www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/hmykm7fbfpim
Effective URL:
https://www.babup.com/file.php?get=hmykm7fbfpim
Submission: On October 03 via manual (October 3rd 2023, 4:04:36 am UTC) from GR — Scanned from CH

Summary HTTP 210 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 36 domains to perform 210 HTTP transactions. The main IP is 51.15.15.22, located in France and belongs to Online SAS, FR. The main domain is www.babup.com.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.

This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 7	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.15.15.22 51.15.15.22	12876 (Online SAS) (Online SAS)
22	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
1	169.150.247.38 169.150.247.38	60068 (CDN77 ^_^) (CDN77 ^_^)
3 22	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
29	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
11	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
3	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
8	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
3	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
4	193.108.153.19 193.108.153.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.107.213.45 13.107.213.45	() ()
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.185.228 142.250.185.228	() ()
1 3	92.123.104.47 92.123.104.47	() ()
3 12	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	213.227.153.220 213.227.153.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.199.234.25 34.199.234.25	() ()
3	213.227.153.223 213.227.153.223	() ()
3	185.89.210.20 185.89.210.20	() ()
2	35.71.131.137 35.71.131.137	() ()
1 1	34.205.126.186 34.205.126.186	() ()
3 3	37.157.6.237 37.157.6.237	() ()
1	34.160.236.64 34.160.236.64	() ()
1 1	52.45.175.185 52.45.175.185	() ()
1 1	82.145.213.8 82.145.213.8	() ()
2 3	93.158.134.90 93.158.134.90	() ()
2	130.211.44.5 130.211.44.5	() ()
1	91.228.74.251 91.228.74.251	() ()
1 1	13.107.42.14 13.107.42.14	() ()
1	178.250.1.9 178.250.1.9	() ()
1	174.137.133.49 174.137.133.49	() ()
210	41

7 188.114.97.3 (Amsterdam, Netherlands) 7 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.15.15.22 (France)

ASN12876 (Online SAS, FR)
PTR: server.babup.com

www.babup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.206 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.108.153.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-19.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.213.45 (None, )

ASN- ()

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.228 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.104.47 (None, ) 1 redirects

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.212.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.234.25 (None, )

ASN- ()

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.153.223 (None, )

ASN- ()

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (None, )

ASN- ()

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.126.186 (None, ) 1 redirects

ASN- ()

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.237 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (None, ) 1 redirects

ASN- ()

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.158.134.90 (None, ) 2 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (None, )

ASN- ()

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.251 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, ) 1 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (None, )

ASN- ()

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	600 KB
34	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	269 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 775705	548 KB
12	google.com 1 redirects mts0.google.com — Cisco Umbrella Rank: 6671 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673 www.google.com	129 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	562 KB
10	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 13644 b1-eudc1.zemanta.com	1 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	162 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	598 B
7	file-upload.com 7 redirects www.file-upload.com	3 KB
6	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 676 rtb0.doubleverify.com tps.doubleverify.com	126 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113	36 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	2 KB
4	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 2546 ams3-ib.adnxs.com	29 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 668 www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	38 KB
3	yandex.ru 2 redirects an.yandex.ru	954 B
3	adform.net 3 redirects c1.adform.net	2 KB
3	bing.com 1 redirects www.bing.com	11 KB
3	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3383	148 KB
3	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2157	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	174 KB
2	adsrvr.org match.adsrvr.org	297 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	147 KB
2	babup.com www.babup.com	9 KB
1	adkernel.com dsp.adkernel.com	233 B
1	criteo.com dis.criteo.com	363 B
1	linkedin.com 1 redirects px.ads.linkedin.com	779 B
1	quantserve.com cms.quantserve.com	463 B
1	opera.com 1 redirects t.adx.opera.com	673 B
1	bluevoox.com 1 redirects im.bluevoox.com	520 B
1	mookie1.com odr.mookie1.com	213 B
1	fksnk.com 1 redirects fksnk.com	612 B
1	cheqzone.com obs.cheqzone.com	3 KB
1	microsoft.com adsdk.microsoft.com	29 KB
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 12920 Failed	5 KB
0	appier.net Failed a.c.appier.net Failed
0	alexametrics.com Failed certify-js.alexametrics.com Failed
210	36

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com pagead2.googlesyndication.com
22	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com www.file-upload.org googleads.g.doubleclick.net www.babup.com
22	pagead2.googlesyndication.com	www.babup.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com www.file-upload.org tpc.googlesyndication.com
22	www.file-upload.org	www.file-upload.org www.babup.com
12	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.babup.com
11	www.googletagservices.com	googleads.g.doubleclick.net www.file-upload.org cdn.doubleverify.com www.googletagservices.com
8	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.babup.com
7	b1t-eudc1.zemanta.com	googleads.g.doubleclick.net www.babup.com widgets.outbrain.com
7	www.file-upload.com	7 redirects
6	www.googleadservices.com	www.babup.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	www.file-upload.org cdn.doubleverify.com
3	an.yandex.ru	2 redirects www.babup.com
3	c1.adform.net	3 redirects
3	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
3	b1-eudc1.zemanta.com	googleads.g.doubleclick.net www.babup.com
3	www.bing.com	1 redirects googleads.g.doubleclick.net
3	zem.outbrainimg.com	www.file-upload.org googleads.g.doubleclick.net
3	widgets.outbrain.com	www.file-upload.org googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.babup.com connect.facebook.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	mts0.google.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.babup.com www.googletagmanager.com
2	www.babup.com	www.file-upload.org www.babup.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	px.ads.linkedin.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	t.adx.opera.com	1 redirects
1	im.bluevoox.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	fksnk.com	1 redirects
1	obs.cheqzone.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.babup.com
1	ssl.google-analytics.com	www.babup.com
1	images.dmca.com	www.file-upload.org www.babup.com
0	a.c.appier.net Failed	googleads.g.doubleclick.net
0	certify-js.alexametrics.com Failed	www.babup.com
210	49

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.com
www.file-up.org
www.dmca.com
safeweb.norton.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
www.babup.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-12` - `2023-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.outbrainimg.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.cheqzone.com ZeroSSL ECC Domain Secure Site CA	`2023-08-17` - `2023-11-15`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.babup.com/file.php?get=hmykm7fbfpim
Frame ID: 21C735149E045143CD697BF40E015F54
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: 447303118FFEB7091A460279BD5625BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1696298669&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868492&bpp=10&bdt=608&idt=941&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2292733678478&frm=20&pv=2&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=980
Frame ID: 3DACC5FB7CC5B7DB50DEDEDEF9C980DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006
Frame ID: ECE8A334024D6A3E61F601A2CFA0C4C8
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606
Frame ID: 4AF2683A83663AB6CB54AEB0E485643F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868936&bpp=1&bdt=1053&idt=605&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ZBoGSzyeyf&p=https%3A//www.babup.com&dtd=610
Frame ID: E7131931AA0D9B30BFE4CDD60AED5BA9
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Frame ID: 23AFF7E3CB94C9BD220CF52952883AA2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Frame ID: 04E1535730B1014712734C912531AE57
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Frame ID: 7C4268D7024FC19CC6AD2BD1284F7B15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Frame ID: AD4F1374B4239BA2552B7D4CB00F1CCA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Frame ID: CE461A3A66D233C1DF9B8E78168677A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: C71B27CA1BBC573982BB9DEA47CA6EF6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: E66D288EDFD8565A259F375350F8AEA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: F5244F1DB22A3E513F891D50EE0B7C00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 526090429EB82B1628CE06107324E145
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Frame ID: CD874777AE31E9D72CF3437194C41359
Requests: 11 HTTP requests in this frame

Frame: https://zem.outbrainimg.com/p/srv/sha/eb/0a/83/fe133380e4c5e951e6ed4a79e399b22fbb.gif?w=160&h=600&fit=crop&crop=optimized&q=45
Frame ID: 0FF027A724F66CABA4F2A7BA1DB08C09
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_OOEvQEwAQ&v=APEucNWgishzZFg-VE1o8e35-FTmtMjWS_MutBVIsSlLLrMEtWlHN-2goRTsRsniyO6lyg_-yq9Bdgg7qlrCx88YcVxno7nKIw
Frame ID: 39ACBC2365EF9A9FADB479C81015813C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E5D08F53BB16D5959FB54A5E119297E0
Requests: 18 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 434F41E2459429257AC9D23622611A2E
Requests: 13 HTTP requests in this frame

Frame: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Frame ID: 5B9A1F9E538148ABFE621B1F9D8C69CF
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Frame ID: 2ECD7490CCFEEE243A2A0A28C5BB3339
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92BCB70A5869F67ACFD8396F150DDC0D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E7FDDCB47051478CB723864AEC89C52
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5836DF1A96E874078C079F1D09DD128F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C22022C775D3CB171DD0CFC6748BC368
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Frame ID: 1A50AA9C9C9F78544EECD8940884DCC7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4784.js
Frame ID: 1301DE57223C1D27A3B9D3A8E700C8A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21E2A5D8BCD52EBB5DFDE6606620A3B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9AE8FDCB2C48370FB6A9EC298F0AFAEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/hmykm7fbfpim HTTP 301
https://www.file-upload.org/hmykm7fbfpim Page URL
https://www.babup.com/file.php?get=hmykm7fbfpim Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

210
Requests

84 %
HTTPS

0 %
IPv6

36
Domains

49
Subdomains

41
IPs

5
Countries

3033 kB
Transfer

8101 kB
Size

14
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.com/hmykm7fbfpim
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/hmykm7fbfpim HTTP 301
https://www.file-upload.org/hmykm7fbfpim Page URL
https://www.babup.com/file.php?get=hmykm7fbfpim Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/hmykm7fbfpim HTTP 301
https://www.file-upload.org/hmykm7fbfpim

Request Chain 16

https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
https://www.file-upload.org/mngez/css/app.css?v=1

Request Chain 21

https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
https://www.file-upload.org/mngez/js/app.js?v=20

Request Chain 22

https://www.file-upload.com/assets/images/logo_new.png HTTP 301
https://www.file-upload.org/assets/images/logo_new.png

Request Chain 24

https://www.file-upload.com/mngez/images/anti1.png HTTP 301
https://www.file-upload.org/mngez/images/anti1.png

Request Chain 25

https://www.file-upload.com/mngez/images/anti2.png HTTP 301
https://www.file-upload.org/mngez/images/anti2.png

Request Chain 27

https://www.file-upload.com/assets/images/norton.png HTTP 301
https://www.file-upload.org/assets/images/norton.png

Request Chain 86

https://googleads.g.doubleclick.net/pagead/adview?ai=CfIq_zZIbZdLnJaSV78EPtPCb8A62v7HEcrW92c3rEaClgOyQAhABIIK6uHxg9a37jogEoAHx6cSQKsgBCakCXAK3oBpGsj6oAwHIA8sEqgTbAU_QSqGdtdtwzIuXjYV3q6z8otRJkwGWQs-rGXg01aJQtu1bBl76LhEAJsPvZhOJ1jQ6Hyef5qYSK2ESBd8K1qt7COipgPUjrvqvCr2ksaCXTKitVP0uzz92CuA3VwmcDAcnlMdzTg5DrLRiziY66wsk9UXWf4bK2q1Zvauo4wQ3N5lzlxq7N9DrwteX1fMuWFNLGPlfYMTV0xwiZGRFm35e7u4fmxlrCFJsXAeMe3vGQWj3jx1GhbtK5gvTVZDuMF8kP2EA2an4Z5rQkU4PTXN8cEUrdB1RgzXdM8AE_NTI9r4EiAX53YyoTJIFBAgEGAGSBQQIBRgEoAYugAfxoZXwBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIy-AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkgaHR0cHM6Ly93d3cuYXF1YWNvbmNlcHRzYXJsLmNvbS-ACgHICwHaDBEKCxCQ0cjlqs-Dv-cBEgIBA7gTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItOTE3NjUyMTg5ODM0MTkwORgA&sigh=C-wTopUAf3Y&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaN4fEGoA8fHIqQerL7oDYr56VRyDLzZiXIKE-yIGX9WuMPFV3ypZZMr3-3f0mkjXoltAPaDH8MZDPCHBczD9mzf8b62NqQoP8YAQ&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1418eba65f1f38c90000000000000000%22,%222%22:%220x267dcc23c3012cdc0000000000000000%22,%223%22:%220x4873e80ee101c3a70000000000000000%22,%224%22:%220x88e50894ac8398cc0000000000000000%22,%225%22:%220xefb4c2da470761740000000000000000%22},%22debug_key%22:%222755256563952766452%22,%22debug_reporting%22:true,%22destination%22:%22https://aquaconceptsarl.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211308971249%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221227716323908066689%22}&andc=true

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=CzMa5zZIbZeCfJKmi78EPp7OBoAiY6oasc7aI7o7aEeq2jPG-ARABIIK6uHxg9a37jogEoAHbsqWUKsgBCakCXAK3oBpGsj6oAwHIA8sEqgTOAU_Q82uDNiKIhy91fzWzxtUE7uuK-PWbk2gjZ0jGAPW6mgWDOObgLTdGXBQi4GJMojE7fcFMqdo1SD6d4eyYR3NxuBj4mEBN6NI0ph6fx72CNTQlBByMpoOoGon8YjKQffMWY-kgzJ56BNlw_OGlc0qYLGTvCoph1jGNVTMbuFp5XeLZhba0vaC6WN0IZrOn6YNmkby5QGlrYrr9lBoYkKp86NpIqO-vcRcPklPM7XglM7MKY10DxcCJpZZNM_HDaTgqBnTLa6DLo6olfL0TwASCo_TpugSIBZu89spMkgUECAQYAZIFBAgFGASgBi6AB9vq9fMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQwPQF0ggUCIBhEAEYHzICigI6AoBASL39wTqaCW1odHRwczovL3ZpdmEtaGVhbHRoLmNoL2RlL2hvbWU_dXRtX2NhbXBhaWduPXZpdmFfcGVyZm9ybWFuY2VfMjAyM19kaXNwbGF5X2RlJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjgAoByAsB2gwQCgoQoNbtnMjk3vUjEgIBA9gTAogUBtAVAYAXAbIXHAoaCAASFHB1Yi05MTc2NTIxODk4MzQxOTA5GAA&sigh=VVrVhKrSdSM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTADICaaNRp6_ufLaxBut38qbDeuF4wpsQjdT7QZa_RAH_tT4TtSZ59qwidA4pC1-uP71G2jN_RAdtuYYN8MwKXW1bcQM1ougWbjGRNQYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x449a95ee295f5ab60000000000000000%22,%222%22:%220xdcd296c3f5a7c55c0000000000000000%22,%223%22:%220x56c67e590c03f0dc0000000000000000%22,%224%22:%220xf2b1cbe60d5149a30000000000000000%22,%225%22:%220x3bb7112c1279ad6e0000000000000000%22},%22debug_key%22:%2212288651332000100147%22,%22debug_reporting%22:true,%22destination%22:%22https://viva-health.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211316844891%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217768899152588104449%22}&andc=true

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr4wqzZIbZbWAI7-e78EPz66ToAzs8Z_McoGvpsa-EYCLgOyQAhABIIK6uHxg9a37jogEoAGS7fyDKsgBCakCXAK3oBpGsj6oAwHIA8sEqgTRAU_QM-HCZc6e2lGhk2RcmpE6J818t--bobfBFSvTRjEoaMWNVFK3I6jCUONlyg2EKDH_YXrW1bCkX-Z9nTO3VCspRJAz4fwIGXmStFzzJSq7OXOf6dWN2DSTkf7ZG1U2L2RiKrqK9GuDTzabmDb-BeND79VrlLY46BzNTiyeFwpdspl_eDFgfYAP3Kf1AzNHhcdid_KHampI4BcUBnKgdINEwtRWqCgdYIkMv0KuOcP3drPG0b16qF2teJ_utHcWpUUiE3Ao_C_gMEeUeK1L4jKRwATZ0ZeLsQSIBdLy2KxMkgUECAQYAZIFBAgFGASgBi6AB5KlzeMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnrIK0ggUCIBhEAEYHzICigI6AoBASL39wTqaCX9odHRwczovL2J1c2luZXNzLmdvb2dsZS5jb20vdi9jYXJyb3NzZXJpZS1zdGV1bGV0LzAxMjY1ODQzMjYyMTc0ODI1MzA1Ny81OWNiL18_Y2FpZD0yMDQ5NDgyNTgxMCZhZ2lkPTE1MDYxNTc0Njc3NyZnY2xpZD17Z2NsaWR9gAoByAsB2gwQCgoQgMyb0ajvoO0OEgIBA7gTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItOTE3NjUyMTg5ODM0MTkwORgA&sigh=Kqbk-k9YZdk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNZCKOI-0gyklBzqUhvyklfU9hl8Hc1ZXFCTOHo9h5OXJTowq2KtNNK0_PdsiTWvQlocowacswFOTZSiUoY-0XbqlVr8_VSCwYAQ&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3b9c2ee5a54547810000000000000000%22,%222%22:%220xa087e90b9564a18f0000000000000000%22,%223%22:%220x8e1945e695ba66600000000000000000%22,%224%22:%220x15b2f07b1fc6d80000000000000000%22,%225%22:%220x84b8fd7aa4114da60000000000000000%22},%22debug_key%22:%2211021125824997183580%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211282626194%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214528652597517831697%22}&andc=true

Request Chain 134

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=77814e86-e855-4e2f-ba38-03307978e361&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4256b880-a061-416d-85e8-31ef4d98032f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D015f2fa89b9a46fcaf977487d551692e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3cncc_fp&aid=4019568382758243303&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=015f2fa89b9a46fcaf977487d551692e&SNR=1&GV=2&med=10

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRuS0de.3dknysOfCHT5vQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1&google_hm=2

Request Chain 171

https://fksnk.com/cs/google?google_gid=CAESELYXwxYG8cB1D-TQUyItmHY&google_cver=1&google_push=AXcoOmSPN7Wh63ir9omn_71Rrv_MxLp2bphrohKA0hMLao4QmpqFylxfcMAc4noE-zQSU5rVWZhOtBVujSvXmhhgJy8xRVdsHwgh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REI2RTlEMEU0NDA1RTc4Qw==

Request Chain 172

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPCtYKjsDD1Sgi-LfrhqfUI&google_cver=1&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfeOMy7kpU8Wpx6F_bKT7kGCn HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPCtYKjsDD1Sgi-LfrhqfUI&google_cver=1&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfeOMy7kpU8Wpx6F_bKT7kGCn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwMzE2MDg4MDQ2NDMzODkyMw&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfeOMy7kpU8Wpx6F_bKT7kGCn

Request Chain 174

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAUKtoiX1FQMyn8IWX-gOic&google_cver=1&google_push=AXcoOmRn7z2DAu720v8lPFTsfniCgUkZAQaSjGV_HZ5ZV6V4sKsNmopaY6VnOMRj8DJ7kCwpQZomHtN0zwPhfoxy_OhQg9LcT-Mfpyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRn7z2DAu720v8lPFTsfniCgUkZAQaSjGV_HZ5ZV6V4sKsNmopaY6VnOMRj8DJ7kCwpQZomHtN0zwPhfoxy_OhQg9LcT-Mfpyc&google_hm=QlMuNTM5Mi1lODM4LTQxNGYtOGMxMA==

Request Chain 175

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQC7Sa1K2cyoNY8RRHDKgB_8juD2CCvDTkMkFF65OQ2UUHxr5LTCK0NREN48p4O7acBrX3UXjh7DfNTP51ctggXQ-SL36TfRw&google_gid=CAESEHB_JR8upQtkzbNCwglQsuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHB_JR8upQtkzbNCwglQsuA&google_hm=T1BVM2U2ZDYzODVjODdlNGZkYjliYmVhM2IxZDgwMDUwYTg&google_nid=opera_norway_as&google_push=AXcoOmQC7Sa1K2cyoNY8RRHDKgB_8juD2CCvDTkMkFF65OQ2UUHxr5LTCK0NREN48p4O7acBrX3UXjh7DfNTP51ctggXQ-SL36TfRw

Request Chain 176

https://an.yandex.ru/mapuid/google/CAESEJP6uFD0N1eG-Y34ApBZcwo?ext-param=AXcoOmQPnKGUNylsFjIJXxo_iURVBbHU6cuQ5MS4xbi1jyHFTl8iRz71-0_QBU56wSLootQKf9trs5godVYXLrol6G0OtfZ6tOoRtMI&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEJP6uFD0N1eG-Y34ApBZcwo?redir-setuniq=1&ext-param=AXcoOmQPnKGUNylsFjIJXxo_iURVBbHU6cuQ5MS4xbi1jyHFTl8iRz71-0_QBU56wSLootQKf9trs5godVYXLrol6G0OtfZ6tOoRtMI&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJP6uFD0N1eG-Y34ApBZcwo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 196

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPqCJXsF48g1PaAfAie-pbg&google_cver=1&google_push=AXcoOmS3wyiQKZ0dBVmgNPoYA-Wz7LN87UitHxg-KKpvOC5JwpZ2AfPHGJpsw8dNGMDGrDbvIC-SGDa4c7aUFMaeXhQXAVyNaUCZpVY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS3wyiQKZ0dBVmgNPoYA-Wz7LN87UitHxg-KKpvOC5JwpZ2AfPHGJpsw8dNGMDGrDbvIC-SGDa4c7aUFMaeXhQXAVyNaUCZpVY

Request Chain 200

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPCtYKjsDD1Sgi-LfrhqfUI&google_cver=1&google_push=AXcoOmRcuAfWljDc4IUzC1dnlFW6q2y-UVhwVgIIrV_OTLoXzX6_Ywpv7a3RWGYwMvf_qCSt87rPscJsTFiWQORcUzw783KZ45i6miY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNjcwNzI3MjgyMDEwMzIw&google_push=AXcoOmRcuAfWljDc4IUzC1dnlFW6q2y-UVhwVgIIrV_OTLoXzX6_Ywpv7a3RWGYwMvf_qCSt87rPscJsTFiWQORcUzw783KZ45i6miY

210 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

hmykm7fbfpim Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/hmykm7fbfpim
https://www.file-upload.org/hmykm7fbfpim

27 KB
7 KB

524ms
86ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94011d8d29bb74c377a80ad50aadae2a5127bf96d7ab8c53f7a84bb02a46ea61

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81024d169a2a017d-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 04:04:27 GMT
expires: Mon, 02 Oct 2023 04:04:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULcpzHzfO8ZlQjYw3NN4q3ZUN%2B1HM%2BWgLtl%2FIAEAInSUBQnFhID5m%2B9qljDKFk8LjP7GmfsYyKgQzTTKHvDT%2B6m1ei8vWP7KzWFI3YkrmwjCd2ICxWNJGcXat2KiBKHtz%2BDRztTw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81024d136f5ed63a-CDG
content-type: text/html
date: Tue, 03 Oct 2023 04:04:26 GMT
location: https://www.file-upload.org/hmykm7fbfpim
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H13V%2FStXLqMgbyIduxUeybuNVp%2FlPZT6hxW0eMLxq0Juw3bWda2Sep4SzdXHqySMZVCAVBfI8a4fNtZD3KKeKS5HlBGalKoGrAoDwrC7ZQGuW8CUNLl%2F935Opg7lVPIvBsbR0v5w"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 96ms
95ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358039
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOBnZOTCBmofSYsaWwgHLrN544zbeznMPU%2BHclseli70CtP%2BlYe6tMjrnGKBFGw3strT2xn%2BPwWYb8jwYbPPPTCHKwVsB2833ZTrHOjepZgyUnF57KrdScGoqGWBmanrOo1b2xpm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 81024d175a8d017d-CDG
expires: Sat, 30 Sep 2023 00:37:08 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 125ms
124ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBBEitjZ3QJ1LiG4wtUsHMIjNquufPgghLJGTn1RPYc3cFIpaUfLX5GR%2FAYoJkoaRhMXPdcficAfIW1yyV9Q%2BLmpEOCDXIst85Xx4SYh38kbopV8mPb7Ud1e%2BuZbs5hS0Vf0i49V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 81024d175a8e017d-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 59ms
59ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742413
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI3jDsLwcLDI51CyDzXDOJ4MImg22nLOPx3l3tExrRLgye3wmkIqBU8hKlc%2FV8R1qIqDQkAPyQjdsTK4rov7oqQCieBjym%2BukDCzKb0xgn9XYBZOBfUEr9iao9aH9IEpo4ZDzDqc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d181af6017d-CDG
expires: Fri, 04 Aug 2023 16:57:34 GMT

GET
H2 200 email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1017 B 70ms
62ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 11:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6514177e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BWDqNMmhFt3bjHd4UWmUjPdHtcr8YcY7%2FWAiVsrN6t%2F%2B4I0dn7Ds0SGKQL7TRzGvjvYP1yjDgQBTngYOu4a8KfYvg8xUZqDOPzawuc0EkXmmUgLJ9p1z336jdJQXyDQv6mDTSvk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81024d17ead7017d-CDG
expires: Thu, 05 Oct 2023 04:04:27 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 92ms
90ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742414
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BmO5wa4NQRmngW05i%2BR22qkePp%2FVTVKi222vN37pz1gwA39MNCldaBtMRvNtzG5w2YqvD%2BjKGlrV%2BiEMu51q8yeqScEGNyPYkRMzRlyYA5n62IlazQ%2BzzPV9T%2BnhQmTCipn94zY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d18ab63017d-CDG
expires: Fri, 04 Aug 2023 16:57:33 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1 KB 91ms
90ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742408
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDQ4O9qs4eEhEqZfIkgQcwoZJYrmGYMPibhG3F5jXwg70oZ0W30WFC2I525TtxdxJzPD%2FXJ8XlulxYvOsCWvPM9whfKRQg7eJshZItEm%2FGAnCD%2BZYaoqPBryjRr9PP%2B%2Bwepk2SbQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d18ab64017d-CDG
expires: Fri, 04 Aug 2023 16:57:39 GMT

GET _dmca_premi_badge_4.png
images.dmca.com/Badges/ 0
0

GET
H2 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 90ms
89ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742403
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BcAMFSWWwIs4n9iNbCBXwiOWXzMPUmKQvESAyRlgU5f0247vVaaVy4%2Bv7WuDAT9SZTLGVqcO2ypRChPpf0sd24kXAgS0pP4IqCib5N2qusS0HeegtIKZc64XEo9yHswklInW4mk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d18ab65017d-CDG
expires: Fri, 04 Aug 2023 16:57:44 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 96ms
96ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5744376
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWdmKKvkTo%2BZJ16WPuQ94qYhSSHIrNatdEuggGT7jBF%2B5w%2FaKJXr0BpRxWJhoNmAv8LZLRnCmroHgFg%2BwEOotkVeZTCJykVEFfWUvPIP2a6Fm9vEuGu6dREuZkLrvB0UHU%2FmmFQa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d18ab66017d-CDG
expires: Fri, 04 Aug 2023 16:24:51 GMT

GET
H2 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 84ms
83ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 289
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhNSEai1hInwsNOZ3XOPA0goqDQKEPnEwISDInHP1rDMXI7exLvRrJrBHAV6N5telFOmE%2Fsvhm1xL9e4pmUw7ZV2YCVlb29PY5L%2BO%2FRlE518fsHLO36dXy3bsu4n82OLgOs00tEV"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81024d18ab67017d-CDG
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 89ms
89ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 271
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKa4hpFpYUudXVTSJmPjtVUn8eVDK%2BvsOQk4A5Q6Qr4HyxK1kgQVkAKHpwwqNyyTzgiVvH%2FhA4%2BKngC6hodEzrJSKgyt%2Bn3rJJ1p64DMqUiLi0uL6T7yG4fnKCNGyWrN3qc8TPVX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81024d18ab68017d-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H2 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 85ms
85ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2710
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6c1J264hgyd6K4zz38SmzZlQM3X0AP4eu0TMIxFSDlqZH0uQUhHYdU41QbDcGfL9263jlhsxYIduNkxq6ZBx3un8bQusrSKOY9v2lphK%2B2n1%2BzLGssyPZY8dr2h%2F5QkrY5ihPH7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 81024d18ab69017d-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H/1.1 200
OK Primary Request file.php Show response
www.babup.com/ 23 KB
7 KB 259ms
100ms Document
text/html 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/file.php?get=hmykm7fbfpim
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 , France, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips / PHP/7.2.34
Resource Hash: e2f915e28e856c0a2a9171d34d9a9c37d74f18db3f08fd20f38655954c6c403f

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6845
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Oct 2023 04:04:27 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.2.34

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 546ms
110ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b9212d88152be18cbe843894abae57f5c7623194b6f71cbb165901224aff4568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50792
x-xss-protection: 0
server: cafe
etag: 11364456689132369254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:28 GMT

GET
H/1.1 200
OK blockadblock.js Show response
www.babup.com/ 7 KB
2 KB 71ms
70ms Script
application/javascript 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/blockadblock.js
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 , France, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips /
Resource Hash: 7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=hmykm7fbfpim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:11:48 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
ETag: "1b23-6038039110a59-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1948

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 509ms
72ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8bfdee05f39010efb0e0510f5f5fd4134e3e17de41d04e7708af86f3635691b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68953
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 04:04:28 GMT

GET
H2

200

app.css
www.file-upload.org/mngez/css/
Redirect Chain

https://www.file-upload.com/mngez/css/app.css?v=1
https://www.file-upload.org/mngez/css/app.css?v=1

247 KB
41 KB

71ms
70ms

Stylesheet
text/css

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358039
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teOdXEwKtA7bg4RdJOprVnZWnMIq77p6ap%2BCoDrUbxmLdschJZoVG1QQfUNBd%2FGh63PmKo9GBNSB9IBK9kXC1bhdTcQLVMvkp3d55PxNJBL4jQ%2BjrogHF3hutzljjwvhW65SWKaM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 81024d1aec90017d-CDG
expires: Sat, 30 Sep 2023 00:37:08 GMT

Redirect headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 690
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oMupEdUHZclR%2B2bXYXxhDwnrTerSgVSXroGrU1npFazfglSZE02YzASMUUAA7pZ5m1uOzkUJ6jWRpHsmk%2BODj5m%2Bgg%2FAV8CJeYddcJqu%2FlpdukMM8NQNgpQaBJWdTjqCCguYIdF"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/css/app.css?v=1
cache-control: max-age=31536000
cf-ray: 81024d1a7b56d63a-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 890ms
159ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

5a4d307fe75c54e535a5edcfd0a2d36758cd634b46b6f13cabf0ec0703e18b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 04:04:29 GMT
content-md5: NggRvjEFNEdow3fDHk6JGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86666
x-fb-debug: MAehGygdIXLPgo06VqLBv8GUoE1vOwF8hCwU2MS901MVeAWMdZooWRi8MLgGFVmkIQ+hKmtb2saBJRTTI0Ygmg==
x-fb-content-md5: 3a7dd6e7cd3a7a03568ef977e31587d8
cross-origin-opener-policy: same-origin-allow-popups
etag: "c526a2dd9a563e084270f1d37821cda9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:12:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 501ms
55ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

84fc64a6f959319407ac0c2588a4270c3c904927e3bcecb27f1a2fc374e6e2be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 04:04:28 GMT
content-md5: JC74IynKclzZEi0HQz2+Mw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: NcQsbJEeRAmcRniy5iCNan17kSnnKSdcSngygx5BWjIVIpE5YbMXaqyRgXRNKozA6+XufBtzDxGwvrcOAjG8hw==
x-fb-content-md5: 235fef2965130b9c9bc353cadf29c958
cross-origin-opener-policy: same-origin-allow-popups
etag: "76e0779a655c5f937d1b6c7193fba322"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:08:22 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 489ms
53ms Script
text/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 03:19:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2669
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 03 Oct 2023 05:19:59 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2

200

app.js Show response
www.file-upload.org/mngez/js/
Redirect Chain

https://www.file-upload.com/mngez/js/app.js?v=20
https://www.file-upload.org/mngez/js/app.js?v=20

235 KB
80 KB

84ms
84ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1PD8w00K39kNw0REG%2B%2FtxPcVZYdAa7BbXCIa38PvNZb%2BfyHGNN4iiMQkZ6GItgxpouWovO84sAQKD0mY%2BfLr95a8mo7djV%2BxheHcVsdesdZUNxI%2Bu0WBKXKqHEvHwYa486dU8Xt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 81024d1aec91017d-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 03 Oct 2023 04:04:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 690
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRw1KreXyJ6HekPtGsMThGkQc7S06eycogQTR7vnvTsRVrPCqw4CmQZpq2b5RpPD%2Fd9R61D780uSVDPfri13DrBo5XmIw0X2eMNv7i523%2BTZoRU6RJGJQF7URYcGxEYBG8jhe0AF"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/js/app.js?v=20
cache-control: max-age=31536000
cf-ray: 81024d1a7b58d63a-CDG
alt-svc: h3=":443"; ma=86400

GET
H2

200

logo_new.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/logo_new.png
https://www.file-upload.org/assets/images/logo_new.png

3 KB
3 KB

72ms
72ms

Image
image/png

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742414
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8ap6m8prYAXsPOcPt8fdGAdOrrjFEFyztApHFUqrrwZRh46bzGTqnnb9i2uSPS47ARhr%2BKc2J8m3Xfz6fO1g4bf06A78rwaf98wO%2F%2Fo%2BIrOGGQLQYYw9J7mTT6s%2FtIwBY5kyB8G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d1e8e86017d-CDG
expires: Fri, 04 Aug 2023 16:57:34 GMT

Redirect headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYiKYlz34D9rsNjMShExmKUbIEpo6%2F0Yzvi%2BH6IqCF0eKLH94h0DOfbsP8dyQJPcbA%2B%2BB%2BtOY7OzRVbxL7V66AosMa3W636UOPxh97vf7n21imF6xixNUUEbOm7bBMSpviRvqx69"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/logo_new.png
cache-control: max-age=31536000
cf-ray: 81024d1dc85a2a5f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 498ms
52ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Oct 2024 20:17:32 GMT

GET
H2

200

anti1.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti1.png
https://www.file-upload.org/mngez/images/anti1.png

19 KB
19 KB

144ms
143ms

Image
image/png

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742415
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqUZmTM%2BxjQQGYyVKtOUhnF9CNE3g%2Bqt2GFdx4ZHRiu6vxN6VoRXfWIeSsvVpxjFe7uqTSeMrkANMSTjttUpOPG%2BFl0XL793Pm1S4OKdvc9afImvmHzuJbrYfz0%2FGf4EzkRmulq5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d1eceaa017d-CDG
expires: Fri, 04 Aug 2023 16:57:33 GMT

Redirect headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFrHjAkghxNA%2FOZtzW1V%2FXpQdeOGWwnR9ckBozhZC9pYVrT6rCwDnxRVwbySijOdQ%2F9c39xyvAgYhHiQ3T99quamufhmwrYy020ed44ZtEeT5Q6n3aZOPv9ox71%2B1jbNhGqmElle"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti1.png
cache-control: max-age=31536000
cf-ray: 81024d1dc85b2a5f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2

200

anti2.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti2.png
https://www.file-upload.org/mngez/images/anti2.png

641 B
968 B

145ms
145ms

Image
image/png

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742409
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TkIVPTqULWDVlZwJ%2FuYiGC68%2FbqqIo2Z3qQnxOQEHhB1EGVsEnvB4GahYz%2FZ9xZ25qsNRHmVyeZei6Jv8z%2FdntXuMGWfUBg0XLm91tQE2tEIwoQEQTmNPYWFMc8VWdQGwcd%2FJ6p"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d1ecea9017d-CDG
expires: Fri, 04 Aug 2023 16:57:39 GMT

Redirect headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb5n5u2cjZnrGxyERw6G1aVizSy0wyQ9aN83Z1jUoBxMoTbw7ubB79Csl0jPn5CQzjM2yzAz0TEBKzgeMoQfdqrORmZUv1MZ%2F37A4qBmZ%2BeF4vm7oYhpFpFrFSt29LAS8WmandtZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti2.png
cache-control: max-age=31536000
cf-ray: 81024d1dc85c2a5f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 66ms
64ms Image
image/png 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 053789ae21a3b248ca990842dc810b1c
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

norton.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/norton.png
https://www.file-upload.org/assets/images/norton.png

5 KB
5 KB

142ms
141ms

Image
image/png

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5742404
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfWoSpIxR63k7zoONzgHK%2F85Gg8Y7yTkoyInjLDLdNMF3gGJlyrFvpgcnhujz1CZkaJeRqpqvA1XbxpiqMxqLypneAL1lqVMdwC6gtSQO5EdKiu6rEF%2FNO9wA97bvLcdu5vnuqMY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d1eceab017d-CDG
expires: Fri, 04 Aug 2023 16:57:44 GMT

Redirect headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaCLVxk2gCa2S4oDzAyQh8Na%2FRm3m5b0HCxBeXcEOodcbDH1vnSYZBr7hfvrnTY5Qo341dS354NzrD5iez1TNeawnuTR8UOqwH6Rdxd0w2frgiqHkOI0mA1lLeM6PpGH88R8WhI%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/norton.png
cache-control: max-age=31536000
cf-ray: 81024d1dc85d2a5f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
87 KB 822ms
92ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b9349b299ffc62aeec04a1bb4a9f785f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

63925079c67f38cdfaf0579f822d3b8a2d8ce6f283bee892c6257c875ca78004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 04:04:29 GMT
content-md5: J5ev4Faa4Tfg+AWfx+DNXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88120
x-fb-debug: lx+3nnoqzfpZId4XI3ThZcMIIngnwVzqRBFgsESxc6A7e7CCtFYLhQHiu70ysn5tu1yIHLE/HEALvGEFm5K/Pg==
x-fb-content-md5: 28810e4fbb69dd30087effcb0cbef2f7
cross-origin-opener-policy: same-origin-allow-popups
etag: "30cbb596b6ff0c7cb70e35ed1706ded8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 02 Oct 2024 03:28:21 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 82ms
75ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5744377
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQlwZPBEePcjqrwd%2BpQ8uQ18byy5rbjpCkcMWDTc2DFSzKnomlr3WHcfoobx%2BezlUP%2B0K4tOTa5lsc8wfRuqhoW8%2BXLlbY5gwXnfe98WOii%2B8fYcYh%2FaYQj1eT6JFNePHw0qFqF1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d1dee28017d-CDG
expires: Fri, 04 Aug 2023 16:24:51 GMT

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 378 KB
129 KB 816ms
80ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

07c64250a1e199658568bde49cfcba56c06ccdec50a9eda36a873f2d4a7639ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131216
x-xss-protection: 0
server: cafe
etag: 5197809471964122142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame 4473 10 KB
5 KB 524ms
81ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 76155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 06:55:14 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 06:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 71ms
70ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7beec70405f8936ba7910c2160926920ab158b324b19eb7833d59e91d3fe931f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 04:04:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 538ms
92ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 03:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 03 Oct 2023 05:44:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 517ms
67ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je39r0&_p=1336695802&cid=136624027.1696305869&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696305869&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 92ms
91ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390086
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BQMGutqlgI56uJ4ri%2BgdUfkHOZCV9i9SipIEcY2qMQGZ7c%2FvedpX3Ng5MZEJPgCsG84fMVfjie3Zq2KMsNusUpZUcKpEoL5C3tW9QMM6HYtyuC8jLU1GF9LMnahzxjHtIQRp1sH"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d232a60f164-CDG

GET
H2 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 83ms
83ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390086
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oLgBruFhlFBwFDnaVjuFqsWyc3pQr2ZGn0s2LE4E9mlr28uGPpGZjHXgKf1wlbqss%2BzuxTBdO5Nl8qRogq%2FHnM9fM44oS%2FHbTfRObwmCcEwJAnLkaRJF%2BgLI4PrXp9lSbYgzeNU"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d232a61f164-CDG

GET
H2 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 61ms
60ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 390086
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FD%2B3X2%2FW52XgtEUur1cH8F3pU1LzQVJ8yx68y6rVUIa1RRpIM1K9SR%2BUeFeXhbGU%2FEhde0HTbJxoo%2BiykzsCsKjDauoYoG8x5PeZcrFDPaQ1DU5l1kRVqXvnwySd4cXu%2F6Ir53v"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 81024d235a82f164-CDG

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
598 B 529ms
63ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.babup.com&callback=_gfp_s_&client=ca-pub-9176521898341909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

33404d6d265a04c06d053e40cf64fc2514de87cfe41c9546c4af2cd745a32d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DAC 347 KB
64 KB 1241ms
1240ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1696298669&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868492&bpp=10&bdt=608&idt=941&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2292733678478&frm=20&pv=2&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=980

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

00d3e56b3dcd59dab2582213942d6d38eb138538ebbe56b69cef9bd896aa0d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 65555
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:30 GMT
expires: Tue, 03 Oct 2023 04:04:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ECE8 141 KB
44 KB 554ms
554ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b5a598392e68f988c7745f10aff043418156b4f27a73fb571aeb2e9f91177822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44681
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:30 GMT
expires: Tue, 03 Oct 2023 04:04:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4AF2 117 KB
41 KB 446ms
445ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

567679aa7221a83c72738952e1071134e34fb69cc46961e677dd9b585a506c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:29 GMT
expires: Tue, 03 Oct 2023 04:04:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E713 143 KB
44 KB 358ms
357ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868936&bpp=1&bdt=1053&idt=605&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ZBoGSzyeyf&p=https%3A//www.babup.com&dtd=610

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

14eea0640f2efc02ead3951f31ebf1d556d0b18071e52d95db75c86c08cfae6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45048
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:29 GMT
expires: Tue, 03 Oct 2023 04:04:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 65ms
64ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1336695802&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1751660998&gjid=1973431351&cid=136624027.1696305869&tid=UA-119779859-1&_gid=231849049.1696305870&_r=1&gtm=457e39r0&jsscut=1&z=1200714407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E713 14 KB
1 KB 510ms
66ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868936&bpp=1&bdt=1053&idt=605&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ZBoGSzyeyf&p=https%3A//www.babup.com&dtd=610

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 04:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 02:31:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 04:04:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame E713 23 KB
9 KB 780ms
317ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E713 3 KB
1 KB 778ms
316ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E713 20 KB
8 KB 751ms
289ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E713 187 KB
59 KB 747ms
307ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:30 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame E713 36 KB
15 KB 514ms
53ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H2 200 data=GyIxJEra0rPSe4c_mP_A4QM308jFdefm1oVsLctfiehRmfDpgNWofE00BYqJm_ORFGQwthKqU2Z5X9L49-LEZA
mts0.google.com/vt/ Frame E713 42 KB
43 KB 772ms
273ms Image
image/png 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=GyIxJEra0rPSe4c_mP_A4QM308jFdefm1oVsLctfiehRmfDpgNWofE00BYqJm_ORFGQwthKqU2Z5X9L49-LEZA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

486fd7073b5fa87ea58d93c5331de184deeac3e34bd855027bca7b912244f57f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:30 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43482
x-xss-protection: 0
x-server-version-bin: CggIBBDd6+moBg==
server: scaffolding on HTTPServer2
etag: 042a48c57d91136ed
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Tue, 03 Oct 2023 05:04:30 GMT

GET
DATA 200
OK truncated
/ Frame E713 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E713 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E713 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E713 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 4AF2 15 KB
1 KB 433ms
67ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 04:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 02:43:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 04:04:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 4AF2 23 KB
9 KB 758ms
345ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 4AF2 3 KB
1 KB 309ms
309ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 4AF2 20 KB
8 KB 705ms
293ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AF2 187 KB
59 KB 766ms
374ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:30 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 4AF2 36 KB
15 KB 298ms
298ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ECE8 14 KB
2 KB 341ms
66ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 04:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 02:50:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 04:04:30 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame ECE8 2 KB
945 B 674ms
344ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame ECE8 23 KB
9 KB 639ms
342ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame ECE8 3 KB
1 KB 639ms
343ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame ECE8 20 KB
8 KB 595ms
300ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37868
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECE8 187 KB
59 KB 633ms
359ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:30 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame ECE8 36 KB
15 KB 628ms
334ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H2 200 data=8j7op-oXuYcToYCrq1DSmfRtcZahF7BKE9HVj7MJ7uJvlUmCRFQ1ho62WEmTNRMUpTFcZDXz_doFixqqlR4bQQ
mts0.google.com/vt/ Frame ECE8 24 KB
24 KB 608ms
272ms Image
image/png 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=8j7op-oXuYcToYCrq1DSmfRtcZahF7BKE9HVj7MJ7uJvlUmCRFQ1ho62WEmTNRMUpTFcZDXz_doFixqqlR4bQQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d4faa01c23a4b4377d9f1bcccf552794d1b6eac54ebf3bdf22cdcb78542cc3fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:30 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=60
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24297
x-xss-protection: 0
x-server-version-bin: CggIBBDd6+moBg==
server: scaffolding on HTTPServer2
etag: 0a4cef3718d969c11
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Tue, 03 Oct 2023 05:04:30 GMT

GET
DATA 200
OK truncated
/ Frame ECE8 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ECE8 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ECE8 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ECE8 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E713 33 KB
34 KB 569ms
80ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 255629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 05:04:01 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11595174803001446317/ Frame 4AF2 54 KB
55 KB 300ms
300ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11595174803001446317/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

c2c4e74f341782ce2930854ade9b369b998b3b4bf3fc5ca8ae14dd540d1decee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55566
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 08:15:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 04:04:30 GMT

GET
DATA 200
OK truncated
/ Frame 4AF2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4AF2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4AF2 33 KB
33 KB 561ms
107ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 255629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 05:04:01 GMT

GET
DATA 200
OK truncated
/ Frame ECE8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df0099ecbfdbe460edff9c3d4c4c424dc7eacaf662628a9ae489c28db359034f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4AF2 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ee17e2c291ee14aab62c46d3a894f8b20f63e583f1915afe812ce1f8372fbb2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E713 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7080236ace3e780f1dcc51f6ef9527cec440cb50b86f4d90bde61c11afd14619

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 154 KB
53 KB 96ms
95ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b39cbeef69e037fa74281164331bf384600f0b62afd1f08219ac67f7c9776010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53737
x-xss-protection: 0
server: cafe
etag: 5832602844110482199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:31 GMT

GET
H2 200 ca-pub-9176521898341909 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 549ms
100ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9176521898341909?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

bff8728b070bdc95f1db6b1e922b3fd9a536a73314cc1d9a73a508a96c904848

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-__Pi12j3BM9ICG4dtWIs4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-__Pi12j3BM9ICG4dtWIs4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E713
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfIq_zZIbZdLnJaSV78EPtPCb8A62v7HEcrW92c3rEaClgOyQAhABIIK6uHxg9a37jogEoAHx6cSQKsgBCakCXAK3oBpGsj6oAwHIA8sEqgTbAU_QSqGdtdtwzIuXjYV3q6z8otRJkwGWQs-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1418eba65f1f38c90000000000000000%22,%222%22:%220x267dcc23c3012cdc0000000000000000%22,%223%22:%220x4873e8...

0
0

248ms
93ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1418eba65f1f38c90000000000000000%22,%222%22:%220x267dcc23c3012cdc0000000000000000%22,%223%22:%220x4873e80ee101c3a70000000000000000%22,%224%22:%220x88e50894ac8398cc0000000000000000%22,%225%22:%220xefb4c2da470761740000000000000000%22},%22debug_key%22:%222755256563952766452%22,%22debug_reporting%22:true,%22destination%22:%22https://aquaconceptsarl.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211308971249%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221227716323908066689%22}&andc=true

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1418eba65f1f38c90000000000000000","2":"0x267dcc23c3012cdc0000000000000000","3":"0x4873e80ee101c3a70000000000000000","4":"0x88e50894ac8398cc0000000000000000","5":"0xefb4c2da470761740000000000000000"},"debug_key":"2755256563952766452","debug_reporting":true,"destination":"https://aquaconceptsarl.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11308971249"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"1227716323908066689"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 04:04:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1418eba65f1f38c90000000000000000","2":"0x267dcc23c3012cdc0000000000000000","3":"0x4873e80ee101c3a70000000000000000","4":"0x88e50894ac8398cc0000000000000000","5":"0xefb4c2da470761740000000000000000"},"debug_key":"2755256563952766452","debug_reporting":true,"destination":"https://aquaconceptsarl.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11308971249"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"1227716323908066689"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame ECE8 33 KB
33 KB 53ms
52ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 255630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4AF2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CzMa5zZIbZeCfJKmi78EPp7OBoAiY6oasc7aI7o7aEeq2jPG-ARABIIK6uHxg9a37jogEoAHbsqWUKsgBCakCXAK3oBpGsj6oAwHIA8sEqgTOAU_Q82uDNiKIhy91fzWzxtUE7uuK-PWbk2g...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x449a95ee295f5ab60000000000000000%22,%222%22:%220xdcd296c3f5a7c55c0000000000000000%22,%223%22:%220x56c67e...

0
0

255ms
101ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x449a95ee295f5ab60000000000000000%22,%222%22:%220xdcd296c3f5a7c55c0000000000000000%22,%223%22:%220x56c67e590c03f0dc0000000000000000%22,%224%22:%220xf2b1cbe60d5149a30000000000000000%22,%225%22:%220x3bb7112c1279ad6e0000000000000000%22},%22debug_key%22:%2212288651332000100147%22,%22debug_reporting%22:true,%22destination%22:%22https://viva-health.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211316844891%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217768899152588104449%22}&andc=true

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x449a95ee295f5ab60000000000000000","2":"0xdcd296c3f5a7c55c0000000000000000","3":"0x56c67e590c03f0dc0000000000000000","4":"0xf2b1cbe60d5149a30000000000000000","5":"0x3bb7112c1279ad6e0000000000000000"},"debug_key":"12288651332000100147","debug_reporting":true,"destination":"https://viva-health.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11316844891"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"17768899152588104449"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 04:04:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x449a95ee295f5ab60000000000000000","2":"0xdcd296c3f5a7c55c0000000000000000","3":"0x56c67e590c03f0dc0000000000000000","4":"0xf2b1cbe60d5149a30000000000000000","5":"0x3bb7112c1279ad6e0000000000000000"},"debug_key":"12288651332000100147","debug_reporting":true,"destination":"https://viva-health.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11316844891"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"17768899152588104449"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 23AF 38 KB
15 KB 51ms
50ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 236ms
91ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 04:04:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 04E1 38 KB
15 KB 68ms
68ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868929&bpp=3&bdt=1046&idt=602&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MClBNtzWm9&p=https%3A//www.babup.com&dtd=606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame ECE8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr4wqzZIbZbWAI7-e78EPz66ToAzs8Z_McoGvpsa-EYCLgOyQAhABIIK6uHxg9a37jogEoAGS7fyDKsgBCakCXAK3oBpGsj6oAwHIA8sEqgTRAU_QM-HCZc6e2lGhk2RcmpE6J818t--bobf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3b9c2ee5a54547810000000000000000%22,%222%22:%220xa087e90b9564a18f0000000000000000%22,%223%22:%220x8e1945...

0
0

93ms
93ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3b9c2ee5a54547810000000000000000%22,%222%22:%220xa087e90b9564a18f0000000000000000%22,%223%22:%220x8e1945e695ba66600000000000000000%22,%224%22:%220x15b2f07b1fc6d80000000000000000%22,%225%22:%220x84b8fd7aa4114da60000000000000000%22},%22debug_key%22:%2211021125824997183580%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211282626194%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214528652597517831697%22}&andc=true

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3b9c2ee5a54547810000000000000000","2":"0xa087e90b9564a18f0000000000000000","3":"0x8e1945e695ba66600000000000000000","4":"0x15b2f07b1fc6d80000000000000000","5":"0x84b8fd7aa4114da60000000000000000"},"debug_key":"11021125824997183580","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11282626194"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"14528652597517831697"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 04:04:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3b9c2ee5a54547810000000000000000","2":"0xa087e90b9564a18f0000000000000000","3":"0x8e1945e695ba66600000000000000000","4":"0x15b2f07b1fc6d80000000000000000","5":"0x84b8fd7aa4114da60000000000000000"},"debug_key":"11021125824997183580","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11282626194"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"14528652597517831697"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C42 38 KB
15 KB 57ms
57ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696298669&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305868502&bpp=7&bdt=618&idt=995&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ANOxN8PM0S&p=https%3A//www.babup.com&dtd=1006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 142ms
92ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 04:04:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
80ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 04:04:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD4F 57 KB
20 KB 318ms
317ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

158c68351357af7746b29b2b855b68ca162e7311743b0e9fb536885dc2d0d46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 20355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE46 47 KB
17 KB 398ms
397ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0ae13614a6742dd198741c408a22bb80cfb4f3666b96ee51b837310196c17f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17614
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame C71B 10 KB
4 KB 72ms
71ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 50742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 13:58:49 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 13:58:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame E66D 10 KB
4 KB 64ms
63ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 50743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 13:58:49 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 13:58:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame F524 10 KB
4 KB 78ms
77ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 50743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 13:58:49 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 13:58:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame 5260 10 KB
4 KB 75ms
70ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 50743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 13:58:49 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 13:58:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXx7yjhzk3DtROR-s4ugHKa2NZjNj-XxYEmJBWqO692mlTDW7eCLXCpZwLJ_rC20_EJFxyHTvR21fYoNFbJ9npFs2eMa7uEOfXSUwfgULd1gVyvSl4se2mmY4wP6RENyG7t413h-g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 87ms
86ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXx7yjhzk3DtROR-s4ugHKa2NZjNj-XxYEmJBWqO692mlTDW7eCLXCpZwLJ_rC20_EJFxyHTvR21fYoNFbJ9npFs2eMa7uEOfXSUwfgULd1gVyvSl4se2mmY4wP6RENyG7t413h-g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2MzA1ODcyLDMyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5iYWJ1cC5jb20vIixudWxsLFtbOCwid1A4Y1N2RjFFLTgiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wP8cSvF1E-8.es5.O/d=1/rs=AJlcJMwEaHLLYiQ29fPfcJb4SA_dKK61MA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

2c90600dd6c5920a62651f90422f2819f8ea2ad622d05f94808e12b936182e4f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8SU8pOvbzb5gNTxUHQfQlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8SU8pOvbzb5gNTxUHQfQlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E713 42 B
174 B 108ms
107ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstv4xwTXi81cR9RkYQ8Gp6jXvgnohko9TE4-pJQVtrpq7qXJ491H-9dowWHt_KZMZKdiLwsStK_V2A51qihz2pSVfCSjdlI75I8-7Fx8V1bWxa_jWBBnqA3E9_nmzX1B0LHi-zWM9UkXg&sai=AMfl-YShkPe9ZeYFcnD4UvX258MuF27yUB5urYOcaiAWBcgfSvUvTjkW6FRdV8L3LYpMeAOZxdvHyUFt2WoMf75_xsWGQ39iPX0ZzQe71viQAYsw5lqQKQuidd3vWkMQEkbZ-MapTLrvMFXp5Oyk3A&sig=Cg0ArKJSzCWz6QbC3rBEEAE&cid=CAQSTADICaaN4fEGoA8fHIqQerL7oDYr56VRyDLzZiXIKE-yIGX9WuMPFV3ypZZMr3-3f0mkjXoltAPaDH8MZDPCHBczD9mzf8b62NqQoP8YAQ&id=lidar2&mcvt=1068&p=0,0,280,1110&mtos=0,0,0,1068,1068&tos=0,0,0,1068,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=0.42&if=1&vu=1&app=0&itpl=22&adk=2239653313&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696305869548&rpt=1557&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C71B 4 KB
767 B 72ms
71ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 02:54:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C71B 205 B
519 B 58ms
58ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 21:19:32 GMT
x-content-type-options: nosniff
age: 110700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Sep 2024 21:19:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C71B 604 B
697 B 86ms
86ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 239379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 29 Sep 2024 09:34:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame C71B 15 KB
7 KB 58ms
56ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 23:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 23:06:10 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame C71B 20 KB
8 KB 80ms
79ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 21:52:41 GMT

GET
H2 200 viewability-pixel.js Show response
widgets.outbrain.com/viewability-pixel/ Frame CD87 4 KB
2 KB 230ms
85ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
content-length: 1594
last-modified: Tue, 26 Sep 2023 12:16:31 GMT
server: AkamaiNetStorage
etag: "706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Tue, 03 Oct 2023 08:04:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame CD87 3 KB
1 KB 87ms
86ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame CD87 20 KB
8 KB 78ms
78ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD87 187 KB
59 KB 97ms
97ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H2 200 fe133380e4c5e951e6ed4a79e399b22fbb.gif
zem.outbrainimg.com/p/srv/sha/eb/0a/83/ Frame CD87 49 KB
49 KB 233ms
62ms Image
image/gif 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/eb/0a/83/fe133380e4c5e951e6ed4a79e399b22fbb.gif?w=160&h=600&fit=crop&crop=optimized&q=45

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

650806491a1ea86dabb9619d8f5073a16bb59195991ab6f6ae0a0b668b587339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 412362
x-cache: HIT, MISS, HIT
x-imgix-id: 5f10a107d408b3ad90a577be72f90344828964c8
cross-origin-resource-policy: cross-origin
content-length: 50158
x-served-by: cache-sjc10045-SJC, cache-fra-etou8220092-FRA, cache-fra-eddf8230028-FRA
x-imgix-render-farm: 01.140360
last-modified: Thu, 28 Sep 2023 09:31:50 GMT
server: imgix
x-timer: S1696305873.600842,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 fe133380e4c5e951e6ed4a79e399b22fbb.gif
zem.outbrainimg.com/p/srv/sha/eb/0a/83/ Frame 0FF0 49 KB
49 KB 191ms
62ms Image
image/gif 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/eb/0a/83/fe133380e4c5e951e6ed4a79e399b22fbb.gif?w=160&h=600&fit=crop&crop=optimized&q=45

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

650806491a1ea86dabb9619d8f5073a16bb59195991ab6f6ae0a0b668b587339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 412362
x-cache: HIT, MISS, HIT
x-imgix-id: 5f10a107d408b3ad90a577be72f90344828964c8
cross-origin-resource-policy: cross-origin
content-length: 50158
x-served-by: cache-sjc10045-SJC, cache-fra-etou8220092-FRA, cache-fra-eddf8230028-FRA
x-imgix-render-farm: 01.140360
last-modified: Thu, 28 Sep 2023 09:31:50 GMT
server: imgix
x-timer: S1696305873.600857,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 viewability-pixel.js Show response
widgets.outbrain.com/viewability-pixel/ Frame 0FF0 4 KB
2 KB 171ms
85ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
content-length: 1594
last-modified: Tue, 26 Sep 2023 12:16:31 GMT
server: AkamaiNetStorage
etag: "706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Tue, 03 Oct 2023 08:04:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 0FF0 3 KB
1 KB 51ms
51ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 0FF0 20 KB
8 KB 73ms
72ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FF0 187 KB
59 KB 70ms
69ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 39AC 478 B
242 B 80ms
79ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_OOEvQEwAQ&v=APEucNWgishzZFg-VE1o8e35-FTmtMjWS_MutBVIsSlLLrMEtWlHN-2goRTsRsniyO6lyg_-yq9Bdgg7qlrCx88YcVxno7nKIw

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E5D0 89 KB
31 KB 84ms
83ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame E5D0 2 KB
1 KB 577ms
90ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890745&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iQp161c2crsfIpJ0ItdKxa&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15173373811&DVP_DBM_4=396440060&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 04 Oct 2023 04:04:33 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame E5D0 9 KB
4 KB 577ms
86ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iQp161c2crsfIpJ0ItdKxa&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15173373811&DVP_DBM_4=396440060&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 0900b25347fe8ed7071bceff0d3e3097c06fa5d2d6d8dfd97ec767080a44df63

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 16:23:43 GMT
Server: UploadServer
ETag: "d20aee7a63eeb063341f59e007b47fdb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3640
Expires: Tue, 03 Oct 2023 04:19:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E5D0 3 KB
1 KB 61ms
61ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E5D0 20 KB
8 KB 76ms
76ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5D0 187 KB
59 KB 76ms
76ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D0 42 B
110 B 100ms
100ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWub5cgnTJLSMhF92UDxC8gAzHAnQpmOcj2DQuEp4lCU-2GfzJEf6R7BSv-frO6PKe7pDSG1sawJk5sMeO6qP3ApiVwK7Kn7vS4DW4pr9jTPc7Q8c

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D0 0
121 B 95ms
94ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16791614431275927004&x=1&ct=77

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 434F 89 KB
29 KB 562ms
65ms Script
application/javascript 13.107.213.45

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 16:16:52 GMT
x-azure-ref-originshield: 0wuIaZQAAAAAS6DzBoyyDTIiG3A9W1RP1RlJBMjMxMDUwNDE3MDM1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: QfEVvja98J3suHAdWTgvwQ==
etag: 0x8DBBB8754CA0D88
x-azure-ref: 00ZIbZQAAAABkr1mfTmSGQ7zSQjzIcyYiWlJIRURHRTEzMDcAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 754dd50b-101e-00fa-5b21-f4c1fe000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 434F 80 KB
27 KB 244ms
74ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Wed, 02 Oct 2024 04:04:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 434F 3 KB
1 KB 109ms
98ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 434F 20 KB
8 KB 107ms
97ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 434F 0
0 537ms
82ms Image
text/html 142.250.185.228

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAi6MFBBQmbqgeuativObXd7saEBY445rVUI6m4mHSg1sZvGUaLn_5z4swftZ3f0nJLgtODS-i5nqNqEoPL1hyF9TITQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.228 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 434F 187 KB
59 KB 108ms
100ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 434F
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=77814e86-e855-4e2f-ba38-03307978e361&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4256b880-a061-416d...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=015f2fa89b9a46fcaf977487d551692e&SNR=1&GV=2&med=10

0
546 B

99ms
98ms

Image
text/plain

92.123.104.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=015f2fa89b9a46fcaf977487d551692e&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: H2
Server: 92.123.104.47 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 111B6F09208249FAA6A6A008CA85757C Ref B: FRA31EDGE0719 Ref C: 2023-10-03T04:04:33Z
x-cdn-traceid: 0.afa72917.1696305873.2bf4c53
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 03 Oct 2023 04:04:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F314D07AD5B472DBEF1D0DDCBE79FA5 Ref B: MIL30EDGE0918 Ref C: 2023-10-03T04:04:33Z
x-cdn-traceid: 0.afa72917.1696305873.2bf4aae
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=015f2fa89b9a46fcaf977487d551692e&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AF2 42 B
108 B 107ms
100ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwv4NZnMTvIScWP2EovI1PLCnNj2PIztWX3cMUNQAWGftwe9QmideugomXTmwp3UwBeRkvfYhaNifuY-00yAOqgw9Qm-HvYRBqQcqEV97oGZx-30Y5Ea4ahK79xUX6q3mX8EwuuzE40Q&sai=AMfl-YSpv9HPeyNZHWdiYMErfvDAOEsWTe4NyY_hg1mlbEj0z2BFM-qZs32c2lbgvCXiLxmLjYAtHUpY7gRgc9Ax1NuQ0qUX81R7mx6K9TpSmnfUIneskF76bo2FWXn1RbpJdA1Lnw42Wzt_Xp-OJg&sig=Cg0ArKJSzLDTnLM3pM15EAE&cid=CAQSTADICaaNRp6_ufLaxBut38qbDeuF4wpsQjdT7QZa_RAH_tT4TtSZ59qwidA4pC1-uP71G2jN_RAdtuYYN8MwKXW1bcQM1ougWbjGRNQYAQ&id=lidar2&mcvt=1294&p=0,0,280,1110&mtos=1294,1294,1294,1294,1294&tos=1294,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3654258318&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696305869536&rpt=1835&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ECE8 42 B
108 B 108ms
101ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2YepLjbO-yU-dHboIR9qYt1_AOjAcxhFfy0BXphRmhu8lh3rbpNW2MvQmj0ArblybQZsY5Vk6hyJv5DpwFy4RYu-_YOW21G0AVw_zY57IrVhuBOiJezU81KSgxo1PLr6fUJfHUtylew&sai=AMfl-YQ5LM-lXCjPOXKdnnOBr4b6k14_Iur5ggv08KF0_myN4U59dztC3d0wPCPayom2CFFsUwdaa8ByaO5Af1dOXUReTLG9PoQJKHY-FGhGnJeM2U3XBGak2nQDgrwWZOaDWphS3B9uGud_BMoh_w&sig=Cg0ArKJSzGbmGq3F_p-zEAE&cid=CAQSTADICaaNZCKOI-0gyklBzqUhvyklfU9hl8Hc1ZXFCTOHo9h5OXJTowq2KtNNK0_PdsiTWvQlocowacswFOTZSiUoY-0XbqlVr8_VSCwYAQ&id=lidar2&mcvt=1230&p=0,0,280,1110&mtos=1230,1230,1230,1230,1230&tos=1230,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2300165494&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696305869511&rpt=1958&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxU8tGyN95fsWpJxZVTvCOgt6JtQB42uOMA-vk7VeqtbUKOsfFhvdwdv3eYApCUizXI0tm4KNBpUOIW0xVJ0hK8L2QIXtkiJMB9Bj0ztxrhQtQdkpZBnbRsUSQhdUaQYbi0JXqOxlA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 100ms
98ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU8tGyN95fsWpJxZVTvCOgt6JtQB42uOMA-vk7VeqtbUKOsfFhvdwdv3eYApCUizXI0tm4KNBpUOIW0xVJ0hK8L2QIXtkiJMB9Bj0ztxrhQtQdkpZBnbRsUSQhdUaQYbi0JXqOxlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2MzA1ODcyLDc1NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJhYnVwLmNvbS8iLG51bGwsW1s4LCJ3UDhjU3ZGMUUtOCJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

d2fb8a5895a0b9f97dcf3b5bd5ccb696afd51526f24c6f9be6af716238c7953a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lwqHT5Trrx11maC_FVT0tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lwqHT5Trrx11maC_FVT0tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 39AC 170 B
243 B 249ms
87ms Image
image/png 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_OOEvQEwAQ&v=APEucNWgishzZFg-VE1o8e35-FTmtMjWS_MutBVIsSlLLrMEtWlHN-2goRTsRsniyO6lyg_-yq9Bdgg7qlrCx88YcVxno7nKIw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 39AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1

43 B
340 B

62ms
61ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_OOEvQEwAQ&v=APEucNWgishzZFg-VE1o8e35-FTmtMjWS_MutBVIsSlLLrMEtWlHN-2goRTsRsniyO6lyg_-yq9Bdgg7qlrCx88YcVxno7nKIw
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt1aMyUU99wnUA7jBaPj4T9P0swB148r5Bv4DKkZ5RdA%2Fr7mL%2BED6fBDqovX5h3kNWjgmjZtRjXCFVwoy3%2Br3pU3okDVJEhBx17YiV%2B%2F0jgZFiB5BkKJsAOSi5mT3bG9VsWxLiDzcrS2fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81024d3ba97301f4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 39AC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRuS0de.3dknysOfCHT5vQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1&google_hm=2

43 B
771 B

75ms
74ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_OOEvQEwAQ&v=APEucNWgishzZFg-VE1o8e35-FTmtMjWS_MutBVIsSlLLrMEtWlHN-2goRTsRsniyO6lyg_-yq9Bdgg7qlrCx88YcVxno7nKIw
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD4i1p1DMJe0526l41f8nTjm97IF9kKEbkwHGUOdW%2BNVr9vA5gPYSMnmF1S8zyClalQG4spGxL4aNp7H8Nrxz9ZGiQy3I2ZN3f5p%2FeOS%2BFXEh%2FvworBx5RCAbvVrjYIHi6GwllSXBfZ%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81024d3f6d4a01f4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0-Wof_Rga8Hspc-LM6Rdk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability-pixel.js Show response
widgets.outbrain.com/viewability-pixel/ Frame 5B9A 4 KB
2 KB 56ms
55ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
content-length: 1594
last-modified: Tue, 26 Sep 2023 12:16:31 GMT
server: AkamaiNetStorage
etag: "706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Tue, 03 Oct 2023 08:04:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 5B9A 3 KB
1 KB 87ms
84ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 5B9A 20 KB
8 KB 87ms
85ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B9A 187 KB
59 KB 89ms
86ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:32 GMT

GET
H2 200 15a867ec025c7e2844c9448b525e1e2191.gif
zem.outbrainimg.com/p/srv/sha/c1/73/8e/ Frame 5B9A 49 KB
49 KB 87ms
86ms Image
image/gif 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/c1/73/8e/15a867ec025c7e2844c9448b525e1e2191.gif?w=728&h=90&fit=crop&crop=optimized&q=45

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

dd678b20e4f5d8956974beb4bdeb7a9c0e1e2177fd628deac8eb52c449de6883

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:32 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 412360
x-cache: MISS, MISS, HIT
x-imgix-id: ad65fa7d1894311f20d760ece039146e3d6203d7
cross-origin-resource-policy: cross-origin
content-length: 50421
x-served-by: cache-sjc1000144-SJC, cache-fra-etou8220046-FRA, cache-fra-eddf8230028-FRA
x-imgix-render-farm: 01.140360
last-modified: Thu, 28 Sep 2023 09:31:52 GMT
server: imgix
x-timer: S1696305873.861675,VS0,VE0
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/EHER4IAU7RCVWSI43VJ3YBQ3SFZV76HVJGCL3FTFKUQX3PKKIGHEDK5QW4UIRZTHPNTNCNE34P2ZJUX2NE663NVHH4EL4NCULDIM2YSU3A5VEHA2RGYSFZHVUAQEUTMLHZER4ZQ2ME3KSBAIX56NNXVTSZ6HOV... Frame 5B9A 26 B
151 B 244ms
69ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/EHER4IAU7RCVWSI43VJ3YBQ3SFZV76HVJGCL3FTFKUQX3PKKIGHEDK5QW4UIRZTHPNTNCNE34P2ZJUX2NE663NVHH4EL4NCULDIM2YSU3A5VEHA2RGYSFZHVUAQEUTMLHZER4ZQ2ME3KSBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLAMYTN3L3TLWMZGAYMUCSTZWZU5YMJFHELXT5XUHGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEXAYGJC7JWXQ66CH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:33 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 show_pla
obs.cheqzone.com/ Frame 5B9A 3 KB
3 KB 880ms
183ms Image
image/gif 34.199.234.25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/show_pla?id=93700&ch=%7B%22tag_id%22%3A%222743202993%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.babup.com%22%2C%22z_pub_id%22%3A%22www.babup.com%22%2C%22z_ad_id%22%3A146988680%2C%22ob_publ_id%22%3A{obsectionidorappbundle}%2C%22ob_ad_id%22%3A0%2C%22ssp%22%3A%22googleadx_display%22%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 34.199.234.25 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 04:04:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1623
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D0 0
56 B 86ms
86ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1418986694932&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5D0 0
56 B 85ms
84ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1418986694932&version=m202309260101&ct=77&x=1&cor=16791614431275928000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E5D0 16 KB
12 KB 130ms
126ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGQtWfrakJRK6HbDuwFakTbFf0_N9aMx2ibPgmwB_PFCxYYsBvkr6M9LcrJ_Kdr_d5sjiDh_-7wfSlC3BqQrM1VeXtXgsvtXcAevWZf1C6HTq5JmLM6DRbXzq9MhvZ3wA5vcT60agnmNIC1yVGIP1SL6j_KtpAZZblGPWKCv3wkUbhrD8&cry=1&dbm_d=AKAmf-D_NpQVLZopoxpR0Ez261FigGwSEuFOUF6lDw6PsKPZNcJiS1vrDNmVzOPNkn8Ok_hIcacPOtlzfuP3OpHKifX0m8GDM4C6KdZkfoWMVxlqV4TmAWCr0ZHSM_IktjWndkY76Wefy8AKAiKiZ7dFxzriDIGUsdWJJ3j7YH02X_CFyJvH1aabA03hlkrwTyYzWA4fSNfYlqetSzhF5bFstVniSKGH6Xdy-A29U2xtd_YEj-NfGzaI2Oyj6hOvK2rZPfD4JCFqMQJK89ZqOmlN1RqT13KdP3dnMwj8PqVsM1Lk8ihQrVJeuZ8OPi9BS4YYqhWziSwiVHqRqvwHPKc2vmHZgysrdhnLR1FPm-iqaOzWK-Tblg2_28dzZ8YSXFeavdpVuoyU7w1hxQTMfuC8KP0kSk29Q_Z__Bv_Boe-c7epugJX4XbaGrtJV6jTov7W_lrijzmZh6yRdo8lKi5N4l43yP6-aCwe09j4JVUVHC4yvsQyj8AT2cJjyE-0D_RQnvVDj71gLAsRXVyO-DMQZNUN_-cfJS-LkLZIFfAoQil1xfopWUb767dK_iih8b4ouU2Xv5kvc2qR4v1N1nVGeEe0ds1syxi_YYrh_DZsAdK7FxX743jEC-8X3NXBr7ipUeN9BuoqENCn_-DjOKc81q2mXeMWcPlrt2YaCEsBOlt--43IJm2IWfXU4LrqhzLy9CPqyC8ONI1HyL1GhVNLHsE9pX9ShWb4LE7JsLb2mCO6drmOHLdsdLPgP9YFLB8FhPKPEGS0AV2SCtLxhDBYcttVp45VQVxXUzOCa5h_ZR3Num0ERtd-XmGEcFazvfUUqc1Y6j1V0-fU5TDaiIyJdEuYKzKA6wVHpay6DxbEczKcd7bno6aY-vXNfkYW76aUyFs-1sMb9eTPqdguquBEInaN-uY_D8b-0JawlaIEkoFwppEaP79Y5Z6QiPqOd8W6KF84mHZFa35wJBdVyPSidLDhHn2kmHh-nbRdpWPS9Bw5YZD36aH63XWyUrhECX8kz1D5-1D371LMZ6ScoN_eRwf-Jti7jq7drCBYPh-GIz1QoF9855DuNKqywYxGfvtURkoe3eUILacb_gBGjNbqRPZKI51ry_G5uqAJ2_rUpii7yXOCYVKHZjB74u624MOonaI-R5z2q_IQHrkmBCB7K8bZt6NxJfAOMygpTtFxKK8b5_YYmHWeQupkzaccRsPix0tQjxvmMMYazCv_Tdyo6S00J1pvYPe761MyTKvnLKSa0vKLOcNi8ZWYQBNuj2-oqTp4WAyxM6FSEDs1cLi3-Mzg2Z2ngM8c9GitmOHjphBn4MksGZW4L_2z23ojOnNDlh_7W8oZqPGW91_90xEhIjf4I2rP-49xyJoVt6tHBGNZy3KQd_fvGi279GeUMkAD3BoO1yZYAQvi3NPfQYA_Dd4SOoHc39ASV2VzEINvMWHOQ5wQBUIjR6MqQ89hFfK834Es7MHhgpqfI3m0TgnnpI7N6_K6dyFJhMDnEeuAFfgP9hWmlNWrN-JDmq7b8TaaZDP1T4MzbqLjcJwShEfGzexzuOT3TikLih71uK_P0qUE0TxJJ49AF0sudxwdsUh3BKzoiheAWwLmWvtNbtqL-uRSP1mFOU8mSR_jguur9UYn0yxwoWePVm_-2f0-9Jk88F95q9PtUkVwfTf3w0qumKJ8u8fs_5uaVkaeAu5NHUXwudDYiFxmCDBg1XCVurX2_neT0oA9LihgsF7p5rM8PSP6Hg3Av9oprAVBgZ5P0epn3SI2kYKJYVMkxKNJk0InSZlX-9ZnoyvApoAtiBSPtBnGgtmXYWng4ZwTe4ur8Lk6wy56eWEjzDwaFHshIeN4lllCEK2nEuoSIKqv1c3JczNsTDcsZfpbwnR5x5NHW1YQsFhrMcNphFVoDhfjF_d9mt-HT3Nxy99ga1R9UQfOtuWKXksamDuiv1zQh-mE05VkUYFlgVY4HVA3tdHqrNtYqAs4doLd1gNF3JSl5dYRa51EHE5pdz3-e_2JY9UFnAKAP6pAX4AdlcK8z4kqYDeuh9TQtwUHURUzhm-MSBAHewTM1V-URBpjCedb_vLXIsh92FOQD5cb9elPRGQx9QVghv0knK17rfzavXHFVnrauNcnk2gXYVPAeBCjvMjyvK1DRsly7KznKwqnfo7Y2asUBA6CeHD8-QU-RbwcHbk4GBoUqalv2OHkIOm07oVhcA9UaUXJ5tBLWrJedcchpvgAWI_mGTAFJjMuyXAsWok1TudZGHwNv9E1mc43W8mucsEsw0Sb1WJ9QOBuYnl59SMF_pFoaBtLViLMx6DfIm6B2S5FoxlDVFOThnbNjAymVxONXVbQYeUVk2yuFWhldox56gSP6D0nFtKGFgNuCMLOuDStzj4jJyBGEHn241XOMnwHDr9E6-OhPuL0dZYpCtEsfFklMaw8EvQHwRhvqZZdYY7xX-GaRXfaCktSuwaTDVm0Vb7rTy2OBbDHnHB8C4_4Rr1ADYjFc795DCm-4vpZdtx2JbFVDnAsITasrkeZaYlmFO36aHACQ0kKLfZTHIyds4EV94EW3Qylt9MOs2tjWyiQFLaFpHnHhzJ7IF55hIRe4CxyRiVXhrFNyRkqhdkqidTf8tDcfCyO95LnWACDcsAJMZA-03JG1VtnJ9RFOfQVHO8yw50w0aUaHT1dldQJgwbG1Jsx4CvoXQF7fjbO0_rGeFnqAPFPakpHk2vquOKHddEr8Asd5rmvgbi7XJvfcAFXW5AWHOHRO2YVGJBqrsQ6B0vpPkLdY1qVsWRQEF_qkAD3rxfofDwnyxMguAY2C_qQGe9BFvjUA8bdK1Ai4NcUq48fjTiR_xuRhwLo2YmN7K8Nswgwfp3kySLG0eQ-_jQll_m7DpoZXCkHPVPo8MLwOLl92quLdGDn_u5x0C3gZ-DVgsto-su9W0cT7E_qMLvegiKKncNKRsaTutDYlb6DqeLUxnBQD3WlOs4nhOWhtkkJl_5QBHQvQVVUzCDlOmcs_0kozUEd762o0IuMVecE09hom0NSbPRo_ciIgmUZRUN-IsvBR_WrN2LZYTzVU_p_4KozzzQ9p_PAHczJ6AMHseylPOIVGPc4DfXWnF-CDHsLjA-0hobFHvXWXvc0RKvqF83Xw7JU6fvDMxp3I6EqRtxFhAOKF4MTcSpsxlkHE4s25B7f0JAGAe0yLL4AIs9Q58jSXBjFbaja-5peXzRqS0gVkLS9hNSCzMSFs-S3J4J4yYnjtgiPU17L9Keo_3t9qfP_IoNWIYSdG1pM-14EZCQpXAPTkWw1R96GMRvwVR2AVzdfvaBhnOh6agb4dWWhB-0TblSQtYGVkxieOudpVOTaRWxJLQu9EW9yiIU4GbGR4xUcO4TMs8-MXlxM95S46VTgrjMp-ojJ033i-LEiO45zuGBEiZXYOTDabk6Dt4OO1PTQziBBphnVQ0QE0OkDUMIv8bNEDkKtEj237Sjy-ngXDaS1qqKQ2AnW4YQR6ByN5rTF4bErTEIZZ84uyX7POqSU-nxG4rn5MndsfSmu_nf0Htgir4zL9Z3-yJuv_0dMDvhZzC6MqfELr0wKwal7rwy5v2o8G--RDvUvnBjf6ZsPAeUT3AoF757II6m7h4EcCdrj0lpPJjRED0xCXbDccJH17zrZea0R2LufcXyEwikPdE5APq9NH__VUOBEh9DgMf9H_M71r2_lUbpwNi-XpHz7Lh35OUwyK9ZNFBVynA0GQQV5plNY1AxJKVaWIVuWOtsUfSqy223OhnO87gP5HaYn&cid=CAQSTADICaaNhZNH7owrDdrh1vtJ4y7QjJZ4v_PDKc4pDfPfabjMdKNpPuLcaznxuclywpmgyTBu2GNL4vB8udVQxXJPV5amO3DmtdKuOOEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=16791614431275928000&adk=1405019969&idt=95&cac=0&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bc6de1aaf4d0d6db87b79404f3982a906091f790920d5965a0ba1602a88ecb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2ECD 15 KB
1 KB 66ms
65ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 04:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 02:07:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 04:04:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 2ECD 23 KB
9 KB 55ms
54ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 2ECD 3 KB
1 KB 73ms
66ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 2ECD 20 KB
8 KB 65ms
50ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2ECD 187 KB
59 KB 84ms
69ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:04:33 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 2ECD 36 KB
15 KB 70ms
55ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 92BC 1 KB
758 B 62ms
54ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 19703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B9A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 199a882d06f39644c2c8f29b6dcf69fbd3094845637c923d732077ccb12e47b1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5B9A 0
56 B 100ms
99ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNT-Hz5IbZZ67OszQ6wSI5JS4BNesnIJuyur8vP0QwI23ARABIABg9a37jogEggEXY2EtcHViLTkxNzY1MjE4OTgzNDE5MDnIAQmoAwHIAwKqBLYBT9A2V8SOoktrP5pG_7RKxkc4nIjJ_dZ8EKlxovl0h6Lj-uF0l4MvHgXmRgqyWL5q_pV4D7dUQVDiZHM1WzNLAO19Ywx4s-519LrfZQyHKhpvGz28b_ipxCNR77Vrup3mZjTkZ20Z36IDoLaaoW4fC-QQnltMmvN_F6lwdM8oZcpY0s1-GfWTsTsxxDjyWw0qZe2dH2yhDPJoeNkkMPOVpxEH_G8OQ9OWtQUxWlWr6jNHjjQJSs2ABtbp-8mC9428sgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=nFmULcgWlgw&uach_m=[UACH]&cid=CAQSPADICaaNRgBzLd4GNbnyCzowPgD1k11eWC8UCOCupdRpAf6xWSQCTnXwZAxz1O_dPmESr3-mUzYmm1kwpBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/f4d2a62c-61a1-11ee-87c6-8bf6c7f2fe12/ZRuSzwAOnZ4KmuhMAAUyCErfa-VkarQ4b-FfLg/HEI7SULS2M5HPSTIGUC6CNBYOCLUGNUXYPSSCZ3ZXE5Q6NQFDHKS2UQ4W5A3VD3PNJE7U7H... Frame 5B9A 0
99 B 243ms
84ms Image
text/plain 213.227.153.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f4d2a62c-61a1-11ee-87c6-8bf6c7f2fe12/ZRuSzwAOnZ4KmuhMAAUyCErfa-VkarQ4b-FfLg/HEI7SULS2M5HPSTIGUC6CNBYOCLUGNUXYPSSCZ3ZXE5Q6NQFDHKS2UQ4W5A3VD3PNJE7U7HWUH4Y3643S3WE5FCTGXHNMDJTTW3YFC36CPX764KCQCM5GE5UMBWS3CVFMYDAONNEYT2WHQPGBHU54BYTLZDC2EOX6BKMQFBCY3NXO24RFZIZMGPS4YM65JQTHUBL2GDG42WWDFTHI4UX6COCPNMSS5U5Z7GWZXZ3FRDZ4OMIFZGHYOQTNKSUVFDVTRZAIT2KY27K6MJQBFBZK3J7SP2P2B2BVCHBAJYHBZWU6APRYI54RGS4R4AFOHBJMQNRA5LAW3AJYLZ7VR7YRPE74MRUEZGZZI56KCEZKN4GUZY4T2PHD3VTR4DMU5BA74R2N72C5VXEB55DGOPG7VRTSAKQWOAUVYGO5MNCSZVAYDHBHYNF27QVRK57YADTMN553HWY3O3QZY54VNQQY2LL7QNGGIVJVI7W7RLHPQAF47YBEAWDFU2P5AQE3DJX/?&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 03 Oct 2023 04:04:33 GMT
Content-Length: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E5D0 41 KB
14 KB 58ms
57ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGQtWfrakJRK6HbDuwFakTbFf0_N9aMx2ibPgmwB_PFCxYYsBvkr6M9LcrJ_Kdr_d5sjiDh_-7wfSlC3BqQrM1VeXtXgsvtXcAevWZf1C6HTq5JmLM6DRbXzq9MhvZ3wA5vcT60agnmNIC1yVGIP1SL6j_KtpAZZblGPWKCv3wkUbhrD8&cry=1&dbm_d=AKAmf-D_NpQVLZopoxpR0Ez261FigGwSEuFOUF6lDw6PsKPZNcJiS1vrDNmVzOPNkn8Ok_hIcacPOtlzfuP3OpHKifX0m8GDM4C6KdZkfoWMVxlqV4TmAWCr0ZHSM_IktjWndkY76Wefy8AKAiKiZ7dFxzriDIGUsdWJJ3j7YH02X_CFyJvH1aabA03hlkrwTyYzWA4fSNfYlqetSzhF5bFstVniSKGH6Xdy-A29U2xtd_YEj-NfGzaI2Oyj6hOvK2rZPfD4JCFqMQJK89ZqOmlN1RqT13KdP3dnMwj8PqVsM1Lk8ihQrVJeuZ8OPi9BS4YYqhWziSwiVHqRqvwHPKc2vmHZgysrdhnLR1FPm-iqaOzWK-Tblg2_28dzZ8YSXFeavdpVuoyU7w1hxQTMfuC8KP0kSk29Q_Z__Bv_Boe-c7epugJX4XbaGrtJV6jTov7W_lrijzmZh6yRdo8lKi5N4l43yP6-aCwe09j4JVUVHC4yvsQyj8AT2cJjyE-0D_RQnvVDj71gLAsRXVyO-DMQZNUN_-cfJS-LkLZIFfAoQil1xfopWUb767dK_iih8b4ouU2Xv5kvc2qR4v1N1nVGeEe0ds1syxi_YYrh_DZsAdK7FxX743jEC-8X3NXBr7ipUeN9BuoqENCn_-DjOKc81q2mXeMWcPlrt2YaCEsBOlt--43IJm2IWfXU4LrqhzLy9CPqyC8ONI1HyL1GhVNLHsE9pX9ShWb4LE7JsLb2mCO6drmOHLdsdLPgP9YFLB8FhPKPEGS0AV2SCtLxhDBYcttVp45VQVxXUzOCa5h_ZR3Num0ERtd-XmGEcFazvfUUqc1Y6j1V0-fU5TDaiIyJdEuYKzKA6wVHpay6DxbEczKcd7bno6aY-vXNfkYW76aUyFs-1sMb9eTPqdguquBEInaN-uY_D8b-0JawlaIEkoFwppEaP79Y5Z6QiPqOd8W6KF84mHZFa35wJBdVyPSidLDhHn2kmHh-nbRdpWPS9Bw5YZD36aH63XWyUrhECX8kz1D5-1D371LMZ6ScoN_eRwf-Jti7jq7drCBYPh-GIz1QoF9855DuNKqywYxGfvtURkoe3eUILacb_gBGjNbqRPZKI51ry_G5uqAJ2_rUpii7yXOCYVKHZjB74u624MOonaI-R5z2q_IQHrkmBCB7K8bZt6NxJfAOMygpTtFxKK8b5_YYmHWeQupkzaccRsPix0tQjxvmMMYazCv_Tdyo6S00J1pvYPe761MyTKvnLKSa0vKLOcNi8ZWYQBNuj2-oqTp4WAyxM6FSEDs1cLi3-Mzg2Z2ngM8c9GitmOHjphBn4MksGZW4L_2z23ojOnNDlh_7W8oZqPGW91_90xEhIjf4I2rP-49xyJoVt6tHBGNZy3KQd_fvGi279GeUMkAD3BoO1yZYAQvi3NPfQYA_Dd4SOoHc39ASV2VzEINvMWHOQ5wQBUIjR6MqQ89hFfK834Es7MHhgpqfI3m0TgnnpI7N6_K6dyFJhMDnEeuAFfgP9hWmlNWrN-JDmq7b8TaaZDP1T4MzbqLjcJwShEfGzexzuOT3TikLih71uK_P0qUE0TxJJ49AF0sudxwdsUh3BKzoiheAWwLmWvtNbtqL-uRSP1mFOU8mSR_jguur9UYn0yxwoWePVm_-2f0-9Jk88F95q9PtUkVwfTf3w0qumKJ8u8fs_5uaVkaeAu5NHUXwudDYiFxmCDBg1XCVurX2_neT0oA9LihgsF7p5rM8PSP6Hg3Av9oprAVBgZ5P0epn3SI2kYKJYVMkxKNJk0InSZlX-9ZnoyvApoAtiBSPtBnGgtmXYWng4ZwTe4ur8Lk6wy56eWEjzDwaFHshIeN4lllCEK2nEuoSIKqv1c3JczNsTDcsZfpbwnR5x5NHW1YQsFhrMcNphFVoDhfjF_d9mt-HT3Nxy99ga1R9UQfOtuWKXksamDuiv1zQh-mE05VkUYFlgVY4HVA3tdHqrNtYqAs4doLd1gNF3JSl5dYRa51EHE5pdz3-e_2JY9UFnAKAP6pAX4AdlcK8z4kqYDeuh9TQtwUHURUzhm-MSBAHewTM1V-URBpjCedb_vLXIsh92FOQD5cb9elPRGQx9QVghv0knK17rfzavXHFVnrauNcnk2gXYVPAeBCjvMjyvK1DRsly7KznKwqnfo7Y2asUBA6CeHD8-QU-RbwcHbk4GBoUqalv2OHkIOm07oVhcA9UaUXJ5tBLWrJedcchpvgAWI_mGTAFJjMuyXAsWok1TudZGHwNv9E1mc43W8mucsEsw0Sb1WJ9QOBuYnl59SMF_pFoaBtLViLMx6DfIm6B2S5FoxlDVFOThnbNjAymVxONXVbQYeUVk2yuFWhldox56gSP6D0nFtKGFgNuCMLOuDStzj4jJyBGEHn241XOMnwHDr9E6-OhPuL0dZYpCtEsfFklMaw8EvQHwRhvqZZdYY7xX-GaRXfaCktSuwaTDVm0Vb7rTy2OBbDHnHB8C4_4Rr1ADYjFc795DCm-4vpZdtx2JbFVDnAsITasrkeZaYlmFO36aHACQ0kKLfZTHIyds4EV94EW3Qylt9MOs2tjWyiQFLaFpHnHhzJ7IF55hIRe4CxyRiVXhrFNyRkqhdkqidTf8tDcfCyO95LnWACDcsAJMZA-03JG1VtnJ9RFOfQVHO8yw50w0aUaHT1dldQJgwbG1Jsx4CvoXQF7fjbO0_rGeFnqAPFPakpHk2vquOKHddEr8Asd5rmvgbi7XJvfcAFXW5AWHOHRO2YVGJBqrsQ6B0vpPkLdY1qVsWRQEF_qkAD3rxfofDwnyxMguAY2C_qQGe9BFvjUA8bdK1Ai4NcUq48fjTiR_xuRhwLo2YmN7K8Nswgwfp3kySLG0eQ-_jQll_m7DpoZXCkHPVPo8MLwOLl92quLdGDn_u5x0C3gZ-DVgsto-su9W0cT7E_qMLvegiKKncNKRsaTutDYlb6DqeLUxnBQD3WlOs4nhOWhtkkJl_5QBHQvQVVUzCDlOmcs_0kozUEd762o0IuMVecE09hom0NSbPRo_ciIgmUZRUN-IsvBR_WrN2LZYTzVU_p_4KozzzQ9p_PAHczJ6AMHseylPOIVGPc4DfXWnF-CDHsLjA-0hobFHvXWXvc0RKvqF83Xw7JU6fvDMxp3I6EqRtxFhAOKF4MTcSpsxlkHE4s25B7f0JAGAe0yLL4AIs9Q58jSXBjFbaja-5peXzRqS0gVkLS9hNSCzMSFs-S3J4J4yYnjtgiPU17L9Keo_3t9qfP_IoNWIYSdG1pM-14EZCQpXAPTkWw1R96GMRvwVR2AVzdfvaBhnOh6agb4dWWhB-0TblSQtYGVkxieOudpVOTaRWxJLQu9EW9yiIU4GbGR4xUcO4TMs8-MXlxM95S46VTgrjMp-ojJ033i-LEiO45zuGBEiZXYOTDabk6Dt4OO1PTQziBBphnVQ0QE0OkDUMIv8bNEDkKtEj237Sjy-ngXDaS1qqKQ2AnW4YQR6ByN5rTF4bErTEIZZ84uyX7POqSU-nxG4rn5MndsfSmu_nf0Htgir4zL9Z3-yJuv_0dMDvhZzC6MqfELr0wKwal7rwy5v2o8G--RDvUvnBjf6ZsPAeUT3AoF757II6m7h4EcCdrj0lpPJjRED0xCXbDccJH17zrZea0R2LufcXyEwikPdE5APq9NH__VUOBEh9DgMf9H_M71r2_lUbpwNi-XpHz7Lh35OUwyK9ZNFBVynA0GQQV5plNY1AxJKVaWIVuWOtsUfSqy223OhnO87gP5HaYn&cid=CAQSTADICaaNhZNH7owrDdrh1vtJ4y7QjJZ4v_PDKc4pDfPfabjMdKNpPuLcaznxuclywpmgyTBu2GNL4vB8udVQxXJPV5amO3DmtdKuOOEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=16791614431275928000&adk=1405019969&idt=95&cac=0&dtd=58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E7F 143 B
228 B 54ms
54ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 03:23:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame E5D0 60 KB
20 KB 84ms
84ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890745&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iQp161c2crsfIpJ0ItdKxa&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15173373811&DVP_DBM_4=396440060&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Wed, 02 Oct 2024 04:04:33 GMT

GET
H2 200 th
www.bing.com/ Frame 434F 10 KB
10 KB 75ms
74ms Image
image/jpeg 92.123.104.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215779225986_1BZH47JDBN4096BZ4G&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.47 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd6cb3b815a08449dac544b768e4ad9e98a064aacc866a41421118a1c44178b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:33 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.afa72917.1696305873.2bf4d88
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9729
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 434F 0
530 B 250ms
74ms Script
text/html 185.89.210.20

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.babup.com&e=wqT_3QL-A-j-AQAAAwDWAAUBCNCl7qgGEOeXyaXchJjkNxgAKjYJG6dGIaFnsT8RLNBl5fXhsD8ZAAAAwMzM5D8hLA0SACkRJAAxARvA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjJ9QWAAQGKAQNVU0SSAQEG8JqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vd3d3LmJhYnVwLmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAW9DPoEEgkB3ZCKo0dAEQAAAEC_fR1AiAUBmAUAoAWTzLfP79HK0T3ABQDJBQAAAQIQ8D_SBQkBMwUBcNgFAeAFAfAFo7xd-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0AbCjQTaBhYKEAkSGQEBoGDgBgHyBgIIAIAHAYgHAKAHAcgHyfUF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8Aewhg2KCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=dad54c15604bf8f5d27e041ff408844dfdea11ad&bdref=https%3A%2F%2Fwww.babup.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.babup.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26client%3Dca-pub-9176521898341909%26output%3Dhtml%26h%3D90%26adk%3D2316120902%26adf%3D3609186151%26pi%3Dt.aa~a.1000136111~rp.4%26w%3D1110%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696298671%26rafmt%3D1%26to%3Dqs%26pwprc%3D6385710038%26format%3D1110x90%26url%3Dhttps%253A%252F%252Fwww.babup.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696305871517%26bpp%3D6%26bdt%3D3633%26idt%3D-M%26shv%3Dr20230928%26mjsv%3Dm202309210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Daed65478eeaef2a0%253AT%253D1696305869%253ART%253D1696305869%253AS%253DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA%26gpic%3DUID%253D00000c8b6c020509%253AT%253D1696305869%253ART%253D1696305869%253AS%253DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw%26prev_fmts%3D0x0%252C1110x280%252C1110x280%252C1110x280%26nras%3D2%26correlator%3D2292733678478%26frm%3D20%26pv%3D1%26ga_vid%3D136624027.1696305869%26ga_sid%3D1696305869%26ga_hid%3D1336695802%26ga_fc%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D245%26ady%3D2043%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31076838%252C31078200%252C31078201%252C44801485%252C21065725%26oid%3D2%26psts%3DAOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%252CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%252CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX%26pvsid%3D2586547772847200%26tmod%3D1062923177%26uas%3D0%26nvt%3D1%26ref%3Dhttps%253A%252F%252Fwww.file-upload.org%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D1%26fsb%3D1%26xpc%3DgiGjxh9INS%26p%3Dhttps%253A%2F%2Fwww.babup.com%26dtd%3D361,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fgdpr%3D0%26client%3Dca-pub-9176521898341909%26output%3Dhtml%26h%3D90%26adk%3D2316120902%26adf%3D3609186151%26pi%3Dt.aa~a.1000136111~rp.4%26w%3D1110%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696298671%26rafmt%3D1%26to%3Dqs%26pwprc%3D6385710038%26format%3D1110x90%26url%3Dhttps%253A%252F%252Fwww.babup.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696305871517%26bpp%3D6%26bdt%3D3633%26idt%3D-M%26shv%3Dr20230928%26mjsv%3Dm202309210101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Daed65478eeaef2a0%253AT%253D1696305869%253ART%253D1696305869%253AS%253DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA%26gpic%3DUID%253D00000c8b6c020509%253AT%253D1696305869%253ART%253D1696305869%253AS%253DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw%26prev_fmts%3D0x0%252C1110x280%252C1110x280%252C1110x280%26nras%3D2%26correlator%3D2292733678478%26frm%3D20%26pv%3D1%26ga_vid%3D136624027.1696305869%26ga_sid%3D1696305869%26ga_hid%3D1336695802%26ga_fc%3D1%26u_tz%3D120%26u_his%3D3%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D245%26ady%3D2043%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C31076838%252C31078200%252C31078201%252C44801485%252C21065725%26oid%3D2%26psts%3DAOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%252CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%252CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX%26pvsid%3D2586547772847200%26tmod%3D1062923177%26uas%3D0%26nvt%3D1%26ref%3Dhttps%253A%252F%252Fwww.file-upload.org%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D1%26fsb%3D1%26xpc%3DgiGjxh9INS%26p%3Dhttps%253A%2F%2Fwww.babup.com%26dtd%3D361&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:33 GMT
an-x-request-uuid: 5057883c-45be-4c39-837c-5f64ac298d11
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 77.57.9.242; 77.57.9.242; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/MFRPW3YR4ZCB246FRPO6RG6ASRZV76HVJGCL3FQJPRXBMU4SUISYJBEEEYA44H2FQJJROI4GOW4S6WRXV6WHDNKHCUEL4NCULDIM2YR4AO2C3RRG5OQ53IYO5HEUD3TVAMDHBLGUS3M66BAIX56NNXVTSZ6HOV... Frame CD87 26 B
151 B 63ms
62ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/MFRPW3YR4ZCB246FRPO6RG6ASRZV76HVJGCL3FQJPRXBMU4SUISYJBEEEYA44H2FQJJROI4GOW4S6WRXV6WHDNKHCUEL4NCULDIM2YR4AO2C3RRG5OQ53IYO5HEUD3TVAMDHBLGUS3M66BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLCPD7NHGB2F7X6WAYMUCSTZWZU532I46OCF6A7JFGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEXJ6DF32ICSMUMCH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:33 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame CD87 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90b5b4c693534c51b7c575fe57dfcf1ae7d8c680d66cda9826b6c1edfb88d710

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/MFRPW3YR4ZCB27GBOUZTUSNORJZV76HVJGCL3FUAUVZWOHT4MKOK7AGI6FVJ6H4UNDSUG3WWDSFBDUVHWQBKVSW36ZIW46LIC3UKQDMW2QBZ3DPW2SO4NYJNH6GW2GT5PWOPCXYHPRPF4BAIX56NNXVTSZ6HOV... Frame 0FF0 26 B
151 B 128ms
63ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/MFRPW3YR4ZCB27GBOUZTUSNORJZV76HVJGCL3FUAUVZWOHT4MKOK7AGI6FVJ6H4UNDSUG3WWDSFBDUVHWQBKVSW36ZIW46LIC3UKQDMW2QBZ3DPW2SO4NYJNH6GW2GT5PWOPCXYHPRPF4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLCPD7NHGB2F7X6WAYMUCSTZWZU532I46OCF6A7JFGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEQTNF7VG767Q5KCH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:33 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 0FF0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 396e4e4893e1488780934904be964f01b086e8fba819500729ad81c6b117bfbe

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 92BC 70 B
149 B 730ms
109ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEpf3-M3ccG25rxP9-7LRDE&google_cver=1&google_push=AXcoOmSZqYiyV1xzLfR7DUS3mOlobo6SzQ1r5U2aVSaZnPh8zAte9ctV-nvvC9ujaW0dieAYqWm1_ApnR0PtiwWsG51cdI-Pku9ZjA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92BC
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELYXwxYG8cB1D-TQUyItmHY&google_cver=1&google_push=AXcoOmSPN7Wh63ir9omn_71Rrv_MxLp2bphrohKA0hMLao4QmpqFylxfcMAc4noE-zQSU5rVWZhOtBVujSvXmhhgJy8xRVdsHwgh
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REI2RTlEMEU0NDA1RTc4Qw==

170 B
188 B

69ms
67ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REI2RTlEMEU0NDA1RTc4Qw==

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REI2RTlEMEU0NDA1RTc4Qw==
date: Tue, 03 Oct 2023 04:04:34 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92BC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPCtYKjsDD1Sgi-LfrhqfUI&google_cver=1&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfeOM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPCtYKjsDD1Sgi-LfrhqfUI&google_cver=1&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwMzE2MDg4MDQ2NDMzODkyMw&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfe...

170 B
188 B

77ms
76ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwMzE2MDg4MDQ2NDMzODkyMw&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfeOMy7kpU8Wpx6F_bKT7kGCn

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwMzE2MDg4MDQ2NDMzODkyMw&google_push=AXcoOmR567d2speZ1WlrPRIdfJBk3bqh4UB3dIyAOmfE4PKUkhF-UabLIn27AqgEArzOcqxeM72yfeOMy7kpU8Wpx6F_bKT7kGCn
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 92BC 42 B
213 B 213ms
83ms Image
image/gif 34.160.236.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEF1g4Y_lu722ntS-X_spKWk&google_cver=1&google_push=AXcoOmRUP3ws3XmPqpBJe8-u0OcKXpbjYFfUc0BeRAk7LbQPqJfBgEaYjas3sscvzq4JPTFp1CIRjvfNqVzzHwrHNF4pou7xBXIjvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:33 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92BC
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAUKtoiX1FQMyn8IWX-gOic&google_cver=1&google_push=AXcoOmRn7z2DAu720v8lPFTsfniCgUkZAQaSjGV_HZ5ZV6V4sKsNmopaY...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRn7z2DAu720v8lPFTsfniCgUkZAQaSjGV_HZ5ZV6V4sKsNmopaY6VnOMRj8DJ7kCwpQZomHtN0zwPhfoxy_OhQg9LcT-Mfpyc&google_hm=QlMuNTM5Mi1lODM...

170 B
188 B

65ms
63ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRn7z2DAu720v8lPFTsfniCgUkZAQaSjGV_HZ5ZV6V4sKsNmopaY6VnOMRj8DJ7kCwpQZomHtN0zwPhfoxy_OhQg9LcT-Mfpyc&google_hm=QlMuNTM5Mi1lODM4LTQxNGYtOGMxMA==

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmRn7z2DAu720v8lPFTsfniCgUkZAQaSjGV_HZ5ZV6V4sKsNmopaY6VnOMRj8DJ7kCwpQZomHtN0zwPhfoxy_OhQg9LcT-Mfpyc&google_hm=QlMuNTM5Mi1lODM4LTQxNGYtOGMxMA==
Date: Tue, 03 Oct 2023 04:04:34 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92BC
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQC7Sa1K2cyoNY8RRHDKgB_8juD2CCvDTkMkFF65OQ2UUHxr5LTCK0NREN48p4O7acBrX3UXjh7DfNTP51ctggXQ-SL36TfRw&google_gid=CAESEHB_JR8upQt...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHB_JR8upQtkzbNCwglQsuA&google_hm=T1BVM2U2ZDYzODVjODdlNGZkYjliYmVhM2IxZDgwMDUwYTg&google_nid=opera_norway_as&google_push=AXcoOmQC7Sa1...

170 B
188 B

74ms
73ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHB_JR8upQtkzbNCwglQsuA&google_hm=T1BVM2U2ZDYzODVjODdlNGZkYjliYmVhM2IxZDgwMDUwYTg&google_nid=opera_norway_as&google_push=AXcoOmQC7Sa1K2cyoNY8RRHDKgB_8juD2CCvDTkMkFF65OQ2UUHxr5LTCK0NREN48p4O7acBrX3UXjh7DfNTP51ctggXQ-SL36TfRw

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHB_JR8upQtkzbNCwglQsuA&google_hm=T1BVM2U2ZDYzODVjODdlNGZkYjliYmVhM2IxZDgwMDUwYTg&google_nid=opera_norway_as&google_push=AXcoOmQC7Sa1K2cyoNY8RRHDKgB_8juD2CCvDTkMkFF65OQ2UUHxr5LTCK0NREN48p4O7acBrX3UXjh7DfNTP51ctggXQ-SL36TfRw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 326
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 92BC
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEJP6uFD0N1eG-Y34ApBZcwo?ext-param=AXcoOmQPnKGUNylsFjIJXxo_iURVBbHU6cuQ5MS4xbi1jyHFTl8iRz71-0_QBU56wSLootQKf9trs5godVYXLrol6G0OtfZ6tOoRtMI&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESEJP6uFD0N1eG-Y34ApBZcwo?redir-setuniq=1&ext-param=AXcoOmQPnKGUNylsFjIJXxo_iURVBbHU6cuQ5MS4xbi1jyHFTl8iRz71-0_QBU56wSLootQKf9trs5godVYXLrol6G0OtfZ6tOoRtMI&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEJP6uFD0N1eG-Y34ApBZcwo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

97ms
97ms

Image
image/gif

93.158.134.90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

93.158.134.90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 17 Sep 2024 04:04:34 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 92BC 0
12 B 74ms
73ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaD5nMOqQn3lIF93c49_h3fYLF_cJLFtazHhdxI9nPLw_695kza_7b01d1Ey7TEPVvwufhn1hN

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=2&bdt=3634&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iYXhXsNIQc&p=https%3A//www.babup.com&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CD87 0
56 B 108ms
102ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYg1ezZIbZYeKI8vy6gTduJrQBNesnIJuyur8vP0QwI23ARABIABg9a37jogEggEXY2EtcHViLTkxNzY1MjE4OTgzNDE5MDnIAQmoAwHIAwKqBLEBT9AzdvQ2bcGriUDShpGNCt-sgYxDcZx2k78GslFGmFp4aqj23aVFbKBZKjyx_OielMxazc_fWzPK4GOeeU2HIww5dV05IqlrwVsMYHOikR-76jZSKDHVh_TltfQwRw8r6nNv6fWSW0tnx_vIUeUhByaTX6ZpMoHNDnOJEoxHH9Imo8GkX4WRCNr77l4NPaEOxjYvAKCPESwv-GfhnUVyLxxvCb4QfWwk7fnaWYl36gROgAaKlPex1L6c3FigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=xpVA-7kXMis&uach_m=[UACH]&cid=CAQSTADICaaNhZNH7owrDdrh1vtJ4y7QjJZ4v_PDKc4pDfPfabjMdKNpPuLcaznxuclywpmgyTBu2GNL4vB8udVQxXJPV5amO3DmtdKuOOEYAQ&cbvp=2&vis=1

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/f368152c-61a1-11ee-b178-633d1db65c91/ZRuSzQAIxQcKmrlLAAacXXp_9SnIkz9OLqkgBA/NNEB4WQJFUP5JVGX6SQ552FVBIDWGW3YFXWQ3ALZXE5Q6NQFDHK6ULEPWQJHUSKYCXC6PDS... Frame CD87 0
99 B 75ms
70ms Image
text/plain 213.227.153.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f368152c-61a1-11ee-b178-633d1db65c91/ZRuSzQAIxQcKmrlLAAacXXp_9SnIkz9OLqkgBA/NNEB4WQJFUP5JVGX6SQ552FVBIDWGW3YFXWQ3ALZXE5Q6NQFDHK6ULEPWQJHUSKYCXC6PDS5OGS7TXP5OAIXZPF5EXHNMDJTTW3YFC36CPX764KCQCMWJ6EG6SLBYFQMSJZBCEHZBSFQ47Z3JSO6KBO2RVDC2EOX6BKMQFDEZANAO24MKC2EGMR2SERU53AHHUBL2GDG42WWDFTHI4UX6COCPNMSS5U5Z7GWZXZ3FRDZ4OMIFZGHYOQTNKSUVFDVTRZAIT2KY27K6MJQBFBZK3J7SP2P2B2BVCHBAJYHBZWU6APRYI54RGS4R4AFOHBJMQNRA5LAW3AJYLZ7VR7YRPE74O7TSVOGQQPYG6LOXZSNSPL3UWO47D63QHGHPPHTXZMAMWDE4MKFVEZ4JDW624UD3MYAJ66G4TRGRSULD4PBJPZ7TMACMO2X243ZRZSPG2PNCWCXGKNNFGY62FNRVWQGWHLN66V34JDWR3MY3IGLLMWE6TT6TC3SONZD45RE/?&cbvp=2
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 03 Oct 2023 04:04:33 GMT
Content-Length: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0FF0 0
56 B 107ms
101ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwkkxzZIbZYiKI8vy6gTduJrQBNesnIJuyur8vP0QwI23ARABIABg9a37jogEggEXY2EtcHViLTkxNzY1MjE4OTgzNDE5MDnIAQmoAwHIAwKqBLEBT9CZXGxS4J0C16w4Fu6dKO38x8ceiqNRwS2de1PelsfZTmQsZIrOUtfh99Oc1u9NOLsBX2fCJPDHO19BWdwkBZOC2KrDcPW_L1E1bPI9UhV9_08rn3rovUxmqqyzs9Ynrl8nutKk8uyi0FZOigB4dV3WQOCUfCO-_CVXFf6H6dfUP2DsScy8YIwn-_ZAEvQNnAlR44Bg7o7d82rCe0RyI0gYe-b_lDGqUDSr_4nthXn2gAaKlPex1L6c3FigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=Q4936fBR0pg&uach_m=[UACH]&cid=CAQSTADICaaNhZNH7owrDdrh1vtJ4y7QjJZ4v_PDKc4pDfPfabjMdKNpPuLcaznxuclywpmgyTBu2GNL4vB8udVQxXJPV5amO3DmtdKuOOEYAQ&cbvp=2&vis=1

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/f36802ce-61a1-11ee-bd81-b2ba53fbeb9a/ZRuSzQAIxQgKmrlLAAacXXZWKtJNIybdnbxBFw/NNEB4WQJFUP5JVGX6SQ552FVBLW7VWZEAHLVXSTZXE5Q6NQFDHK7NTIOTHFQY2UZXWUTSJY... Frame 0FF0 0
99 B 133ms
56ms Image
text/plain 213.227.153.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f36802ce-61a1-11ee-bd81-b2ba53fbeb9a/ZRuSzQAIxQgKmrlLAAacXXZWKtJNIybdnbxBFw/NNEB4WQJFUP5JVGX6SQ552FVBLW7VWZEAHLVXSTZXE5Q6NQFDHK7NTIOTHFQY2UZXWUTSJYK7AGJWJMXOD4JTILCK7HNMDJTTW3YFC36CPX764KCQCMWJ6EG6SLBYFQM72DI5UIUBCT2JNA7G6IAD2ATKRDC2EOX6BKMQFDEZANAO24MKC2KANPJPBIS2C7MHUBL2GDG42WWDFTHI4UX6COCPNMSS5U5Z7GWZXZ3FRDZ4OMIFZGHYOQTNKSUVFDVTRZAIT2KY27K6MJQBFBZK3J7SP2P2B2BVCHBAJYHBZWU6APRYI54RGS4R4AFOHBJMQNRA5LAW3AJYLZ7VR7YRPE74O7TSVOGQQPYG6K3WXQAO4EONWIBF7ABBVMVR6AXOPH56H7KH72G7EZ4JDW624UD3MYAJ66G4TRGRSULD4PBJPZ7TMACMO2X243ZRZSPG2PNCWCXGKNNFGY62FNRVWQGWHLN66V34JDWR3MY3IGLLMWE6TT5OMYWUCSY7UHA/?&cbvp=2
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 03 Oct 2023 04:04:33 GMT
Content-Length: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5836 22 KB
8 KB 53ms
52ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 84691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame E5D0 1 KB
931 B 493ms
80ms Script
text/javascript 130.211.44.5

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_267326986639&jsTagObjCallback=__tagObject_callback_267326986639&num=6&ctx=1828362&cmp=115750&plc=4890745&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=267326986639&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.60&dvpx_strhd=0.60&brid=3&brver=89&bridua=3&dup=null&turl=https://www.babup.com/&chro=1&hist=3&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iQp161c2crsfIpJ0ItdKxa&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15173373811&DVP_DBM_4=396440060&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=15&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=24.30&callbackName=__verify_callback_267326986639
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3c46e7f487745f1dcc7c4fe1eaa8b76b4de2dd02fce0f428100a8ea7e1706f2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 04:04:34 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/02/2023 04:04:34

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E7F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
168 B

70ms
69ms

Document
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:34 GMT
expires: Tue, 03 Oct 2023 04:04:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 04:04:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C220 1 KB
682 B 83ms
54ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 19704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 434F 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9accf58a921b17b00c567135d3b9062e91be0d79c9eb11c4b66438d3706b5360

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 434F 0
56 B 97ms
96ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDT-oz5IbZfumOc2x7gTO5aDoB9Lg1-Buj6S2k5MKwI23ARABIABg9a37jogEggEXY2EtcHViLTkxNzY1MjE4OTgzNDE5MDnIAQmoAwHIAwKqBLYBT9CC3p3TpV-8RltfYCddpE-aWE2RgYsyI6rYVW57_kQZ3BiPX9_hL9IrIpyJcsEuOtMGteneq1lKs4td_-0ZBt9JsVcik8kXdfC5RbVVR9pi6JAPWyUpvWdF0B2MjT2Eb2Wf-58RZWEXWnwwd4sC6LTxBHu9abn4r9jqdf2O0_Z67erpuY5xpVliyZ3afpsK5453EgUj7eQOkA0C-IzJMzjGlAGPKcoZxOa8_tVXeSGiReCYTu6ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=6x339B5oPJA&uach_m=[UACH]&cid=CAQSPADICaaN0bQK2kz7ZGrMSkqkKsOs3MBKDvMsUqKEtfNRYWEk4X0FTTKpP7J6TTKvDB79vOWaIqRNAtLE2BgB&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 04:04:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 434F 0
529 B 71ms
70ms Image
text/html 185.89.210.20

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.babup.com&e=wqT_3QK2B-i2AwAAAwDWAAUBCNCl7qgGEOeXyaXchJjkNxgAKjYJG6dGIaFnsT8RLNBl5fXhsD8ZAAAAwMzM5D8hLA0SACkRJAAxARvA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjJ9QWAAQGKAQNVU0SSAQEG8FuYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIVaHR0cHM6Ly93d3cuYmFidXAuY29tgAMAiAMBkAMAmAMJoAMBqgO1AwrLAmh0dBkrCGluZwEq8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NDI1NmI4ODAtYTA2MS00MTZkLTg1ZTgtMzFlZjRkOTgwMzJmJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADSOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQBobmNjX2ZwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRG4UFJJQ0V9EgUxMjA4NRoTNDAxOTU2ODM4Mjc1ODI0MzMwMyIJMzgxODQ2NzE0KgQhaPC8OjhVMlZoY21Ob1FXUWpOekkwT1Rrek5qZzNOREkwTVRrak1qTXlOREk1T0RnMk1qQXlOVGsxTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYB-gQSCQAAAMCKo0dAEQAAAEC_fR1AiAUBmAUAoAWTzLfP79HK0T3ABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQHgBQHwBaO8XfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQEBoGDgBgHyBgIIAIAHAYgHAKAHAcgHyfUF0gcNAZgFAQEmCNoHBgFesBgA4AcA6gcCCADwB7CGDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=6cb279a4d7b9ab2781f028fe725058e6cc79ed3d&pp=ZRuSzwAOU3sKm5jNAAgyznWb-ofaPxCzT8m4KA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoIjoz5IbZfumOc2x7gTO5aDoB9Lg1-Buj6S2k5MKwI23ARABIABg9a37jogEggEXY2EtcHViLTkxNzY1MjE4OTgzNDE5MDnIAQmoAwHIAwKqBLkBT9CC3p3TpV-8RltfYCddpE-aWE2RgYsyI6rYVW57_kQZ3BiPX9_hL9IrIpyJcsEuOtMGteneq1lKs4td_-0ZBt9JsVcik8kXdfC5RbVVR9pi6JAPWyUpvWdF0B2MjT2Eb2Wf-58RZWEXWnwwd4sC6LTxBHu9abn4r9jqdf2O0_Z67erpuY5xpVliyZ3afpsKpYxWgMeHF4maanm3ZtVNhTzlnoWGB9LAZmDlemnXUw26hWF6I3oBp2uABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3bdzi3BGuMx2jAmTE8dDV2Vwz2hw%26client%3Dca-pub-9176521898341909%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
an-x-request-uuid: d23718ae-fb56-4078-85df-24087538a8f0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 77.57.9.242; 77.57.9.242; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 434F 0
553 B 71ms
70ms Ping
text/html 185.89.210.20

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.babup.com&e=wqT_3QK2B-i2AwAAAwDWAAUBCNCl7qgGEOeXyaXchJjkNxgAKjYJG6dGIaFnsT8RLNBl5fXhsD8ZAAAAwMzM5D8hLA0SACkRJAAxARvA9Si8PzDb-KYDOLUBQLVeSOMDULqJirYBWMexPWAAaJ-kVHjJ9QWAAQGKAQNVU0SSAQEG8FuYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIVaHR0cHM6Ly93d3cuYmFidXAuY29tgAMAiAMBkAMAmAMJoAMBqgO1AwrLAmh0dBkrCGluZwEq8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NDI1NmI4ODAtYTA2MS00MTZkLTg1ZTgtMzFlZjRkOTgwMzJmJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOADSOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQBobmNjX2ZwJmFpZD0ke0FVQ1RJT05fSUR9JndwHRG4UFJJQ0V9EgUxMjA4NRoTNDAxOTU2ODM4Mjc1ODI0MzMwMyIJMzgxODQ2NzE0KgQhaPC8OjhVMlZoY21Ob1FXUWpOekkwT1Rrek5qZzNOREkwTVRrak1qTXlOREk1T0RnMk1qQXlOVGsxTUE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYB-gQSCQAAAMCKo0dAEQAAAEC_fR1AiAUBmAUAoAWTzLfP79HK0T3ABQDJBQAAAAAAAPA_0gUJCQAAAQx4AADYBQHgBQHwBaO8XfoFBAgAEACQBgCYBgC4BgDBBgkjLPA_0AbCjQTaBhYKEAkSGQEBoGDgBgHyBgIIAIAHAYgHAKAHAcgHyfUF0gcNAZgFAQEmCNoHBgFesBgA4AcA6gcCCADwB7CGDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=6cb279a4d7b9ab2781f028fe725058e6cc79ed3d&type=nv&nvt=5&jm=1003&px=191&py=0&bw=182&bh=90&sid=8314169331402005214&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1110&ph=90&ww=1110&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
an-x-request-uuid: 64e23523-ed8d-45d8-9ec7-2eedf83c318a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 77.57.9.242; 77.57.9.242; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
517 B 77ms
77ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.7214401389400256

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-66TIhxftrtajJ011GkeH7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-66TIhxftrtajJ011GkeH7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
253 B 117ms
117ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.53718590692991

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P3s53NHYu4UrklWgbEuj4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-P3s53NHYu4UrklWgbEuj4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 805ms
65ms XHR
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AJADQhucwy1zMneK7EtDEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Oct 2023 04:04:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-AJADQhucwy1zMneK7EtDEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5836 38 KB
15 KB 62ms
61ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame E5D0 24 KB
10 KB 53ms
52ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 03:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 03 Oct 2023 04:38:32 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C220 35 B
463 B 535ms
81ms Image
image/gif 91.228.74.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBusJwtOANUQaVUWtHM4bjw&google_cver=1&google_push=AXcoOmSP0jrnSKALIndMuAiJP6ZOzh15T7M-gXA9zOwluRqqvGgFoo7cMqR6D8IsyyPUKuno2Oj1HY-pDNALUO9ImEbylliKVf-PBA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C220
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPqCJXsF48g1PaAfAie-pbg&google_cver=1&google_push=AXcoOmS3wyiQKZ0dBVmgNPoYA-Wz7LN87UitHxg-KKpvOC5JwpZ2AfPHGJpsw8dNGMDGrDbvIC-SG...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS3wyiQKZ0dBVmgNPoYA-Wz7LN87UitHxg-KKpvOC5JwpZ2AfPHGJpsw8dNGMDGrDbvIC-SGDa4c7aUFMaeXhQXAVyNaUCZpVY

170 B
188 B

66ms
66ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS3wyiQKZ0dBVmgNPoYA-Wz7LN87UitHxg-KKpvOC5JwpZ2AfPHGJpsw8dNGMDGrDbvIC-SGDa4c7aUFMaeXhQXAVyNaUCZpVY

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 04:04:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AE22CF7CDA5447EC817A138F14000805 Ref B: ZRHEDGE1610 Ref C: 2023-10-03T04:04:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS3wyiQKZ0dBVmgNPoYA-Wz7LN87UitHxg-KKpvOC5JwpZ2AfPHGJpsw8dNGMDGrDbvIC-SGDa4c7aUFMaeXhQXAVyNaUCZpVY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGx/0dUl9VJY3ocxBuZQ==

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C220 70 B
148 B 79ms
64ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEpf3-M3ccG25rxP9-7LRDE&google_cver=1&google_push=AXcoOmQYM3U2r-D54UIQ6FXlWVhfOYeBHtGICxXGH8t-R49WJQKuIdZYVh7cV_4yNo1Dv7_O18m8kjBPKD9UKXdrWfwKTrAFDcWPLwU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET gcm
a.c.appier.net/ Frame C220 0
0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C220 43 B
363 B 245ms
69ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQpA9Jlp-YqJbPZJU_C0yY5TvwzTx7Yxll0XHcPRwlbf9N5ms5aZeJ4xMRrK18hWleddQS2x653pMYpiSHzU2MuPdj_FaD4HOc&google_gid=CAESEJ-xj1b2abJRczB0Oayii3E&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 176981
expires: Tue, 03 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C220
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPCtYKjsDD1Sgi-LfrhqfUI&google_cver=1&google_push=AXcoOmRcuAfWljDc4IUzC1dnlFW6q2y-UVhwVgIIrV_OTLoXzX6_Ywpv7a3RWGYwMvf_qCSt87rPscJs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNjcwNzI3MjgyMDEwMzIw&google_push=AXcoOmRcuAfWljDc4IUzC1dnlFW6q2y-UVhwVgIIrV_OTLoXzX6_Ywpv7a3RWGYwMvf_qCSt87rPscJs...

170 B
188 B

71ms
70ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNjcwNzI3MjgyMDEwMzIw&google_push=AXcoOmRcuAfWljDc4IUzC1dnlFW6q2y-UVhwVgIIrV_OTLoXzX6_Ywpv7a3RWGYwMvf_qCSt87rPscJsTFiWQORcUzw783KZ45i6miY

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNjcwNzI3MjgyMDEwMzIw&google_push=AXcoOmRcuAfWljDc4IUzC1dnlFW6q2y-UVhwVgIIrV_OTLoXzX6_Ywpv7a3RWGYwMvf_qCSt87rPscJsTFiWQORcUzw783KZ45i6miY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame C220 42 B
233 B 563ms
179ms Image
image/gif 174.137.133.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMpjnSdf7eMW3w-VgJeVQwc&google_cver=1&google_push=AXcoOmS0tH2PO-rdNNV2sRpHPaxohKjXtlzciRjeXsRpU_5FH8qH7lFgaHjOkw8hmbA5yy82fD-_OnhLHv0FCgel0r149aHWfSb0vw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696298671&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696305871517&bpp=6&bdt=3633&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daed65478eeaef2a0%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA&gpic=UID%3D00000c8b6c020509%3AT%3D1696305869%3ART%3D1696305869%3AS%3DALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=2292733678478&frm=20&pv=1&ga_vid=136624027.1696305869&ga_sid=1696305869&ga_hid=1336695802&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838%2C31078200%2C31078201%2C44801485%2C21065725&oid=2&psts=AOrYGsmWxbKSMhIEkC-BJmsryQN3NAADC_L6lDZ-jUCj9sfJUImGdW_zWJJIKJG1NtrZ9Qcbc26DlnHDrtUitadjP_wWPP2Z%2CAOrYGsl6JOv1-BMaTacA-tS_oEu6xbcTI8AQUvIef4cLlHIH19B31QkFoU0iux_ZjEd4t7AMwbs6deAXUDFi60HtcEDeUun3%2CAOrYGsktd8SJRihcjotsfwE9yA6m3YtT1pROJjYHYGuzcFeXAY89HaXnfQTAYGjwdoprYTfokxLjOLm-cK_1x6_EVjKsjzFX&pvsid=2586547772847200&tmod=1062923177&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=giGjxh9INS&p=https%3A//www.babup.com&dtd=361
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 04:04:34 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C220 0
12 B 73ms
62ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPI4fGWJfLMwIxdin57A3QfeJdFODxFOE_afE9EklM5vswWA6sVFheiOogw9vBg1HMhzzu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame E5D0 57 KB
23 KB 54ms
54ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 21:04:20 GMT

GET
H2 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A50 38 KB
15 KB 62ms
62ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:17 GMT

GET
H/1.1 200
OK dv-measurements4784.js Show response
cdn.doubleverify.com/ Frame 1301 420 KB
99 KB 102ms
101ms Script
application/javascript 193.108.153.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4784.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/hmykm7fbfpim
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-19.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 27bb3ca1a93c5079b313320cf72c4057818535462f4546c2a83baac6914f3130

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 04:04:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 13:26:40 GMT
Server: UploadServer
ETag: "66abf8796500aa6c77eaac83b8c57f1b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101000
Expires: Wed, 02 Oct 2024 04:04:34 GMT

GET
DATA 200
OK truncated
/ Frame E5D0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 423e937aa271b7b1e13a08cac7de4d2bd731f2f69ee15a471449900b61d49c25

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD87 42 B
108 B 120ms
120ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9JTqj76wy8NKF6afFnbklgR74tggzICK7Z_zziH3Oez0W3EHdlbVhQpNhBG44hBqSSDKyiqyBuE_NZ3bGLjI9VgmYXQZ2u_x9xbJ3&sig=Cg0ArKJSzDGt3pdID_nZEAE&id=lidar2&mcvt=1082&p=0,0,600,160&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696305872339&rpt=930&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FF0 42 B
108 B 121ms
120ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssarXK0em34Sos7-gJKO0BNMGnHUx3PrmmtlK7xz7yFyTsLKmVYTEwG77IJZKsb06Kh4Pda3oahkkEb1pfHCXEzEDFDr_DXWzyP3zAe&sig=Cg0ArKJSzKDfusgwW2SaEAE&id=lidar2&mcvt=1087&p=0,0,600,160&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696305872424&rpt=782&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 04:04:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB246FRPO6RG6ASRZV76HVJGCL3FQJPRXBMU4SUISYJBEEEYA44H2FQJJROI4GOW4S6WRXV6WHDNKHCUEL4NCULDIM2YR4AO2C3RRG5OQ53IYO5HEUD3TVAMDHBLGUS3M66BAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 230ms
90ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB246FRPO6RG6ASRZV76HVJGCL3FQJPRXBMU4SUISYJBEEEYA44H2FQJJROI4GOW4S6WRXV6WHDNKHCUEL4NCULDIM2YR4AO2C3RRG5OQ53IYO5HEUD3TVAMDHBLGUS3M66BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLCPD7NHGB2F7X6WAYMUCSTZWZU532I46OCF6A7JFGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEXJ6DF32ICSMUMCH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Tue, 03 Oct 2023 04:04:35 GMT

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB246FRPO6RG6ASRZV76HVJGCL3FQJPRXBMU4SUISYJBEEEYA44H2FQJJROI4GOW4S6WRXV6WHDNKHCUEL4NCULDIM2YR4AO2C3RRG5OQ53IYO5HEUD3TVAMDHBLGUS3M66BAIX56NNXVTSZ6HOVWAHYFI... Frame CD87 26 B
257 B 59ms
59ms Fetch
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB246FRPO6RG6ASRZV76HVJGCL3FQJPRXBMU4SUISYJBEEEYA44H2FQJJROI4GOW4S6WRXV6WHDNKHCUEL4NCULDIM2YR4AO2C3RRG5OQ53IYO5HEUD3TVAMDHBLGUS3M66BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLCPD7NHGB2F7X6WAYMUCSTZWZU532I46OCF6A7JFGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEXJ6DF32ICSMUMCH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 03 Oct 2023 04:04:35 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB27GBOUZTUSNORJZV76HVJGCL3FUAUVZWOHT4MKOK7AGI6FVJ6H4UNDSUG3WWDSFBDUVHWQBKVSW36ZIW46LIC3UKQDMW2QBZ3DPW2SO4NYJNH6GW2GT5PWOPCXYHPRPF4BAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 244ms
97ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB27GBOUZTUSNORJZV76HVJGCL3FUAUVZWOHT4MKOK7AGI6FVJ6H4UNDSUG3WWDSFBDUVHWQBKVSW36ZIW46LIC3UKQDMW2QBZ3DPW2SO4NYJNH6GW2GT5PWOPCXYHPRPF4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLCPD7NHGB2F7X6WAYMUCSTZWZU532I46OCF6A7JFGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEQTNF7VG767Q5KCH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Tue, 03 Oct 2023 04:04:35 GMT

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB27GBOUZTUSNORJZV76HVJGCL3FUAUVZWOHT4MKOK7AGI6FVJ6H4UNDSUG3WWDSFBDUVHWQBKVSW36ZIW46LIC3UKQDMW2QBZ3DPW2SO4NYJNH6GW2GT5PWOPCXYHPRPF4BAIX56NNXVTSZ6HOVWAHYFI... Frame 0FF0 26 B
257 B 61ms
60ms Fetch
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB27GBOUZTUSNORJZV76HVJGCL3FUAUVZWOHT4MKOK7AGI6FVJ6H4UNDSUG3WWDSFBDUVHWQBKVSW36ZIW46LIC3UKQDMW2QBZ3DPW2SO4NYJNH6GW2GT5PWOPCXYHPRPF4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NDC43QSDNHPQX3ASFJ2OKQCHV6AREJ66HQNK7HLCPD7NHGB2F7X6WAYMUCSTZWZU532I46OCF6A7JFGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJEQTNF7VG767Q5KCH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6ASWZ5ZZCULKIP5Q/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 03 Oct 2023 04:04:35 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 1301 694 B
731 B 352ms
71ms Script
text/javascript 130.211.44.5

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=257&ttfrms=95&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&sim=3&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1696305875049781&jsCallback=dvCallback_1696305875049988&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4784&tgjsver=4784&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230928%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=15&brh=3&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.babup.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iQp161c2crsfIpJ0ItdKxa&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15173373811&DVP_DBM_4=396440060&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1287557.9598375186&dvp_tukv=269591527687.8625&dvp_strhd=0.8000030517578125&dvpx_strhd=0.8000030517578125&dvp_tuid=331669690099&jurtd=2853022425
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4784.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e4f2b8b61dcd90ba0d7143ede612aa94905c8a30ead2b0d67db19dadc2c0d6f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 04:04:35 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/02/2023 04:04:35

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
73ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

eea2e9dcb19af40219512727990baeb8ab89d38cb775610fc603eb9564bdebc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12141
x-xss-protection: 0

GET
H2 200 google-ads.=234x60;_player_ads_ Show response
fundingchoicesmessages.google.com/f/AGSKWxW5mvAJ3F0867qKpQtl1dAIoIh-Qq-6xlLthJ346fWFTOKP3l9Q35E8ZDe4zFcC8xigsNbcgT39E1-lxmtZXDotvycceuJ0b1VnBwduFvJmL12_ZuNGUTN0ODMMjFqa4hiC1XCYYnl7ZOz4AYWngPDZYwWIa... 54 B
297 B 79ms
78ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW5mvAJ3F0867qKpQtl1dAIoIh-Qq-6xlLthJ346fWFTOKP3l9Q35E8ZDe4zFcC8xigsNbcgT39E1-lxmtZXDotvycceuJ0b1VnBwduFvJmL12_ZuNGUTN0ODMMjFqa4hiC1XCYYnl7ZOz4AYWngPDZYwWIadyp_iWtBf4Th7dQ8NbnFM9pTDBJRZBT/_/exads-/ad_pos=/google-ads.=234x60;_player_ads_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.wP8cSvF1E-8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwEaHLLYiQ29fPfcJb4SA_dKK61MA/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

62e4f5bd84dc103122b082692dfa6f8f5ac34218f2c317b9a87dce9e0a054480

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mj2RXhcH4AEEkboC_-36eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-mj2RXhcH4AEEkboC_-36eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
30 KB 58ms
57ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

01c9d6ace9521c448aacde9104e7656a326c88d4fb71f69f5863002a0bb111ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 03:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30364
x-xss-protection: 0
server: cafe
etag: 13907531411952616125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 04:08:46 GMT

POST
H2 204 AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA== Show response
fundingchoicesmessages.google.com/el/ 0
201 B 66ms
66ms XHR
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EK2E-yrbb4jCkWwBQ1Vv5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Oct 2023 04:04:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EK2E-yrbb4jCkWwBQ1Vv5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
84ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 04:04:35 GMT

POST AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA==
fundingchoicesmessages.google.com/el/ 0
0

GET AGSKWxXs97hnGIMluF9HQuyIHbXF0pg53MRyGob8noTsj9w-E69ZtQYH73NOXTFWItBWFyzgL20jfojL405QmGGHlJO-DS_DrKlDax55pr98jzM-E8ls_28R5Zs9TkdXHl8UXwazfedXuQ==
fundingchoicesmessages.google.com/f/ 0
0

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21E2 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame 9AE8 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 5836 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E5D0 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.dmca.com
URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: a.c.appier.net
URL: https://a.c.appier.net/gcm?google_gid=CAESEGrkCNf9_H6KqvVosfEyvtY&google_cver=1&google_push=AXcoOmSjth7-hlihxt0YNgXCWZIQYyJhjfR6Ze_TF-0BGi6jxeJenAotjTkkIJkh68FXYkPPaEOK9Ycqtl74cchU_6UoIRBHdmpSLA

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA==

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA==

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxVANFGRWNF-ehvWUIAMlYAcTY43ncz4Kmf7I3rA0ZsRfx_UukAwhoDcDvWJ0aNHNSRkf-0ldXHBdtgVvPeaGTz3LwI8ocSEDP4aSoydcZFwKTdRs-FUiupC40whUH7J5cqwzMFSRA==

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/f/AGSKWxXs97hnGIMluF9HQuyIHbXF0pg53MRyGob8noTsj9w-E69ZtQYH73NOXTFWItBWFyzgL20jfojL405QmGGHlJO-DS_DrKlDax55pr98jzM-E8ls_28R5Zs9TkdXHl8UXwazfedXuQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2MzA1ODc1LDcyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIndQOGNTdkYxRS04Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOf_y0JIbZf7RO52UjuwPhvi04AoAAAAAOAHgBAI&bg=!4-Cl4K_NAAZN1Q_XbdU7ADQBe5WfOLcnsYAHYrCxPE2KmyASv0pID0oQa_-0E_bCcCsvQcWlz_vckAF56pS0ytuBgFnRAgAAA8lSAAAAq2gBBwoAYUNyk82wskrGZlhM_WRN3qZiqieP5OvuKqMSD1SjJ30obFmRR5BPn_hSDI6_zBG2XERk2t6Qe6WW9SLb8d3QKbXw2XGLCLgOzE1-rvUsqWkPMD3JdYFKilnz4YA21_b-Y_uZAwKUAAOVnlih_7_ZoSe6Fp2wGmOV7_bWeFYJowUC8f-zrH8fa0qBs9a3EE8un3z8kQ3i6TYDIk5g34WaKlSDGQgJFkBk8cy4AGWFp2HDoW2uldTNaArO2j-RDIXQMYH5F3Aj6y9yJjWUQ6XeZrL-Ugg4GS2-VDiSiwEXX2oRohNQZWo-PsH8eJMMVfa0oUnef5g55trPStQXXOP1Ii-mXlk6ZkrZGXTE_db80gxffjsVEa7AHmkcGsmfy6hZvU0uNoEiwVgJXBrMctt-U_zRPYey-KrknFUMRnmucAsM8oLp6oHm9fwgyMeRrCGXT8CEg6nwWSJrk5QUthBW3KtFtq86G1BYjWqKeLGzepBOUlpwJ9mg-qK8eryUgYrE9gwu1rZ-iSmSM_Vn6Olv_Bqxxl4T12nqy7wrmoZnluFmijpKiYRX0eTyDrX8mu2lcj-4QE-IMOSGZiMOTXb5XSHrOIF8NvPN1SwfiXkUgTcVmzxD6UztXcnNjhJJJ7l4EfhVEWfp-Ih91e41PY0Kaz58ZZDMuD33L6r_VCdFs8BcKegklalootS7yqnvxEQnaEwTXHMeIFLw_2r7ca2mhAfoB56l8nQWb4hn3Er-zP2pyjne8--JG54qSyNGMEmk4hY0snmmbPXQXg_MLcrr4FNt6S0yOk1o53IDGe1M5H5Jxk23kbkzceSHfVP8SmwwzV60NfOSN1nR4eNP796Jx3BRiKcxAs-48pu-kiWaGv44KKqfro5nkd5MQz_0OCXfJaYdcZyREHK3ZIiQIRDrSYaF5dw3kUxNsA6jnVIGsMiVvHwxcTn2RuXNPfzW_JGPuEQEk2j6EzMDswSIQ7FaelDaecfB6htjjR0szzGPfamGGbhNbqpDLzuu-E_GMwN8-PjELuhwgUsPoQs4lQaFVeYsiQZdR15Xl0IHhWytnVmVBW5K606Nnl7e8Q7wlWthhZLfkcbMPkmY_7GtlgMeyphOpDsXJtQ4L5oMPrDVbVq-Hjm6RJx-u8TGUzCDfV7WssBq3TfAzw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1Z0FWpyrT0U5DSTYPpSiqCFsh6Nnh4vuN4BqE2VNQBf5xMo-5CSreGk8P3s-6bpUNwddRZc_zlCOqIVof5A1HAA1t9QI7hsDsvUhQ_Z8ZbidelOLy6VyF0F86EJufU8SujiC-of80rw&sai=AMfl-YQopKpA9mjExdWjcvrTOph9kwJ1jY_-p2k-dDpjggWX4yCMckjleWVx00eLNfyWztngvdJqP81kFf2ucKKKswJhCD7leENA0OW_6vGSt75qRnDOloRbnCotGiL5MS8006yBoRXJv8iCSD_Jjw&sig=Cg0ArKJSzEpy7Abrbpc5EAE&cid=CAQSTADICaaNhZNH7owrDdrh1vtJ4y7QjJZ4v_PDKc4pDfPfabjMdKNpPuLcaznxuclywpmgyTBu2GNL4vB8udVQxXJPV5amO3DmtdKuOOEYAQ&id=lidar2&mcvt=1007&p=0,0,94,728&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696305872470&rpt=2288&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Tue Oct 03 2023 06:05:27 GMT+0200 (Central European Summer Time), path=/
.babup.com/	1970-01-21 00:47:45	Name: _ga_3T7TKCZCC9 Value: GS1.1.1696305869.1.0.1696305869.0.0.0
.babup.com/	1970-01-21 00:47:45	Name: _ga Value: GA1.2.136624027.1696305869
.babup.com/	1970-01-20 15:13:12	Name: _gid Value: GA1.2.231849049.1696305870
.babup.com/	1970-01-20 15:11:45	Name: _gat_gtag_UA_119779859_1 Value: 1
.babup.com/	1970-01-21 00:33:21	Name: __gads Value: ID=aed65478eeaef2a0:T=1696305869:RT=1696305869:S=ALNI_MaltCCApCZ74IOOV5Kx0LJyH4TXyA
.babup.com/	1970-01-21 00:33:21	Name: __gpi Value: UID=00000c8b6c020509:T=1696305869:RT=1696305869:S=ALNI_MZQ5XS0PT7oEvewahfoqe61o-sjjw
.doubleclick.net/	1970-01-21 00:47:45	Name: IDE Value: AHWqTUnFYnSNGuq7PE__jdaF0kZeD2_n3kItuuH9LuLP0izPPKM6expfFyhVg1C7IGc
.googleadservices.com/	1970-01-20 17:21:21	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-20 23:57:21	Name: CMID Value: ZRuS0de.3dknysOfCHT5vQAA
.casalemedia.com/	1970-01-20 17:21:21	Name: CMPS Value: 2235
.casalemedia.com/	1970-01-20 17:21:21	Name: CMPRO Value: 2235
.bing.com/	1970-01-21 00:33:21	Name: MUID Value: 104F91889E3E64F01E6C82179F4965F4

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 102) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
adsdk.microsoft.com
ajax.googleapis.com
ams3-ib.adnxs.com
an.yandex.ru
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
c1.adform.net
cdn.adnxs.com
cdn.doubleverify.com
certify-js.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
im.bluevoox.com
images.dmca.com
match.adsrvr.org
mts0.google.com
obs.cheqzone.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
region1.google-analytics.com
rtb0.doubleverify.com
ssl.google-analytics.com
t.adx.opera.com
tpc.googlesyndication.com
tps.doubleverify.com
widgets.outbrain.com
www.babup.com
www.bing.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zem.outbrainimg.com
a.c.appier.net
certify-js.alexametrics.com
fundingchoicesmessages.google.com
images.dmca.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.file-upload.org
www.google.com
104.18.27.193
13.107.213.45
13.107.42.14
130.211.44.5
142.250.181.227
142.250.181.234
142.250.184.193
142.250.184.200
142.250.184.226
142.250.185.194
142.250.185.206
142.250.185.228
142.250.185.66
142.250.185.72
142.250.185.74
142.250.186.34
142.250.186.66
142.250.74.206
146.75.118.132
157.240.251.9
169.150.247.38
172.217.23.110
172.217.23.99
174.137.133.49
178.250.1.9
185.89.210.20
188.114.96.3
188.114.97.3
193.108.153.19
213.227.153.220
213.227.153.223
216.239.32.36
216.58.212.162
23.32.185.60
23.35.236.188
34.160.236.64
34.199.234.25
34.205.126.186
35.71.131.137
37.157.6.237
51.15.15.22
52.45.175.185
82.145.213.8
91.228.74.251
92.123.104.47
93.158.134.90
00d3e56b3dcd59dab2582213942d6d38eb138538ebbe56b69cef9bd896aa0d5a
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
01c9d6ace9521c448aacde9104e7656a326c88d4fb71f69f5863002a0bb111ec
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
07c64250a1e199658568bde49cfcba56c06ccdec50a9eda36a873f2d4a7639ed
0900b25347fe8ed7071bceff0d3e3097c06fa5d2d6d8dfd97ec767080a44df63
0ae13614a6742dd198741c408a22bb80cfb4f3666b96ee51b837310196c17f30
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14eea0640f2efc02ead3951f31ebf1d556d0b18071e52d95db75c86c08cfae6e
158c68351357af7746b29b2b855b68ca162e7311743b0e9fb536885dc2d0d46e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199a882d06f39644c2c8f29b6dcf69fbd3094845637c923d732077ccb12e47b1
27bb3ca1a93c5079b313320cf72c4057818535462f4546c2a83baac6914f3130
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2c90600dd6c5920a62651f90422f2819f8ea2ad622d05f94808e12b936182e4f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33404d6d265a04c06d053e40cf64fc2514de87cfe41c9546c4af2cd745a32d8e
396e4e4893e1488780934904be964f01b086e8fba819500729ad81c6b117bfbe
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
423e937aa271b7b1e13a08cac7de4d2bd731f2f69ee15a471449900b61d49c25
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
486fd7073b5fa87ea58d93c5331de184deeac3e34bd855027bca7b912244f57f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
567679aa7221a83c72738952e1071134e34fb69cc46961e677dd9b585a506c5b
5a4d307fe75c54e535a5edcfd0a2d36758cd634b46b6f13cabf0ec0703e18b96
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e4f2b8b61dcd90ba0d7143ede612aa94905c8a30ead2b0d67db19dadc2c0d6f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
62e4f5bd84dc103122b082692dfa6f8f5ac34218f2c317b9a87dce9e0a054480
63925079c67f38cdfaf0579f822d3b8a2d8ce6f283bee892c6257c875ca78004
650806491a1ea86dabb9619d8f5073a16bb59195991ab6f6ae0a0b668b587339
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7080236ace3e780f1dcc51f6ef9527cec440cb50b86f4d90bde61c11afd14619
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee
7beec70405f8936ba7910c2160926920ab158b324b19eb7833d59e91d3fe931f
84fc64a6f959319407ac0c2588a4270c3c904927e3bcecb27f1a2fc374e6e2be
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8bfdee05f39010efb0e0510f5f5fd4134e3e17de41d04e7708af86f3635691b8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee17e2c291ee14aab62c46d3a894f8b20f63e583f1915afe812ce1f8372fbb2
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
90b5b4c693534c51b7c575fe57dfcf1ae7d8c680d66cda9826b6c1edfb88d710
9280fc33175448c5507ac6c072534b38adbedff69248bb67940a0c1e598d876c
94011d8d29bb74c377a80ad50aadae2a5127bf96d7ab8c53f7a84bb02a46ea61
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9accf58a921b17b00c567135d3b9062e91be0d79c9eb11c4b66438d3706b5360
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39cbeef69e037fa74281164331bf384600f0b62afd1f08219ac67f7c9776010
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b5a598392e68f988c7745f10aff043418156b4f27a73fb571aeb2e9f91177822
b9212d88152be18cbe843894abae57f5c7623194b6f71cbb165901224aff4568
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bc6de1aaf4d0d6db87b79404f3982a906091f790920d5965a0ba1602a88ecb4e
bd6cb3b815a08449dac544b768e4ad9e98a064aacc866a41421118a1c44178b4
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bff8728b070bdc95f1db6b1e922b3fd9a536a73314cc1d9a73a508a96c904848
c2c4e74f341782ce2930854ade9b369b998b3b4bf3fc5ca8ae14dd540d1decee
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
d2fb8a5895a0b9f97dcf3b5bd5ccb696afd51526f24c6f9be6af716238c7953a
d4faa01c23a4b4377d9f1bcccf552794d1b6eac54ebf3bdf22cdcb78542cc3fc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd678b20e4f5d8956974beb4bdeb7a9c0e1e2177fd628deac8eb52c449de6883
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
df0099ecbfdbe460edff9c3d4c4c424dc7eacaf662628a9ae489c28db359034f
e2f915e28e856c0a2a9171d34d9a9c37d74f18db3f08fd20f38655954c6c403f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c46e7f487745f1dcc7c4fe1eaa8b76b4de2dd02fce0f428100a8ea7e1706f2
eea2e9dcb19af40219512727990baeb8ab89d38cb775610fc603eb9564bdebc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.babup.com Open in urlscan Pro 51.15.15.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

84 %HTTPS

0 %IPv6

36 Domains

49 Subdomains

41 IPs

5 Countries

3033 kBTransfer

8101 kBSize

14 Cookies

31 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

84 %
HTTPS

0 %
IPv6

36
Domains

49
Subdomains

41
IPs

5
Countries

3033 kB
Transfer

8101 kB
Size

14
Cookies

210 HTTP transactions
18 data transactions