512f83947d25efa60fee2227ac13a2b228936869bea5e5503b4856d4afe1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e29725b20bfd16f873b8cf3fae4f1867916e2bae5d1281b516613975747d197e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7722a4bd4fc9b485d47d6811ca4b788b9ca7119309b6993f5ed3b0e2cc40b94
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f
ff13cbcbc1b8cf32dbccec69349c0f21117f7d114a837885728368f3d12e3b8f

www.babup.com Open in urlscan Pro 51.15.15.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

89 %HTTPS

0 %IPv6

22 Domains

36 Subdomains

33 IPs

6 Countries

3482 kBTransfer

9191 kBSize

17 Cookies

31 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

89 %
HTTPS

0 %
IPv6

22
Domains

36
Subdomains

33
IPs

6
Countries

3482 kB
Transfer

9191 kB
Size

17
Cookies

254 HTTP transactions
7 data transactions