www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/9avfkcdcet8g
Effective URL:
https://www.babup.com/file.php?get=9avfkcdcet8g
Submission: On October 10 via manual (October 10th 2023, 5:30:46 am UTC) from US — Scanned from CH

Summary HTTP 235 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 22 domains to perform 235 HTTP transactions. The main IP is 51.15.15.22, located in Tooting, United Kingdom and belongs to Online SAS, FR. The main domain is www.babup.com.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.

This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 29	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.15.15.22 51.15.15.22	12876 (Online SAS) (Online SAS)
54	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	169.150.247.38 169.150.247.38	60068 (CDN77 ^_^) (CDN77 ^_^)
2 21	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
30	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
12	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
5	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
3	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
8	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
8	2.16.238.5 2.16.238.5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.208.239.138 3.208.239.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
6	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
4	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	() ()
2	142.250.186.102 142.250.186.102	() ()
235	31

29 188.114.97.3 (Amsterdam, Netherlands) 7 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.15.15.22 (Tooting, United Kingdom)

ASN12876 (Online SAS, FR)
PTR: server.babup.com

www.babup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.238.5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-5.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.26.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.239.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-239-138.compute-1.amazonaws.com

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.4 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	684 KB
36	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net ad.doubleclick.net	302 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 951926	548 KB
12	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 541 rtb0.doubleverify.com — Cisco Umbrella Rank: 941 tps.doubleverify.com	252 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	535 KB
10	google.com 1 redirects mts0.google.com — Cisco Umbrella Rank: 4394 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2	126 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
7	file-upload.com 7 redirects www.file-upload.com	3 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	252 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	602 B
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	34 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 547	994 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	2 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 518 www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	38 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	176 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	628 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	147 KB
2	babup.com www.babup.com	9 KB
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1376	175 B
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 13957 Failed	5 KB
0	alexametrics.com Failed certify-js.alexametrics.com Failed
235	22

	Domain	Requested by
50	pagead2.googlesyndication.com	www.babup.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com www.googletagservices.com ad.doubleclick.net
30	tpc.googlesyndication.com	googleads.g.doubleclick.net www.file-upload.org tpc.googlesyndication.com ad.doubleclick.net
22	www.file-upload.org	www.file-upload.org www.babup.com
21	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.file-upload.org googleads.g.doubleclick.net
12	www.googletagservices.com	googleads.g.doubleclick.net www.file-upload.org cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
10	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	cdn.doubleverify.com	www.file-upload.org cdn.doubleverify.com
8	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.babup.com
7	www.file-upload.com	7 redirects
6	s0.2mdn.net	www.file-upload.org s0.2mdn.net ad.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googleadservices.com	googleads.g.doubleclick.net www.babup.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	www.file-upload.org ad.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.babup.com connect.facebook.net
2	tps.doubleverify.com	cdn.doubleverify.com
2	ad.doubleclick.net	www.googletagservices.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.babup.com www.googletagmanager.com
2	www.babup.com	www.file-upload.org www.babup.com
1	www.google.com	1 redirects
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.babup.com
1	ssl.google-analytics.com	www.babup.com
1	images.dmca.com	www.file-upload.org www.babup.com
0	certify-js.alexametrics.com Failed	www.babup.com
235	35

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.com
www.file-up.org
www.dmca.com
safeweb.norton.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2023-09-25` - `2023-12-24`	3 months	crt.sh
www.babup.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.babup.com/file.php?get=9avfkcdcet8g
Frame ID: 46E6842A9794D3C22DE986FC40F9D17A
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 50FE89CF753F33018735D2CB0EB7C9D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1696908641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840066&bpp=8&bdt=854&idt=1165&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1794317241890&frm=20&pv=2&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1215
Frame ID: 105E4A5901C4ADDAF0B0BF06056FA526
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218
Frame ID: 932A0C6E40EF260FC49F14F8A38DE57F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840532&bpp=6&bdt=1320&idt=764&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aFAwFXTohf&p=https%3A//www.babup.com&dtd=767
Frame ID: DAC9F937EE8FC195E2C73D7379E0917A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840541&bpp=1&bdt=1329&idt=762&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=p2XYXexr4V&p=https%3A//www.babup.com&dtd=765
Frame ID: 516814865D565206ACAC7B56C24099B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 595FF53FCF57DD26F71D8C6550CBD419
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 74E2D2E760500F2DE64705F68F06A3F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696908643&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915843192&bpp=1&bdt=3980&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De47f6dd21bdfce89%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MadZaOeIJFtMUhL9mjQVAV4xtvtpA&gpic=UID%3D00000c93535b300d%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MZXPkTTszCe5RsmgR_6ruC4Li0szg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&psts=AOrYGsnIRqr34vbJGwK9c9GWH4HWdZxjob5ezb7wG1jFPt4LN9CEqD0rTXaGXkZNSdVsxXjk5NbwyCBiZuiy8_mDDLD5Hp0t%2CAOrYGsnUPNYnxo_OD1hqpYQrFDVwfilbG8lcMtyoBakuaLSTRNmD6TWYigZzK8AMiDPj3gr4v0dVnsT2bnyIgpyxtz-OAQ&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qs6ynfkExO&p=https%3A//www.babup.com&dtd=557
Frame ID: 5D344EB05E84FC46EB1901D4437FC995
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696908643&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915843192&bpp=1&bdt=3980&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De47f6dd21bdfce89%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MadZaOeIJFtMUhL9mjQVAV4xtvtpA&gpic=UID%3D00000c93535b300d%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MZXPkTTszCe5RsmgR_6ruC4Li0szg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&psts=AOrYGsnIRqr34vbJGwK9c9GWH4HWdZxjob5ezb7wG1jFPt4LN9CEqD0rTXaGXkZNSdVsxXjk5NbwyCBiZuiy8_mDDLD5Hp0t%2CAOrYGsnUPNYnxo_OD1hqpYQrFDVwfilbG8lcMtyoBakuaLSTRNmD6TWYigZzK8AMiDPj3gr4v0dVnsT2bnyIgpyxtz-OAQ&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ACra5X5anN&p=https%3A//www.babup.com&dtd=561
Frame ID: 8936736C40348F03B4FB4174DD3EA9E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: EF197D23F6D3AB9DD191D4C3C349F32C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 85546DDB4D43021B4450501D11729F18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 814D0CED48C5EE5F8FA3A044F070BB9C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: C04F40E37FEB3696B449696F22AD9783
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNXUuk_gzT1K98anGABswzaYVuYG6NJh7t1WoAbGbuM-MfGJJzOsYRLy60nXik55_b0Or4PNszoTKlnwLDRGa2S3ZBiTgQ
Frame ID: B82CCB74FCF594FDDD2F4FAE91A4E0B0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 55A1DFCDC4058AD434672B5BE82F7216
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNVYcSop9A2oI7qySSHyY1leNitj-T0GvHxFaMlcuiGvvU1AzpUtRW8oukhzqdGLJIjPG2hvEueQd1KJEP0zCc67B0ZBOw
Frame ID: 365F8E9685E01D7A2B8268AA229BF3AB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A1BAB18DE50DE6EF259CD4706118E1C6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNUWLtKajpaV6_80IxD2quV-HNsObg3Ig-d3G20shHeGGfkRYk4ay_W2SX-L2l3aZJd3hfaQk4dIrqYcZ6QRHX7BGZONaw
Frame ID: B66D3D6757A3D601D850FF81C8A76F7C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6C701C20CECB2AA666055D4F7CDAB880
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7DB4A0B4571B1724E388A0F6DD779F96
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AB63B60E1483615468948AD9BCE6F76D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4D4DAE4DE9F5CFCA3DCDFF7D8DCAACE3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 838088145B992A6C9843662F30EBA93C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 13ACBA3DE03538000677C627B4278940
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Frame ID: 39086E3DBB93AD338ECA80EE374924F6
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
Frame ID: 01E472527793742934B2493643C93D01
Requests: 21 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: 7BC1AAE3961ED0790C5CAD9E781761AB
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=h1qe4k;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=166;prcl=s
Frame ID: DDC0BD28DA4ABCBEF0147423A832D88A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4803.js
Frame ID: 2F588C5C5225C53EA05D472F0D2CF9B2
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s
Frame ID: 0A8B227710F94C7DF0309913235F88F1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D5BFB376855DFFA9ED46384AA9D156A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F644DC6F9FC02A22C4F8D5A7EFDF0D90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/9avfkcdcet8g HTTP 301
https://www.file-upload.org/9avfkcdcet8g Page URL
https://www.babup.com/file.php?get=9avfkcdcet8g Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

235
Requests

80 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

31
IPs

5
Countries

3221 kB
Transfer

8804 kB
Size

18
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.com/9avfkcdcet8g
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/9avfkcdcet8g HTTP 301
https://www.file-upload.org/9avfkcdcet8g Page URL
https://www.babup.com/file.php?get=9avfkcdcet8g Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/9avfkcdcet8g HTTP 301
https://www.file-upload.org/9avfkcdcet8g

Request Chain 16

https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
https://www.file-upload.org/mngez/css/app.css?v=1

Request Chain 21

https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
https://www.file-upload.org/mngez/js/app.js?v=20

Request Chain 22

https://www.file-upload.com/assets/images/logo_new.png HTTP 301
https://www.file-upload.org/assets/images/logo_new.png

Request Chain 24

https://www.file-upload.com/mngez/images/anti1.png HTTP 301
https://www.file-upload.org/mngez/images/anti1.png

Request Chain 25

https://www.file-upload.com/mngez/images/anti2.png HTTP 301
https://www.file-upload.org/mngez/images/anti2.png

Request Chain 27

https://www.file-upload.com/assets/images/norton.png HTTP 301
https://www.file-upload.org/assets/images/norton.png

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=CxyWsgeEkZeKJLqWSkwOW2oSQB_vdhOpy7tzepfsRZBABIIK6uHxg9YWAgNgEoAHizfDdA8gBCakCx822KnaHsj6oAwHIA8sEqgTHAU_QYqPomcU-JAc2khcZXx9wyUuwK1r6OORrIsqT2H4x3TIIwYDF0SCqHleoLtWJiGroDq0DrwnT0PxIlS0DlAkn75mQeu8ebCR40uZ3pDldN4HCb4aP8-3W0bEyvUEBOT3poesr3YQB_mznTN0HM0uPbBytYJf2HW6m7nsp55wY0CT6iv-44NKSTvkZWrJdWOhvlS-9A3Dy9zWsicfBPAd9NOYbq3_lTrChDJkH98-mhujQVFQ3NTE5y3Rmy5ccKe5iZKlPqDnABNjMxJejBIgF6u7blkWSBQQIBBgBkgUECAUYBKAGLoAHhrKPIqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI2QBNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkjaHR0cHM6Ly93d3cubGl2aXF1ZS5jaC9kZS9oZXJic3Rib26ACgHICwGYDOuNupyhBNoMEAoKEPDhuqLxw7udERICAQO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=D6PH_ym9FBA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNGzONxaiU1Uyir56Yzi4_P9aH0vQiZnCznX9qx6OuceMQbO6qc3pdM_Thzo3ry6VaeoAG8L6yn5V_yxtaS7jaLIw-EvGKAhoYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x65a88367292fa0aa0000000000000000%22,%222%22:%220xe46b86088445b3b70000000000000000%22,%223%22:%220x8bddea35c02304fd0000000000000000%22,%224%22:%220x68515c7a67a226070000000000000000%22,%225%22:%220x5579ff93ab874e480000000000000000%22},%22debug_key%22:%2213099952314482893751%22,%22debug_reporting%22:true,%22destination%22:%22https://livique.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221002186466%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214780501322660010689%22}&andc=true

Request Chain 87

https://googleads.g.doubleclick.net/pagead/adview?ai=CoEGugeEkZYPhLYuM5LcP6YmKoAfymdKpYK3GxZHDDb3v2r_NARABIIK6uHxg9YWAgNgEoAH3ncOSAsgBCakCDGksNTe6sT6oAwHIA8sEqgTGAU_QE7Hp3qsmNA4-sIG5aqfMOBxjuWLaut6hYjjkFK6WSS142Zn2OPR--kK_ycgkuASWZVu1sKR0CfS2RYytwjUiFxdBoC178Drx3kt7oKACs44NofTQe8dW2tRpAdTKB9C88EC4IK_RIurGRfs2cxZ8Zn9VhV4212bVjagFh2zGuc3cHKZ_TlDmqUEXbdxF0pZVEuCZAmU9dvyns0HBULwrjIJJDhfwcEGhUUftAOjzVGAseXibMZYpQfh9q1VpZonybs0gA8AEhK_IgtYDiAWnypHPK6AGLoAH8eG87QGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCCrQnSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJG2h0dHBzOi8vd3d3LnRpcm9sZWQuY29tL2NoL4AKAcgLAdoMEAoKEJD9r6nZyPu4JhICAQO4E-QD2BMD0BUBgBcBshccChoIABIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=gNo3zOCkwIE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN-8YWvwOgadN4qRMBNyobU7hXWzo0lpS4aPELLm99ruNhO7wbMn5R2AXvFYwRiOe2lOP36TIA5JBi3forBIjnwuqr1Qbc6xgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1bbb78106ab4056b0000000000000000%22,%222%22:%220x8371349e4f6066eb0000000000000000%22,%223%22:%220x2b3a25247154d8770000000000000000%22,%224%22:%220x52bbe1109d746f330000000000000000%22,%225%22:%220x1da98f5adfcb1b9e0000000000000000%22},%22debug_key%22:%2210270185923733653470%22,%22debug_reporting%22:true,%22destination%22:%22https://tiroled.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22575721207%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221653074676111820945%22}&andc=true

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSThhKuARRFxU39pDY1njwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGvJ0wEfNpVuT7vYoWDXADQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGvJ0wEfNpVuT7vYoWDXADQ%26google_cver%3D1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2NDgwNDkyOTA0OTI5Mzk3NQ%3D%3D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwvI9s-Zx5hVka7KHe9RqQ&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEwvI9s-Zx5hVka7KHe9RqQ&google_cver=1

Request Chain 143

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjgwZGQ2ZDQtN2I0OC0yYzE0LWQ4OGMtMzNmMjUxYzBmZTli

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJyWfOo1exm615DAmzVzpJ0&google_cver=1

Request Chain 145

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjNhYjNjZGItM2YyMi00M2YyLTkxYmQtNjg4OTA1ZmY3ZWMy

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEN8VfP-5tGOvRvG9lDUEsZo&google_cver=1

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

235 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

9avfkcdcet8g Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/9avfkcdcet8g
https://www.file-upload.org/9avfkcdcet8g

27 KB
7 KB

625ms
102ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a35cd5f707773939d41fd3cfd24ccf64c7d12f45c3a150b239f982067f3a218

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 813c78f63fc3020e-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 05:30:38 GMT
expires: Mon, 09 Oct 2023 05:30:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqErVOjTbM8q8PwPjSyVh%2Bx%2F%2B2d0kYT1bFHk5C0NEWxOXgtTTRHwdNmZm%2FcrGts6kQx5cGtu90%2FkLvbQPvscyIkA%2FPDwrgbKPgbIWos7RN%2BbcH72O5MLlNaGvmVW5FucAhoMO32h"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 813c78f21b60f0fc-CDG
content-type: text/html
date: Tue, 10 Oct 2023 05:30:37 GMT
location: https://www.file-upload.org/9avfkcdcet8g
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkWYtbDlF11U16E9FunCqacjxMYDmOyTEfyWwV4HegUUsz8iccQFbd82gRrtzQMlTgfbIEjz5uUdAGq8L9Pr3sDUls4TkpbJxB1zJQrzUMI1YR9JUG0e2MEi79HVRviQ%2FzlWI3Vn"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 172ms
171ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 968295
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YE%2BmDgeDZuRF3ENu7fZTJhIZTwVTU0IgXdIU0CDNmXvChr7DTFhYUokQIc5g%2FW51u3XGX%2FpbWok5aLI90qPLJZMvJoExVcAzHSlCsc1iAXCGo65Icjbu8hgfYqy1f108wvEcpuA6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 813c78f748d0020e-CDG
expires: Sat, 30 Sep 2023 00:32:23 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 188ms
187ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnUwJN3lkILjuxb4dWOLsFcHGzwjbRBWq6YaAfnm0RovO1U8%2FxP5CoEfCHrCJSoynHOxVbcZublCANYmsA00tUgHZnrn2waB7iZgkuSutHq0K%2F5dogSDr0dylA0wb4n8k0BvGavk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 813c78f748d2020e-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 99ms
99ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352388
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4BPsaaX0D1Mp%2FveAJsNMW%2Bz6%2BtOSCcfKe8ti3BVd0m5C70fHSKWvr%2FOA478eO0erxbqAWoLOha6dE4bnLY3VQ4p5ORytjFWclEHA3stBXyTKjdwW%2FP%2FJZB%2BAyNtgpRVb9BUzGip"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c78f859ee020e-CDG
expires: Fri, 04 Aug 2023 16:57:30 GMT

GET
H2 200 email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1020 B 109ms
108ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 12:54:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651eb1ec-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqEbPvdqkX4OL1R9Exf57WHyA%2BwKuHquSK6Q6ap2KReADhDwzXwJFJO%2BB6Swn8mQNkOxKJJ%2BDdHJNwr1cdXae70V5xasX5%2B1yPUp2pMLpcVoHRTNt8o%2Fbsw9dulBfv1DUB%2FPvDWn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 813c78f7f990020e-CDG
expires: Thu, 12 Oct 2023 05:30:38 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 150ms
148ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352388
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAZ1GfW%2FkqrWMW5K0Kb81OTTMwWkF%2B2nxhXXk0t2vOz0OHA1%2FbPYjuUksjOgfW0U1Y0%2BgFBQe4I%2FSS%2FiJpgjnj4uDLbTZHjDmW56939SZgPub2DqFYGfas05Yb5BdLqH9Yhn0HXA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c78f88a0b020e-CDG
expires: Fri, 04 Aug 2023 16:57:30 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
987 B 106ms
105ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352389
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07AoOCQnZM6kSCIB1KZvIE5qg6L2rURu5bM5xU84Z%2F9abm2jrf6BJLMJkhHz4OxT%2BcaWeeueSZdHsYSkx8dsz6KdSvSLv5q3sQ1DU8aFtjOGVuMZDz6C52NZQRDr8KEjtH7Spwwn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c78f88a0c020e-CDG
expires: Fri, 04 Aug 2023 16:57:29 GMT

GET _dmca_premi_badge_4.png
images.dmca.com/Badges/ 0
0

GET
H2 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 113ms
112ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352388
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX0P23kpT1Ic39HvnackH4qpkg2zDa7%2BkQG%2FULaDGGDW7bauAXQJfqpKxAQRyIMCT5VnIIiAlV6d%2Bp%2BGXrQxNxbpD4QTCtNbHzzay9eMM8J0UpSU5ppHCz6MAXu9R9KTFSqm%2FoNr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c78f88a0d020e-CDG
expires: Fri, 04 Aug 2023 16:57:30 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 109ms
108ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352387
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICRgPltQERYAvqmNBkVd9hQboGz9QbM8lVM7LAdQ0tQELYvrwcVUmaYOzz3vOhZZXaVf8DILHcFdCZ2iDh%2FO8vZ3yfLdch9TMLvyAb%2FYdNSJHjKGmbYROwAvJxn6odY2oE63WMPY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c78f88a0e020e-CDG
expires: Fri, 04 Aug 2023 16:57:31 GMT

GET
H2 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 101ms
101ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6112
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEJYdcb6YrTevZ8a38GZSJ2YX4BrbrpMo%2FKw3X6c1vXOGP7IMa0TRquEd9wDgxRWnvyjnvi32UW5lkOofOTPpBKAixYPL2ElpYMIUQd0Glrq2GsWXH3oX88st3OtSiI5VMNpy%2F89"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 813c78f88a0f020e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 142ms
142ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3194
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePj0u2N1dqF2ey9EJGHZduNEph7RYu%2FKG%2FS5QiMaDjZRsrl0xyGdPrOhyuiGeMtrE4tDxOug1lXSECyEPTcaL53FZb7P2afXAA6oW3SakEXB%2FffG7Kumcf4KQGgh4DU4%2FZdNB4BR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 813c78f88a10020e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H2 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 139ms
139ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:38 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6791
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB1lr43hYMq81%2BBrl%2B3uqjujg9SA%2BJfkxPpqQFxmrMqF9J8BrW6aEX%2BZ8VubUNS4%2B%2BtmOH9EEIJMXhfiHWPKToq3ZzES6glTFuoVUlus047dBPXmt7bPbTmyo5PpUlenTbtBQ21o"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 813c78f88a11020e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H/1.1 200
OK Primary Request file.php Show response
www.babup.com/ 23 KB
7 KB 402ms
105ms Document
text/html 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/file.php?get=9avfkcdcet8g
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 Tooting, United Kingdom, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips / PHP/7.2.34
Resource Hash: bf9a6701fbb25440341484131c369e95c90ee545b43c2276bb795ad4532bfa78

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6845
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Oct 2023 05:30:39 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.2.34

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 719ms
127ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

def498d5d96e40a00d550f06901eeb172883e6ebf2b56da7154862a15a98f6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51567
x-xss-protection: 0
server: cafe
etag: 10142183588363566366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:39 GMT

GET
H/1.1 200
OK blockadblock.js Show response
www.babup.com/ 7 KB
2 KB 58ms
58ms Script
application/javascript 51.15.15.22
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/blockadblock.js
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.15.22 Tooting, United Kingdom, ASN12876 (Online SAS, FR),
Reverse DNS: server.babup.com
Software: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips /
Resource Hash: 7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=9avfkcdcet8g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:11:48 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2o-fips
ETag: "1b23-6038039110a59-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1948

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 631ms
93ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

217d849bd408dfc27046a8c03a28f9ac136cfdab21c740ccbe3a8472f89d3614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69005
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 05:30:40 GMT

GET
H2

200

app.css
www.file-upload.org/mngez/css/
Redirect Chain

https://www.file-upload.com/mngez/css/app.css?v=1
https://www.file-upload.org/mngez/css/app.css?v=1

247 KB
41 KB

73ms
73ms

Stylesheet
text/css

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 968296
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYHlbBPQYmsO5flaoRtSpEUgxPhqfJQdg%2F94O7z8S8FJjWGeGxzny6uoPqommHuD81FyIdcx%2FcR%2FrfymibOyQICeTiq1s0eoi%2FgQ7IuKvY3za7MVh%2BR8m0hX1eBg1BT3PGrLqASw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 813c78fbaccf020e-CDG
expires: Sat, 30 Sep 2023 00:32:23 GMT

Redirect headers

date: Tue, 10 Oct 2023 05:30:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 551
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4JIgqb%2FOUEi7k6BC8ao0ueXZAsHCOX3jdR4QGtW0zl%2F04ybWD9YUVF%2FCDlFg1Bm%2BVAmyaIiZuChha%2B8dcXkl7Pj%2FefVvN7QIuexiF2%2FC2JaneSNCDDpLcVXu%2BdUR7RDXB45Ay9H"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/css/app.css?v=1
cache-control: max-age=31536000
cf-ray: 813c78fb3a7ef0fc-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 982ms
220ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

b1ec162fb40313327aa6b7f086ecb73f133f5808711b174bd9e3830b1330b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 05:30:40 GMT
content-md5: kR7fZYDAntbTPFv93zbklg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88121
x-fb-debug: iKHx+ZGL6dF/qN5N0Sfii+N7Ge4jQN08Txs2dM4i8R1UwbwcWKMXSNxCBPZYGlJeejArNZlperTyyAp7V07LqA==
x-fb-content-md5: c51da84a451dbd9757fc3a86a7e216ec
cross-origin-opener-policy: same-origin-allow-popups
etag: "314f5c16c7b5e0df7cef4c00fffcfe2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 08 Oct 2024 01:36:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 633ms
77ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

242a82c96ad7bbee333f2ad239495262973e6d679ddb4d7a5265a53aa3dd73d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 05:30:39 GMT
content-md5: II+GqQKlkm8I86pwxkpavw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: diSZ5jFxrCAAAbxfkEO2f3oKviqv2h45xyo9hu0fir8evawsXf8gaQLyl+WlcaIdBGTzvrpK5mUcFmiKnJh2Pg==
x-fb-content-md5: 54299ea80979f786afe2e3279b55ffd2
cross-origin-opener-policy: same-origin-allow-popups
etag: "4de3a499005a5eade247157ffce4df7a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:49:52 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 597ms
78ms Script
text/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 03:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 10 Oct 2023 05:51:38 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2

200

app.js Show response
www.file-upload.org/mngez/js/
Redirect Chain

https://www.file-upload.com/mngez/js/app.js?v=20
https://www.file-upload.org/mngez/js/app.js?v=20

235 KB
80 KB

123ms
123ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:39 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=146bvsedZ%2BuUSJHEiYSdn2dXr6o%2BM%2FLXR8h7k%2BOBeEL1XuzmR6AKwxor6qVxxvU73no4k5RFFXXA2LjpbkKLcZxdatHh2ayma7xgvq3EZShEGPhVeEPOpqEnBCvRy0GeOVLKLrhP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 813c78fbdd1c020e-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 10 Oct 2023 05:30:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 551
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMAlVQY9teF%2BQsNmklJi%2BsCtClSx51wgl%2F2dM1iyjyugJyW35QKtsY1uoYooEKFgvjAr6e%2B7SFt2v2XBSfJzN%2BA1m4EyoJ%2FOj1NPPb5P2hJCKGFVR3rONxoIpCjWjtl61oUfKSOe"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/js/app.js?v=20
cache-control: max-age=31536000
cf-ray: 813c78fb3a7ff0fc-CDG
alt-svc: h3=":443"; ma=86400

GET
H2

200

logo_new.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/logo_new.png
https://www.file-upload.org/assets/images/logo_new.png

3 KB
3 KB

140ms
139ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352390
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FPFg6txkQXBgPlEnN2OHLP1NYThjkWp%2B67o34b4dA6FW9R32l%2F%2B0Gfk3mKG5EVLHzBvIFTxo3vz924BOHtSZCL00VsUP55klsnhVEe5Rq2K7e8Jumc1aHqlLZ%2BdnfBZx7bao1z5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c790149ea020e-CDG
expires: Fri, 04 Aug 2023 16:57:30 GMT

Redirect headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPnoRIgGxjjNDYFsHhb1nbqT5edV1%2B8n4AIvES5y2giF%2BSMmcMDFWBev%2FdPGr9THzv1YXnlj3ycWzt%2F8qiO5M26ng%2FVJHBidgtZJ33P71UEYLI2AMbgv2eKocpGcOIoIRK2u5pzq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/logo_new.png
cache-control: max-age=31536000
cf-ray: 813c7900082d027f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 606ms
72ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Oct 2024 20:18:55 GMT

GET
H2

200

anti1.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti1.png
https://www.file-upload.org/mngez/images/anti1.png

19 KB
19 KB

169ms
167ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352390
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8Nq30nfO3PL6lDGkxDsMHiV0q4XXuq6PcmrDVtMmCwaQBUyUKShEpfnJGhum6bQ%2B39dOIBVbvaAU0WI%2FB1RMWiL2UklrJJuHK5KI5qIE7tiacYB2T1qVCz8avWWwLZIQgs%2FgNWd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c79017a21020e-CDG
expires: Fri, 04 Aug 2023 16:57:30 GMT

Redirect headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcTfEhJ2q0ZJ7CJ78HLYsBC5fc0c25jx0V5lkMK8YeTua905v69v%2FvFuxyvanoikgdmNrLxVZKqFo8jDwbSsAiFOSFpXm9YUYQRUKTx0D%2BAxOpzw2fDaCNVg%2BPrGUVYs6fWE%2BUih"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti1.png
cache-control: max-age=31536000
cf-ray: 813c7900082f027f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2

200

anti2.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti2.png
https://www.file-upload.org/mngez/images/anti2.png

641 B
982 B

158ms
156ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352391
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnrICZbM1WoHTjh0%2BfLzRoPOv7SvDNserWtGch91UqhjBVFz22rchE1rCZoOpous3i%2BCuL9prfpiYOQYVB65LpNQfE1SdoQgrL3RlY2dOpiFrTFTto8IOXE9LcrEeVnV1NQ6s5yf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c79017a22020e-CDG
expires: Fri, 04 Aug 2023 16:57:29 GMT

Redirect headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvgPMSxVZp8LWWGcJEm%2FxLMksjbTFicMGWmx9vfgogGvFAATVVqeHatYJUe%2F9bHJ9wdPlZPUnTv3VxTWLf8rTXaV5aNU19thc8xwVM8GXba853dgQubAoGjcIm%2BkcMYu4p6Wnabk"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti2.png
cache-control: max-age=31536000
cf-ray: 813c79000831027f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 138ms
135ms Image
image/png 169.150.247.38
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=9avfkcdcet8g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-38.bunnyinfra.net
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 7e698805af7fffca701d19ffca2d6b28
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

norton.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/norton.png
https://www.file-upload.org/assets/images/norton.png

5 KB
5 KB

167ms
165ms

Image
image/png

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/
Protocol: H2
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352390
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIfVOfRIItI39IM4LqCmurX%2F%2FrRlil%2FC5KA8TegH5VEJDbI%2FeRCjBwclL%2FeIsT74si4GRr32aeHXfMy82k2rAbqxggx2aRLQgskqFnkQ84iys9mDABstMwG5xsQ8gCNKUb4DKXtr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c79017a20020e-CDG
expires: Fri, 04 Aug 2023 16:57:30 GMT

Redirect headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1085
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ASjEo43I9TbLcx6AVde4exVqEcWw1qI11djVTS712mgDPffl2o1yijzjRdcuCvVYzjqyY2fw9xwZNfCyW1Z38zV2WMBJa%2FWIx3xPf7z8Pz9YO4khJxdf9lhig5yuFQwOqQvBqW%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/norton.png
cache-control: max-age=31536000
cf-ray: 813c79000833027f-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
87 KB 868ms
107ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=79d1a979b44570cd9cac21be9f770861

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

5c7d8e29da9302c675472e399559e665a9c60080c11d34602feed7d41a292e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 05:30:40 GMT
content-md5: Z66vCSMgS8GnW3EfxkeQfw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88122
x-fb-debug: t1dAEaPHsN5lI4sL+c6XfKi3V83ytaM4l+HY/HfSpiwcCO0taq+xfmANpBgxa+ptAhtdR0pdzBDUmQQhZjI2Iw==
x-fb-content-md5: 4fc7503a9a644dbd755b48c03cd0c0ee
cross-origin-opener-policy: same-origin-allow-popups
etag: "4129e2d6b867453e41e8ca4d7f340464"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 09 Oct 2024 05:21:52 GMT

GET
H2 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 135ms
135ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6352389
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SCkrcdKD9Osr7JhN3BYZm94wrBo1sjCj6tb9ZyE5414O3kvQedsf5Ocyco4d6vqSJqrVH7K8oweW%2FCrzv1Kre2vKlqHpHfyqSwfxdSUCbEq5TTxzoDmvuQQxV%2BXIFbUUXxE6%2F%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c790008f1020e-CDG
expires: Fri, 04 Aug 2023 16:57:31 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 391 KB
133 KB 934ms
137ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

354341c6be40733e0a1593df84686f5077f345648d3521c724496bb998b9c282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135718
x-xss-protection: 0
server: cafe
etag: 17825208830729880650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 50FE 10 KB
5 KB 543ms
89ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 60252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 82ms
81ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2988e4e6b5b6637f3d7e4c116811b4712e130fb05cbe2cc0e2cd3c46d6187d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 10 Oct 2023 05:30:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1105ms
70ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 03:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5948
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Oct 2023 05:51:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 940ms
101ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je3a40&_p=529864704&cid=1452202521.1696915841&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696915840&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
10 KB 186ms
186ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 999803
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH8%2By0IdLGm%2FLFDfu7Gm5Ang%2Bc0rQJ2peFXdQzj9Q1JACpYY08wc%2FnIbPkCRwLRR2nXKwUb9N1RQWY7F5wBRWh6EC8hH%2BuvTT%2BtHfneMNQLQDZMRTzJt%2F9st67kGUw%2FF9q4sJfON"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c7905aae23d0a-CDG

GET
H2 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 155ms
155ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 999803
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90pwIcT6SBeZgCk6UgSa65NYKYeG1aw2cILu85AfDNUztoPGEmUYlzH584DAGneNt%2FhZ89fM7hsbfkG5p3ZeiS8Fhdibh5ennt0rHNtVRYlI8rTqyatuWdzMVxWDVGUvhFaui25f"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c7905aae43d0a-CDG

GET
H2 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 116ms
115ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 999803
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BGjTaZRNK7cMhB9Qp1RcwVg0Qp7Hq089ZXlxuPRWykX7LtEoJhpHSSyYGoM5aU2l%2FGRwxIbuYahP%2FiWiaEEp0hnY7x%2FS37W47NEBQwKk8BoIrRNJu5nUMsO%2BvDPWTjIKBtSAvsU"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 813c7905aae53d0a-CDG

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 555ms
50ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.babup.com&callback=_gfp_s_&client=ca-pub-9176521898341909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

d8867aebb4315d45def8dc22390c21ae36764ef8d0cabf46ac15bc5b0e957114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 105E 325 KB
71 KB 1246ms
1236ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1696908641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840066&bpp=8&bdt=854&idt=1165&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1794317241890&frm=20&pv=2&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9f6bca83a30b6a0a454e1fa83a7143245c2a52fa372bcfbd89f8831aa901007e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:42 GMT
expires: Tue, 10 Oct 2023 05:30:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 932A 115 KB
40 KB 639ms
630ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

affa0e51fc1c7d05dc3fd913297bf564bba57f7cba0407b27dd308974da58c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40748
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:42 GMT
expires: Tue, 10 Oct 2023 05:30:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DAC9 145 KB
44 KB 533ms
525ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840532&bpp=6&bdt=1320&idt=764&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aFAwFXTohf&p=https%3A//www.babup.com&dtd=767

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

00e0f6d46b5a90b7becdfe2a2a1112bba3649bd1ce99cf4a84a41e70cbd8036a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:42 GMT
expires: Tue, 10 Oct 2023 05:30:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5168 714 B
580 B 455ms
448ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840541&bpp=1&bdt=1329&idt=762&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=p2XYXexr4V&p=https%3A//www.babup.com&dtd=765

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0e8030b6637b5f7ba9930e9cc0cd17094ba1651596254c09c0f56070a0ae90e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:42 GMT
expires: Tue, 10 Oct 2023 05:30:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 85ms
84ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=529864704&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=646159390&gjid=2039408685&cid=1452202521.1696915841&tid=UA-119779859-1&_gid=1194026508.1696915842&_r=1&gtm=457e3a40&jsscut=1&z=610741200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DAC9 15 KB
2 KB 571ms
90ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=3654258318&adf=2180648201&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840532&bpp=6&bdt=1320&idt=764&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aFAwFXTohf&p=https%3A//www.babup.com&dtd=767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 05:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 04:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 05:30:42 GMT

GET
H2 200 nessie_icon_tiamat_f_white.png
tpc.googlesyndication.com/pagead/images/ Frame DAC9 239 B
361 B 562ms
115ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_f_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

1c3177b2bb09130b3eb00f3ec5cbc0a43c8c2dd90bfccb329359601cab1697b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 09:54:14 GMT
x-content-type-options: nosniff
server: cafe
age: 70588
etag: 8625321034218172526
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Tue, 10 Oct 2023 09:54:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame DAC9 23 KB
9 KB 76ms
75ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DAC9 3 KB
1 KB 77ms
76ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DAC9 20 KB
8 KB 47ms
46ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAC9 187 KB
59 KB 203ms
175ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:42 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame DAC9 37 KB
15 KB 115ms
91ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 932A 4 KB
728 B 471ms
92ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 05:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 05:06:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 05:30:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 932A 2 KB
973 B 416ms
78ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:38:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7100678694543653687/ Frame 932A 26 KB
27 KB 426ms
91ms Image
image/jpeg 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7100678694543653687/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

c9a0e13fa76f7929fcc709a1db13bcb7fb8c335dc169f82fbe5cfee360c5e950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 06:02:04 GMT
x-content-type-options: nosniff
age: 84518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26991
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:07:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 06:02:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13077691967104856870/ Frame 932A 994 B
1 KB 432ms
97ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13077691967104856870/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

7e2b27956da0220e3a28b7af3c42424021b1ca33ddc1859cfaff3b24b9c1c444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:14:21 GMT
x-content-type-options: nosniff
age: 4581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 994
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 16:24:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Oct 2024 04:14:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 932A 23 KB
9 KB 425ms
98ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 932A 3 KB
1 KB 440ms
114ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 932A 20 KB
9 KB 403ms
77ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 932A 187 KB
59 KB 561ms
104ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:42 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 932A 37 KB
16 KB 538ms
84ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
DATA 200
OK truncated
/ Frame 932A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a492b155ec3440d55a27595b4539b76004b63c0845d40172c950a399a88d6e92

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 data=vgAMp5n_z_MIfaEfb_pKd6h6t5a1ntO4lA-YDN-R_8c8aZ-yPPWYPXxYdgvXlYKY8ldVoC4DWAq4iYbtj6X6FIXic3O0x_j0uUxRqk1Z_SDTCd1VSqx6Abyi
mts0.google.com/vt/ Frame DAC9 63 KB
63 KB 674ms
240ms Image
image/png 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=vgAMp5n_z_MIfaEfb_pKd6h6t5a1ntO4lA-YDN-R_8c8aZ-yPPWYPXxYdgvXlYKY8ldVoC4DWAq4iYbtj6X6FIXic3O0x_j0uUxRqk1Z_SDTCd1VSqx6Abyi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

facddbf076c613b2764419454818e5d29f153f57b2e29c99eddcf5183773d52a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64384
x-xss-protection: 0
x-server-version-bin: CggIBBCBm/moBg==
server: scaffolding on HTTPServer2
etag: 03c940ff69095079c
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Tue, 10 Oct 2023 06:30:43 GMT

GET
DATA 200
OK truncated
/ Frame DAC9 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DAC9 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DAC9 33 KB
33 KB 518ms
88ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 260802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 05:04:01 GMT

GET
DATA 200
OK truncated
/ Frame DAC9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bb74674c0a9acd2f62fb5c2b36ef0b6851f06fbb4efb4d69fca95948e112b0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 156 KB
53 KB 137ms
136ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/reactive_library_fy2021.js?bust=31078673

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a0eaaa3695ab6de1db0d02f9c6745bda872cc8a34cc6d9a58d982f1fe6157add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54487
x-xss-protection: 0
server: cafe
etag: 17842268347222535636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:43 GMT

GET
H2 200 ca-pub-9176521898341909 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 734ms
115ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9176521898341909?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

17e2b113f6bcf71a88fb50cc62d19b7130ab4a2ec34c6d08d0ee9c2e3dba4534

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kemlaTXftotmrBZEb-HRpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kemlaTXftotmrBZEb-HRpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 128ms
124ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=305234607030803&num=0&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 129ms
124ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=305234607030803&num=1&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 128ms
123ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=305234607030803&num=2&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 130ms
125ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=305234607030803&num=3&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 129ms
124ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=305234607030803&num=4&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 130ms
125ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=305234607030803&num=5&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 130ms
126ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1718899565230374&num=0&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 130ms
126ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1718899565230374&num=1&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 130ms
126ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1718899565230374&num=2&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 130ms
127ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1718899565230374&num=3&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 131ms
128ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1718899565230374&num=4&dvc=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 122ms
122ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-9176521898341909&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20231008_103503&sat=1696904597836&afm=2%2C0&as_count=3&d_count=0&ng_count=0&am_count=2&atf_count=3&mdns=0.237&alldns=0.288&allp=28&fd=(0%2C12%2C6)%2C(2%2C0%2C0)&pgh=3547&abl=false&rr=n&su=www.babup.com&pvc=813855983468782&r=0.1&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 932A 16 KB
16 KB 169ms
78ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 385835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 932A 15 KB
15 KB 269ms
178ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 350631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DAC9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CxyWsgeEkZeKJLqWSkwOW2oSQB_vdhOpy7tzepfsRZBABIIK6uHxg9YWAgNgEoAHizfDdA8gBCakCx822KnaHsj6oAwHIA8sEqgTHAU_QYqPomcU-JAc2khcZXx9wyUuwK1r6OORrIsqT2H4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x65a88367292fa0aa0000000000000000%22,%222%22:%220xe46b86088445b3b70000000000000000%22,%223%22:%220x8bddea...

0
0

271ms
101ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x65a88367292fa0aa0000000000000000%22,%222%22:%220xe46b86088445b3b70000000000000000%22,%223%22:%220x8bddea35c02304fd0000000000000000%22,%224%22:%220x68515c7a67a226070000000000000000%22,%225%22:%220x5579ff93ab874e480000000000000000%22},%22debug_key%22:%2213099952314482893751%22,%22debug_reporting%22:true,%22destination%22:%22https://livique.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221002186466%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214780501322660010689%22}&andc=true

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x65a88367292fa0aa0000000000000000","2":"0xe46b86088445b3b70000000000000000","3":"0x8bddea35c02304fd0000000000000000","4":"0x68515c7a67a226070000000000000000","5":"0x5579ff93ab874e480000000000000000"},"debug_key":"13099952314482893751","debug_reporting":true,"destination":"https://livique.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1002186466"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"14780501322660010689"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Oct 2023 05:30:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x65a88367292fa0aa0000000000000000","2":"0xe46b86088445b3b70000000000000000","3":"0x8bddea35c02304fd0000000000000000","4":"0x68515c7a67a226070000000000000000","5":"0x5579ff93ab874e480000000000000000"},"debug_key":"13099952314482893751","debug_reporting":true,"destination":"https://livique.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1002186466"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"14780501322660010689"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 226ms
225ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 05:30:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 932A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoEGugeEkZYPhLYuM5LcP6YmKoAfymdKpYK3GxZHDDb3v2r_NARABIIK6uHxg9YWAgNgEoAH3ncOSAsgBCakCDGksNTe6sT6oAwHIA8sEqgTGAU_QE7Hp3qsmNA4-sIG5aqfMOBxjuWLaut6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1bbb78106ab4056b0000000000000000%22,%222%22:%220x8371349e4f6066eb0000000000000000%22,%223%22:%220x2b3a25...

0
0

98ms
98ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1bbb78106ab4056b0000000000000000%22,%222%22:%220x8371349e4f6066eb0000000000000000%22,%223%22:%220x2b3a25247154d8770000000000000000%22,%224%22:%220x52bbe1109d746f330000000000000000%22,%225%22:%220x1da98f5adfcb1b9e0000000000000000%22},%22debug_key%22:%2210270185923733653470%22,%22debug_reporting%22:true,%22destination%22:%22https://tiroled.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22575721207%22],%224%22:[%2210-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221653074676111820945%22}&andc=true

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1bbb78106ab4056b0000000000000000","2":"0x8371349e4f6066eb0000000000000000","3":"0x2b3a25247154d8770000000000000000","4":"0x52bbe1109d746f330000000000000000","5":"0x1da98f5adfcb1b9e0000000000000000"},"debug_key":"10270185923733653470","debug_reporting":true,"destination":"https://tiroled.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["575721207"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"1653074676111820945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Oct 2023 05:30:43 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1bbb78106ab4056b0000000000000000","2":"0x8371349e4f6066eb0000000000000000","3":"0x2b3a25247154d8770000000000000000","4":"0x52bbe1109d746f330000000000000000","5":"0x1da98f5adfcb1b9e0000000000000000"},"debug_key":"10270185923733653470","debug_reporting":true,"destination":"https://tiroled.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["575721207"],"4":["10-10"],"6":["true"]},"priority":"500","source_event_id":"1653074676111820945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 595F 37 KB
15 KB 47ms
47ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1696908641&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915840074&bpp=2&bdt=862&idt=1211&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jlBtuHBknv&p=https%3A//www.babup.com&dtd=1218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:33:08 GMT

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 74E2 37 KB
14 KB 89ms
88ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:33:08 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 79ms
78ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 05:30:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D34 436 B
280 B 747ms
747ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1696908643&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915843192&bpp=1&bdt=3980&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De47f6dd21bdfce89%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MadZaOeIJFtMUhL9mjQVAV4xtvtpA&gpic=UID%3D00000c93535b300d%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MZXPkTTszCe5RsmgR_6ruC4Li0szg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&psts=AOrYGsnIRqr34vbJGwK9c9GWH4HWdZxjob5ezb7wG1jFPt4LN9CEqD0rTXaGXkZNSdVsxXjk5NbwyCBiZuiy8_mDDLD5Hp0t%2CAOrYGsnUPNYnxo_OD1hqpYQrFDVwfilbG8lcMtyoBakuaLSTRNmD6TWYigZzK8AMiDPj3gr4v0dVnsT2bnyIgpyxtz-OAQ&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qs6ynfkExO&p=https%3A//www.babup.com&dtd=557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c6d936ecdef45ae728c54f340c27542583e5e6ff0adc994857ba57445669d3f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8936 436 B
279 B 744ms
743ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696908643&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696915843192&bpp=1&bdt=3980&idt=-M&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De47f6dd21bdfce89%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MadZaOeIJFtMUhL9mjQVAV4xtvtpA&gpic=UID%3D00000c93535b300d%3AT%3D1696915841%3ART%3D1696915841%3AS%3DALNI_MZXPkTTszCe5RsmgR_6ruC4Li0szg&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280%2C1110x90&nras=3&correlator=1794317241890&frm=20&pv=1&ga_vid=1452202521.1696915841&ga_sid=1696915841&ga_hid=529864704&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44804782%2C44805098%2C31078673&oid=2&psts=AOrYGsnIRqr34vbJGwK9c9GWH4HWdZxjob5ezb7wG1jFPt4LN9CEqD0rTXaGXkZNSdVsxXjk5NbwyCBiZuiy8_mDDLD5Hp0t%2CAOrYGsnUPNYnxo_OD1hqpYQrFDVwfilbG8lcMtyoBakuaLSTRNmD6TWYigZzK8AMiDPj3gr4v0dVnsT2bnyIgpyxtz-OAQ&pvsid=813855983468782&tmod=133631964&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=ACra5X5anN&p=https%3A//www.babup.com&dtd=561

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

35a7e11c4ab312f98a008a9812acda2279b32051e5d6be1ee21f79c5f6b8499c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame EF19 10 KB
4 KB 80ms
79ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 42221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 8554 10 KB
4 KB 42ms
41ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 42221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 814D 10 KB
4 KB 52ms
52ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 42221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame C04F 10 KB
4 KB 51ms
51ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 42221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Mon, 23 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVhXksBEyXynurGFOdNzEOf_nqSOd8g5TQ9xmdG80gMxzyDmikJey9h2JDIjpSi-Co4Xg7ZiZT61zBz0BK1ck4CaTR5G8on7g9d9IB6Bpf5zXkTkhp7k62U07WmPV7J_dbln6Ag1w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 81ms
81ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVhXksBEyXynurGFOdNzEOf_nqSOd8g5TQ9xmdG80gMxzyDmikJey9h2JDIjpSi-Co4Xg7ZiZT61zBz0BK1ck4CaTR5G8on7g9d9IB6Bpf5zXkTkhp7k62U07WmPV7J_dbln6Ag1w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2OTE1ODQzLDgyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsImlqVmR0M3NmMXRzIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ijVdt3sf1ts.es5.O/am=ggE/d=1/rs=AJlcJMxsr1VCOucfiMRXXY9yKWlqgBuGYw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

39bb05f2757b65dda0339b96e6905aeca1bca1ab35812753cd62b53615e53390

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nh8GmTQ7gU1Qr4EnUo4VFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nh8GmTQ7gU1Qr4EnUo4VFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame EF19 4 KB
767 B 123ms
121ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 05:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 04:33:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 05:30:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF19 205 B
520 B 108ms
106ms Image
image/png 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:51:21 GMT
x-content-type-options: nosniff
age: 470362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Oct 2024 18:51:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF19 604 B
696 B 108ms
107ms Image
image/png 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 244550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 06 Oct 2024 09:34:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame EF19 15 KB
7 KB 109ms
108ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:55:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame EF19 20 KB
8 KB 112ms
111ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:52:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B82C 478 B
242 B 127ms
123ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNXUuk_gzT1K98anGABswzaYVuYG6NJh7t1WoAbGbuM-MfGJJzOsYRLy60nXik55_b0Or4PNszoTKlnwLDRGa2S3ZBiTgQ

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55A1 89 KB
31 KB 141ms
138ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:43 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 55A1 2 KB
1 KB 661ms
141ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890697&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gSfgT6J14AdIjoUowCKN9g&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 11 Oct 2023 05:30:44 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 55A1 9 KB
4 KB 661ms
139ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gSfgT6J14AdIjoUowCKN9g&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 09:41:56 GMT
Server: UploadServer
ETag: "182a72be22ed58ff71d810d74dc7cb7a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Tue, 10 Oct 2023 05:45:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 55A1 3 KB
1 KB 78ms
75ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 55A1 20 KB
8 KB 76ms
73ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55A1 187 KB
59 KB 81ms
78ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:43 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A1 42 B
110 B 137ms
135ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5jSyt-Sg52oFUUrNGPVv8yBPX-hDLbEuBTu3yFRzdL5PsvkyMgqiXTvelRwgibiz1bfPFxMfFRvRlC7uPkbBaQsNNT23yxrpgFcRJWP7pDC8Q1HA

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A1 0
56 B 137ms
135ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12840525814615088126&x=1&ct=77

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 365F 611 B
310 B 105ms
103ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNVYcSop9A2oI7qySSHyY1leNitj-T0GvHxFaMlcuiGvvU1AzpUtRW8oukhzqdGLJIjPG2hvEueQd1KJEP0zCc67B0ZBOw

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A1BA 89 KB
31 KB 218ms
216ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:44 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A1BA 2 KB
1 KB 777ms
209ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890697&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hHR2o4PZgfoWLrAlLxicOM&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 11 Oct 2023 05:30:44 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A1BA 9 KB
4 KB 780ms
213ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hHR2o4PZgfoWLrAlLxicOM&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 09:41:56 GMT
Server: UploadServer
ETag: "182a72be22ed58ff71d810d74dc7cb7a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Tue, 10 Oct 2023 05:45:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A1BA 3 KB
1 KB 57ms
55ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A1BA 20 KB
8 KB 55ms
54ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1BA 187 KB
59 KB 100ms
98ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:43 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1BA 42 B
107 B 115ms
115ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cb8MQUTBRezPtEZDuW8UrfWTt0UXJ7TSl-g_JNbnV8bZjaSG8AdXqlCTzkOd2_MK2ZeqPgA5Xxg_6rbwT2M8-dh_nup-EuVHA5MMh1GHfVHSqaEdc

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1BA 0
56 B 115ms
114ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5980069646753967930&x=1&ct=77

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B66D 441 B
244 B 90ms
88ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNUWLtKajpaV6_80IxD2quV-HNsObg3Ig-d3G20shHeGGfkRYk4ay_W2SX-L2l3aZJd3hfaQk4dIrqYcZ6QRHX7BGZONaw

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6C70 89 KB
31 KB 186ms
184ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6C70 3 KB
1 KB 73ms
72ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6C70 20 KB
8 KB 71ms
70ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C70 187 KB
59 KB 101ms
100ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:44 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C70 42 B
107 B 178ms
177ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZ220KSea6VOho2bJ-3ctXMuo4oilQ13QE8Zpr_F-dqdwypkoAuV42mWyXPMgznxvRYi3adlM3WpeOneyi5rrDVR6bH1iD_uT7onbqJz_Nt6MfOl0

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C70 0
56 B 178ms
177ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14559153518205783269&x=1&ct=119

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUI1GZGWAu4YtMhAyt1tpLsg7OWLCaj7lcieggpWe8PY7SAesU-YtOqFzGV0Z-0D1ZeKw1HpTZXa9awnD1ot7APNxLFXb90zxbmj2j71FmBXuZUJu-zsIVZe_jTaMZLUyyKf-mZFg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 169ms
169ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUI1GZGWAu4YtMhAyt1tpLsg7OWLCaj7lcieggpWe8PY7SAesU-YtOqFzGV0Z-0D1ZeKw1HpTZXa9awnD1ot7APNxLFXb90zxbmj2j71FmBXuZUJu-zsIVZe_jTaMZLUyyKf-mZFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2OTE1ODQzLDk3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJhYnVwLmNvbS8iLG51bGwsW1s4LCJpalZkdDNzZjF0cyJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

fdcb8c555c78ae62ae5e89d280c49f8ececd17ffebe399099c9340e98daa588d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XIHYkjgm1dJjceAYteAyOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-XIHYkjgm1dJjceAYteAyOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7DB4 14 KB
1 KB 102ms
102ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 04:29:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 05:30:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DB4 2 KB
931 B 89ms
89ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 7DB4 23 KB
9 KB 88ms
87ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:36:47 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB63 143 B
228 B 88ms
87ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:23:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DB4 3 KB
1 KB 87ms
85ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 02:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 02:10:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DB4 20 KB
8 KB 88ms
86ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DB4 187 KB
59 KB 128ms
126ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:44 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 7DB4 37 KB
15 KB 88ms
86ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B82C 170 B
409 B 271ms
90ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNXUuk_gzT1K98anGABswzaYVuYG6NJh7t1WoAbGbuM-MfGJJzOsYRLy60nXik55_b0Or4PNszoTKlnwLDRGa2S3ZBiTgQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B82C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1

43 B
335 B

112ms
110ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNXUuk_gzT1K98anGABswzaYVuYG6NJh7t1WoAbGbuM-MfGJJzOsYRLy60nXik55_b0Or4PNszoTKlnwLDRGa2S3ZBiTgQ
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7git3irKM6fXIR9XlhDCaAOBb5G0RGzMepbw6plWrqiPsGwqrRHiVzAZkwhcoHRiR%2FwzNVzc7oxjuV068XWjIvPlSqXUCJQvSYBRBkFqHYY7yT65O1dxwsMw3iv1xlWxoeQHvVmWmYmPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813c791b4fe524c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B82C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSThhKuARRFxU39pDY1njwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1

43 B
763 B

347ms
347ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNXUuk_gzT1K98anGABswzaYVuYG6NJh7t1WoAbGbuM-MfGJJzOsYRLy60nXik55_b0Or4PNszoTKlnwLDRGa2S3ZBiTgQ
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XO9Ec45u8c306TUkrqoz1a1K5eGIB8TYKXREkZqyPFfBQ4ETeu87VGqCnc3F8LivwbZsnlq9e8mS1PaMNNte18m1JMZ0YUgt20h%2FcVq11t3gJ1lPoSC4Yf4utl20b1NOKfS2VqnbUTm2XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 813c791d982d01e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIy0kDx7bnptECb29LdlYA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 365F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGvJ0wEfNpVuT7vYoWDXADQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGvJ0wEfNpVuT7vYoWDXADQ%26google_cver%3D1

43 B
891 B

177ms
177ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGvJ0wEfNpVuT7vYoWDXADQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNVYcSop9A2oI7qySSHyY1leNitj-T0GvHxFaMlcuiGvvU1AzpUtRW8oukhzqdGLJIjPG2hvEueQd1KJEP0zCc67B0ZBOw

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
an-x-request-uuid: 219e5231-5c66-487c-9502-5e6fb76f8d99
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 62.167.93.60; 62.167.93.60; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
an-x-request-uuid: a2a5a0bc-de88-426b-b6ff-c466ce6137e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGvJ0wEfNpVuT7vYoWDXADQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 62.167.93.60; 62.167.93.60; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 365F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2NDgwNDkyOTA0OTI5Mzk3NQ%3D%3D

170 B
232 B

453ms
453ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2NDgwNDkyOTA0OTI5Mzk3NQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
an-x-request-uuid: f8abb3c1-17b5-45ac-916d-69c07c0791e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2NDgwNDkyOTA0OTI5Mzk3NQ%3D%3D
x-proxy-origin: 62.167.93.60; 62.167.93.60; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 365F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwvI9s-Zx5hVka7KHe9RqQ&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEwvI9s-Zx5hVka7KHe9RqQ&google_cver=1

43 B
61 B

520ms
520ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEwvI9s-Zx5hVka7KHe9RqQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYkYODvQEwAQ&v=APEucNVYcSop9A2oI7qySSHyY1leNitj-T0GvHxFaMlcuiGvvU1AzpUtRW8oukhzqdGLJIjPG2hvEueQd1KJEP0zCc67B0ZBOw
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEwvI9s-Zx5hVka7KHe9RqQ&google_cver=1
date: Tue, 10 Oct 2023 05:30:44 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 365F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjgwZGQ2ZDQtN2I0OC0yYzE0LWQ4OGMtMzNmMjUxYzBmZTli

170 B
232 B

164ms
163ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjgwZGQ2ZDQtN2I0OC0yYzE0LWQ4OGMtMzNmMjUxYzBmZTli

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjgwZGQ2ZDQtN2I0OC0yYzE0LWQ4OGMtMzNmMjUxYzBmZTli
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame B66D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJyWfOo1exm615DAmzVzpJ0&google_cver=1

23 B
278 B

113ms
112ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJyWfOo1exm615DAmzVzpJ0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNUWLtKajpaV6_80IxD2quV-HNsObg3Ig-d3G20shHeGGfkRYk4ay_W2SX-L2l3aZJd3hfaQk4dIrqYcZ6QRHX7BGZONaw
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 05:30:44 GMT
pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJyWfOo1exm615DAmzVzpJ0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B66D
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjNhYjNjZGItM2YyMi00M2YyLTkxYmQtNjg4OTA1ZmY3ZWMy

170 B
232 B

55ms
54ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjNhYjNjZGItM2YyMi00M2YyLTkxYmQtNjg4OTA1ZmY3ZWMy

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNUWLtKajpaV6_80IxD2quV-HNsObg3Ig-d3G20shHeGGfkRYk4ay_W2SX-L2l3aZJd3hfaQk4dIrqYcZ6QRHX7BGZONaw

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjNhYjNjZGItM2YyMi00M2YyLTkxYmQtNjg4OTA1ZmY3ZWMy
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 10 Oct 2023 05:30:44 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame B66D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEN8VfP-5tGOvRvG9lDUEsZo&google_cver=1

43 B
175 B

964ms
214ms

Image
image/gif

3.208.239.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEN8VfP-5tGOvRvG9lDUEsZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKrgbxDSue38BBjmlcH3ATAB&v=APEucNUWLtKajpaV6_80IxD2quV-HNsObg3Ig-d3G20shHeGGfkRYk4ay_W2SX-L2l3aZJd3hfaQk4dIrqYcZ6QRHX7BGZONaw
Protocol: H2
Server: 3.208.239.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-239-138.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 10 Oct 2023 05:30:45 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEN8VfP-5tGOvRvG9lDUEsZo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A1 0
56 B 135ms
135ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9848406045334&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A1 0
56 B 184ms
184ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9848406045334&version=m202309260101&ct=77&x=1&cor=12840525814615087000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 55A1 16 KB
12 KB 134ms
133ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPFDsVbOhI-Wy_yKsiRDH5XQS63FRjafw4DS3DJS7JLLO-aXnNh5xQNdbP468SjmwuDXP3riSOvc6L4aMf4Z_id6-VbM3NwFa8oItvemACtfsCNQVbzEaVmQwl_wJE7bWSus6-mE4935869eA3MOSwWhDt0mxbbdtYHjBBSGgV8B7sjtk&cry=1&dbm_d=AKAmf-BknP6FIiG_VSH7XU-upGT8P2l65ujKUNxqmDxGHsm1f7WGWndq4apriJqJ9wlWu-YOojnG61rZAtG_7J2tO9AK_AHhb-DqED0W4BvfvtEzXbv93HP4GzNrGoyNVq0SqE9aMG-U8kovKGkHZM2m2NZeYtHd1RoGnNCdrGF1Ce31nWgPhOboP5JQlOs6bXH4gooHQdw5Hhq0s2HNeD0grlQKiYb5tT6fWeSCDi9UFNXaT1GImTS_YJrmgf7M_4I5p9iSIDj7z527MIMv-H9gSCIpbCqVjRNEqjHvykAkNsIfl9Ng2w-CiDqL3066nxR3YpgftlWEZQXcXcPWriI3zZe5oTjT617Nd4BWBvmrDsJmvsHocL4V2PnomZidRAXHmD34IHaXaJKH37MOnjxgZY_2Q7AEq01It7VMnCmOmhLLC0F6yt4nOdIhxu2ZREVPoJduhAYa0vjxuObeZSe2MNA7qUlieKKupgH86jBfeOyp8HCDvYgFV2_tF4MfqF_hUJ49LHjjbAO1CkFW4IgKgQFV5FswKTO9M-4fX8Pjr3Mu54ValCZKxrFZ_VhqNTpAJoPK_jhdZfBv90VdqXZ8sU-Q4rLj_TF8S4MuJ2UFE37dxazQVsRmeCrxGp3pgNWmdrUcEVwuT95N7u5HfY9Ssyfy2vyp5iKFIK7m0Rt2xc1OsmN5uPdhmIKHcDTdtbURuL-lLVUt_abgWFU8R9gVarl_xeVdwq20JE59AhtWLHsqFj43_HgRFuNCvBmk6UI7yzIpxPz8V-BnVDSM42XOCmpZv-5h4Wf3XwGKui5JUhHQsEcEIhV1Jc-WOYULWEuyjnrSIx-uWkYBdEfM0TNdZrS-0sDNMRYCcAPdLjyTSuAo7yChYlUtPCY7qPntTG9PYu1mQ7QpI5QcCeybj1m15JVYaEzeePjWAEwS8IFrNsmulPaFqAaLGbWJ8cQlMZvHR_iLihMWseldsFqnxddbchVtZYmDB97LdFtoG5Wmjux3gTXifjCklPDCP4B_JcNDiYSgTXAEhbJencyZOkS5ci73Ksl2tF8MHAzaSxDuPU2kJZWkDrcO-8Ncb4I4Xv_getEhh9ZK0Sx9K9zRFlEc-sySkUr2YmD_bw4CiNtSvO74wMzF7Xv75RLUXhVuy8NzEb_GLSwGsikbkqcl_ocvCms1bLZSkC6indFm77L_PuHHStXZU-pJsW67gBQmu8lpixTtYCaa9a9JKdATp8nF-6h86DTRk1yPhbmJ43KyQfqbbhRenOwqzC9MkMN8GYh9UBHANnEJv_3mahzSGKlzlRIX3ZE2KJTRz_ufyhuGBZ1AozrDVyCpIe5TGgL46S6xSDtEXgiJzZdBK5mTQ9tS6gSXsuFb_Goy6nq6e54gQrAalsU6jGczH1YpQt2sEMM6KbVRkeJcXRGcFBh6NlmacHPuc-Mpf0_CkvpAdpSDktrdQRHZk80cH1j-MGqm6oyNnLkp3GMuQLG1oJjdOqI5qiSIE_URptj2c1hFQ-F4ID4tiMf2OSsr8kwOIBu1YS1YNw_9N08UwLc1spD299HeWyHGJ6LehK2sTL5DoxBUjVhwZW1tWZczmMHao98nk_Cl6rES3jcEMM1Rtc9L9Iwr_0vMd1250rwJ4nEjZtUxQwQX91WF1lNouviTPAyOb-kEc609VTBKzTOqqq9JoU5vkNH9p6FuZjhkCRNolhTE3a3Q9z4pr9dXdfx-f7CMN1_6qwx_BXeHNdpyGICkE_lo6kYuNF6NJILDx3l-Q6mD16XxKsmqI5G2eytHIJMsBS51M3OSQXG05kh06k-QSKL8myKbUUkGBFUtfPHkh7aJUjlCnj5K79OJBrUdozqsjtLSaUJQFVkupwOByJxnonf2D0GugBbfFTIdFbzxAVVVlbTEjQoMTI_i8hKgk_eTnGFrOdqlZY-9T0zOWkduf18ni0Kx6Ho9OMpVSObMb216PC5dT69md2v20SjIHs-KtVBFjf62zfOsAwz00xmWJDICXlWFMwGbYSNVR3s-uRrpupkZEBPoPcCMSYjNDd75WaMq4K0zZwSMBx-HwPwP_bHqpsdQfu4r3VGiWVjIodrEYyXRwdBN1ZUthPsZ42EPmKxTg0mD2UsMangnyKADyRuYBYQZ_tOPQlbABtKSi4qw1jAzmpcbUmvNyI7OugKa0ooR3m0CtGLrUll7yj2tukbKlUfbesrcVyw_MfIITq3IfadWhw-XNRoQ9NKhJ3G68bKi_eJnRusnJ4qZ30ZvSyEq3ZR9IQJxnb96t7CSfZcQaQrrN7i10XR4N9SRb9UloIuPlAEi81qEcY94EyDwiXAJfqnTGGGKbtOR5Izw2GgPpKULqGREtXRoD1o-2Yi5JbkXCJQ3nRxO3EID9n9mGXa-oF66l96rSlzyUkrzEJmJChGWSF1kjJqyVFpf8yzZ7kNCw4Ttrd58DcT6ngA7z5mzQ73-DSONTzGsQaRycPVSs99DyGYbhGMcaxnGWkIEVFjUHjy6JXgiH2v7SJQNLqClMPRJEWtgD88pkBi3JOIJmwQx4kqjcnZ17kfhrfPlpUgIh_yn4Yw8uSvEds_77FF3hWkIsW4gkIJ9KNRwTM9bWKO661LgXVX7amRK-cL4-MTcVmgbbLCfwihpVAzCFPJxK3l5_l_rE13ZaID_4HJlMGgYrAvjmV0d2fqiVi_TXgW1CtWFlfiZsxf9RtUu8pdsiRFq_nlJEu_icNUWNBMpyOU51KnraNqpTPABXi5eNlMjKZGOzX1fWy427J8KKDlHSZ4liYrLYyyGPHrtM1RgO_dqdfEfmq9z07Ves_0ztiDwTFWV5EsDdtHTO_sIMkTXZci2eaQm7wg1eijQodL58ZXNIGzjJ-NvELhr8ikBkuf9_CFS9ZtVw8RfX0cnSkW5YKhXmk2W4gpOCSYjspKdZUBMw1ywjLa-sdRkRFxYyk5qCIyH-FKsVOKvAd1xITbiO2dUbTgb68pB6Bc3_LC12bIedmmyRyqe2TppemndSb8oZF9w7xFICut2mZX_gRgY9vztxmRSKzsaIyggJC8YYxi7krSOw7w4jQ2m2MkePd_5cMg5sZjGlZIi2aHbBhS_3ShsGy7oHo7n-FbIjufS00oZ3u-bMfGvYmzfocr5t1rKqOfTHScjTqTsojWRJA0bT1GDyVM4HlVEnFuXQcOSGAnOrgu_DBTGcHY2KnVwMrNto8c96CYyx3PbhbaaSSMYcJMKwfY5cYc6h_hLnVWIuZfnTJIwOakSd6-a9gVS6beY_XJu5aXMqqQW2bPv3IIyPIaj28LH_akH5R6uq_dYR4mWIdxTlSZf4pHrcj16L5KjMiTka9gwUHm_2ln8rjYNy2SPXqgY8XIwa5KnhcmzClfqIDrYHUv0sMT06dfJ-bqgw0jbIyKxrIl0YG__2IL4Wl--PbCn1DwMIHBAX-vHy9UcgRTE6Qs8GrifGZp1RpaLLcFkWc1HtFyhcTEAPkvlKO5JYc3CvOWQSQ0ixRuj-2oVbTcO4dPzND_2uYqFL3Ja2Vzfx53JuXOlXrimT5yq1XtxJbGAguBHpTZVT3nH5WM3h2LrLRSTADTrq5P-OoO3t-6-PdN5eGSyeWdKRubMCyn47VJ3LoFaL0LQgVro0fYCMYkg_kfNs-eMJRObAqGfjQx59dc1JwTMJf25AahnJRrDG-3ZGHjBpPBwfVHEVpCcXZJhSNkS1RrTjbbSIZVEbXNdjSex_wcns4DKLdM2b_RPBmy6FyYGJj3aQgwg0ISeR7YGuDZSsTbEW0UMUugzhfSP1d0DemGC1eM5ESSQ0gU42OJaxlQzgwca8va_7c-sndO9ZhlrEZB9N8SvlFgJxG0YrWK1zp_sR5F80aYzC9klrMIAPQ&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=12840525814615087000&adk=3062569608&idt=153&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c3e767e863f1704849fb36c0752568cced6b8eec562d769f9321c0136d2a0182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB63
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
168 B

82ms
82ms

Document
text/html

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:45 GMT
expires: Tue, 10 Oct 2023 05:30:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C70 0
56 B 106ms
106ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5409735315331&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C70 0
56 B 105ms
104ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5409735315331&version=m202309260101&ct=119&x=1&cor=14559153518205784000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6C70 91 KB
37 KB 243ms
243ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_LblaL-qyXj03IjDRB2BFdcddKKGKVKqIDZfzMtfldupF0QhZgOcPYwGog95y6MfzuykvlE0AcQlGbwN1CjT2RLPrbIWOL_R7tAsVmfyZJMUwI4OYSyQvySKCP80KRKx1nnySBEw49ZnqOqQifGP-yeRUYbWRgwPExIeWvS_xuWI89yPpwdk0UUlyUuHAbeaKqdHQ&cry=1&dbm_d=AKAmf-C8l1GM6tPrZSQTTS_hEAru0h9CFqG93dPQX_K0xIYPTSCkPMxTpkVuBrjtj8h470pdoDhYaCGbnEi2NUHaSaQQpCh4xsNqP674g1awzGf29yi8gZnIQYgA3qlc2e-SJErwd4mFyKe5YpbTRA7Ha42qP_QqLMYXg9vMatXYRYOQYHWwnx3bDDSoHopzna5GJnP1cscRDnR6rOqNq_0gXGr1QC0WFHvnjQiLAgspQiFaEI34SX3xln5w_yJSo3PZuUWHlK9QCw9CwnbBvVy_UPrAMD1RokAIifYJQbMNQzAuPces5mTP4ht40NyfQ7NdibRmzCMI5EgjiqWYq6XhywTJVPkgW6CegRmitbsBZfzKbXVNO4DT5nDLG_9chwEDdtlhSUcdyz-cyaDnf_DyD7c6tnRkVgbnF_BRq6TJ3qKFfsbi1YDyR3ELO2uT-wz8TXOdOSNZd3Sc1RgPrMpwiloAjl_pF3AstJAPHMc7cH7Oew-ardso8i4yaixSBZtiUZk_SHA4fZm-r7bKnosgZ34pjqWMO0_AQYy4wGwQz5kyjYfTXARr5M9mLSmBVZfdTt6MFlP-WUvmx7hHzTP2mF3WcmNcoe59ZJB9RuzpsU0l4H4KaMG1pMje1dHe75GK9GP5B54aJQ9QfO9vcYEly2aIa02oA-f-vMeqofWq0VuYaoDwnT-5qh0oJzJz9o9lK9vHY4v6S4C34nzVynXwCNQAoD4UaX_xomWYAs9ojJDyii8zTf_A6813hwQrCyKEwUy-j-OZT626WKzZzzXf8Y_McU5dnBqk-elfr5lIUXqH1I9XD6yi5Wbdl-FMsPvY0f0T0DU7Brn8Dr1dVv7NnTC8rZ4sHFlrn4wRcvsuvvvLnaGujdC7T0upt4R5AuyzdFi9p9o4mm77feqahUWE193Iq6Wbspak6qim3nBF6xAwG1BM8G_H-JZ7UAtIveFV5u8pE8U75TUivC-LlSYEy3DtQYSEZHii6SC27g4ORQvyE2OWnhU8ae49ebB_IJOSdD7AL2O0KBhlYHfr89Wh6lO4vw9C7_R7ZHQAv60MmFJ5tGvVWmmdE2wMLkuO8FhRIi8Lsv8RX58mPWXQoaswPk7SF-xydvPBuzPUOM8fsTGhxw_E3SBvcSLvxbiAN_SzMnab41e9f8vAsqTnUr1LKq5MKp4yu2psqMPPQGhToG7i03M8DFGZZBrFJIwKYL51cKMo99THCKRoL-K-vFxA9OYSv0MQZdH8TKstvQGqYwHiEQUxOv2sSwRgD1dVkWyGSHlXWfPE9I0Tm-DU_eM_WD6hPp-TBbXk4Ax_woUZasMFCLIhwImReguTRUklmVROpRsUyp3o6mqjRILUuHp_cb0q_5mjc8ZsKDk77H4Lq5ISk4E5Bog2IMnDPmew46zcLQOi8l1Esg3zKPX8YlAwMcfL2iX4fDA9o_QQ2blHSTN_JOy7ogF8D_Okkbge5F63LKSRnm-rglrc7X9Xn79WYLh7NLsE5L1wdJTTrefhUo928h-Ee6Q-rP4moQbG4L5bkvLcdL7WHglptuuixma6ppIHEzOod2uhKH3w4oOAeOW15DKQZ1wjj3FoLkftNjrVUDW6P8MznxpfPW46rmt4pLvOTdvsYzmeTlnO6kjpt59y3LIApSOsLLMhr_uGU9G-LCf4KG7SlZtGu7SMxlCjoot2G2Q1ObKj8KHfT6HFdlQy1N2-sl4JC5LvzGvt-PaScbxn_G84-lgJ9tpfhovKrU6PPhIoYmt-Sc74Kp4EDwiajSazDHWxAg2FjMCkxij_gCx4suIs64zc4eoJIemLjNML369dXM0rHHq3jvVk5V41WXoIzy7LQwMvgxSIk4gdlIWGHObTveuxIQtNhaURulJFVuYmuDLSUNX-MlH0bqvjRV_wtQcQ3_j2SH0jLfcgXAyeUcA9AbaQ4oQu3fn4Ck8PcWOXmPEVe9noz3F8dEuvvaEANbELZUDxaplrZndqpCwryu-L3RFt5rPBoC2gY0MXsRdCF-I24UFErtqc-zPo1Jg9ojvoUj5nAgI4M5KwBqUmUn0tXgDgN29tkjyF2p4DLr2iuu9oJgBYDNOx55ni7Vx_RgwqH4F42rMpI9TyaeSO-ZalfrwJcaEKd5QdWZowK42Ne0uesHNQ9WF4atq4axDaW7Qjjc-mrr635rXHvBKqJgVCsCplEjidBWCFNM2zb20gLgW0dspSAHo_Z0koyaTByaZuJ_gcRHmY7K7lfvZBf4eXfh9yC5BM4s50mAFjMSa6diwD8jSJ1wfwDivXgKm1vuTPDZTKCTzbzSXgv-WvSPjw9tFLqLvmYFZmm7LwoAhlhsKkt8Q2h88T-noWfzJNy8i88n5E8654_uvLtirWUGpLqmY-hVy1fS0NP5VQMPigHpeGKLnXOq5QtW-NxaTVmMwp02cObUwf8EaOFozXFQSKUbXD_ShZRFYgqPuhuEzsaBdTi0BPyBMnd4p4HLcuRcQ__ZikmwnqBWnge2OK35z4zI18nxIwVLyaeE3S7H3VgIlrzUmOts4o3WtaexTr6A2abHioDR5zdywTOvIpLBM6RuNUm1fA48vZZoiY3SSsZd9q2xx8IIS1YCyqg8iJ-Yrz6qWVGxD71t4obb4-dZ0Jne0wYDhdHpKdhgytSwul8tqHSErGL4zevKj8MjOBlAlpNgCBfOzCCJtEJgkVNcOWe3KsnUXzMjG-6iizkljuuv0f_15DpZ-pfiemQH9rWSNK-CglzCjUe_cg7w85EWnbp6ZS7um2w_iTNmlwGMXFyNCFMp1hoM6bu8OnyklmobWznvgz1NeJlsjD_hjIh5ZcJ1JiE6Dk6QUqfF2oZg6jmGjLMd7rpeoCRzwsXawse_Sga6P0dZNQMaiqBzjoR2txWQdXPKrr-WEG9zkGEpdhIiQpsC94jT3H-Jpz_oo-8MRitjf4EeXpZz1RfcMHE8dmHZx_w4x48f4K9LruhV5ncYdDYsddlVKNXYh_C_GaPsSgqirDMjXnxaZRl7KtNkH6P1FFThfbd_9vhBzYHv3VXuVA69i_FXGvrSNWvLMCzl6v5R744U3djGuyqQvpGftTHJbFTTDkKTfJwLSNH_Z9TSv69LV6hmc5o-_GA3VgTA7Oa_gq82KWIETF13WRDRygc2AHSbYeQfldumZ7Nz9frban3P51pWSBMgvBif_Nz5lEcPiZgYgki9gJAHDM90Igis_XzOLSP-Fzs5FbKwQfRZufaJHf8HljU5kF4i4ig-eTL4cXujnykF2EE5Dq0q11-VfXFDhXenIl-AcEij0lFL4tpKsF2XCzzpq0JyNOC0utDl6hERNi1f73z4rZ5qnXkpDOYFqqrQo3xJIhmTuSArO-Kr5yUaa2Xvd1MhfSabp5QoVWjzXPyuUGsO0FXsR-Pz_fq_hWOQ5KczQq92jTaiaNi9xeP41mW34mjgxuholNm3dvNqZ0DDeNhTXQ_lMosqFcsK4sAo8X7aIfYTha4LjivNomtcVL9Cg66jgWTj8w7TZx6_sbPnO8dofk2zHFNmbgTs6cGzSvTDfCu1wSVBwOWowSyoO9iEZN2zfAhIeYpBTkYTdT2pYizAJYawzWQKMrrJxSyMoJFoE0YdojJsSRMWme63_cv5O8gSEnm0pxXqy5TvBqvpo-WtXuKB0-MudKqrkaxoKHAtuV_BCaWm6-pBRPCmy1w6qpNsyyo19scvgequQIerPmOTyPbj4-SvRGguoisKH4hmKCb6P18q43WLAtjQ19r2laugTJXAoxMSJglOO1-o8oSOUynkz5FeFrab2-kAxPFj8-7S1KtO8EasvyqyZMAgoocNjVKP9_ep89hgKTWr0mFIvhGQZm9mNThiw1fTLKYacOC_LTQ5Ag0rdymfWiluW3eBOKWQYZWDJjQ-cjjaEL4dw7d2th&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14559153518205784000&adk=1405019969&idt=190&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4bd4f1f7a48ffd534ddf6760cb54244410e9f65656d8b6e0a2bb1b2e85716637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1BA 0
56 B 126ms
125ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2596837371981&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1BA 0
56 B 124ms
124ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2596837371981&version=m202309260101&ct=77&x=1&cor=5980069646753968000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A1BA 16 KB
12 KB 125ms
125ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkYtEdQ0c1AREBRlPMFF05y_Ety_Qq1h2HaU1RaPWUK86IWiUeE3GxJ4o9eIbWemJ0QWhTXzhCZLFPLah99MaH94rtyKIVAaG60YOj7bSy1wqI_JrIgbz8OhKD5YGLiIFxJcHJxuG6yonuwYgGaDJ5FsXymzWhV4qbRuc8F1GW-viAnOY&cry=1&dbm_d=AKAmf-AC_ULIbSHEV1tkm4Uyo-I3icQXaPnzVN7g2gl5voDp11LqWOfBbtlH4Ne_5vBKKh8hEcHc6BrnXBK_yqpgHoS4oOdTt11meVAv3Wc3LrF74gxRc4VR0cy_LVwMulEAJ0GNKiN5ksa8MiJElw4oVtyibmJwaxMvtIZsvFgXe3pRIONNuLbhBTgmv4oumi07an9oc2HKJg8nHkw65hPSuwisl1llDqcJibBnH5mVfCCdoiuREPnpLwzsxujzJ-gUlJelK63KlBOM-dAuFOZsItzPwwCy6oIgKr3_InU-AU5i9ZEouDqR8V4IVmbKt1ehUUqJSeYO3lF1JtNwhK9o1yYaWIi-q3zVBVDaQE4zT-t-xN45Uqmc9C4unpIxWXL4RC0V-5lUXZY4rdX9zNWMLjhSQUxxPqYAlY6r6hTHGv2Fw16KvT9A-4VFbTCPj-G9w4njj4ziwavNTEPD3TdCR93O2TcdUTlvdE-Y3IMeSCvloVRu4_oJHk1F2_vCtm4drBiAsPkC1YbnrN51C7AP1Qn21_52ysT3VAVwQHfpl3oqAk9G3wkHq-nokciuiBfcJN5EU0CJXLej-5QHCVPJ0pWbbl1rsDbltDHVlwTErMtrdQVZZ0RjQ1PPMUJ7YUSjwDIDyxp9aEBTe3sqGObYxCdX5NVDhQ88-dI0MAd6_wKRwTkFR-_t1pPyqlWsXkVcmtS3ibN9KimzgJlx0H82o70dtrcU-SKEJ6BOtLyb93U3S8r-clmEWM2NYBhOzAJPiekcUN0Nb5S5fphuKhj_wdTp3OeAoPnIB6CfzJQ6gwyQinHdAlvJEh7hdA8mvQIYPAd7iCKnvmp0Xnqdr1nX3R9vglQEsXoJSahBgMrn7md93uzCaRqyz9_CF8SbpVaZsUrX5LWYkFVjQgnLbTeJcmsTjMoRwKHLSQ3B4LGMuYeKTmtrDuISjXanlJhVs6bGINdZCgE2EKv2ve9EHfVPK_EsUnmqdKAs7nN1s5TcMSVZ1XpSjSGkZYIJF9Sd5gqPi0DZf8erTT6KvLSBb6Xk37huisI8wFVGtVgrZOR2nHrrznVeC8hme0SFZiLNURPOBDd6VmfUO_sk3Lb1thrWV5YvO-p10EGzhsJrI7cq4BcrokzZPPjMw8d7CnlcmvWx9CDHv5XkvpvEVBYkC8hGpxPVwPrDoG_0or9AMHN8ssfcuzCxSIc7bPD93bVo5fsDJS6zDRR5uaSAUOMGkPbopNXBVRznVO45s6CgHUdFWbDqpAWEP4exkc9bvQRkzbD00Sn-KYKOPugebX4Jh8BIDe7LWKd9kG4_dS44qqSfP_3NyaBToRR61SXIQ8Rvbqe4O1JzSJZ5fVxUqGCbKq-tkoww0Xldk5r84ZCbLVaY96sI1woKTbwSDwpowddUBzxx7lyo-YLi0-PHzvMVyzB04f0Iiebb80rXfxpjO6VQVIxr8SBzNmHjW2wF-xlW0xQd6qR3l-RX2PDb89uWgANGAxorUcv-Ehf7xkqZ6MuYd0DnSAuvj5VTpiV-c8CwUh_FHovLmvOp7Cx0ryr9KYAhvRRPsXr7iQqeAZzF1wnNN10NYaw4zeZDfApxuAePPKwVw2gvee8ezf4DROgPmPXKNuqXSBT8FATZ6RGtgHsKyfuLy2vLstVXRhW9ArS1klCUGkFdwWdInSSMu3rEWj3n_G0m9j_Oy6ZiCppJo2qBvhmTv5Oy1qNQRPMSrgCuPrFwXec-ySt6U9_O5wEnTDcklgl4YiLtqeizWpT_TAZUj2gNTPGalBC3Ryo-Xbq0CxeLWHw6otV34OxUMX8aHhF_Gl6ym9Lv8GbRTOTwny5N3MyZVpy3QYXx8WmI5brRmJsO9tkssKgH3k3uqLkz-novLl9AUZRmFHR38Ybd9m6HmHsfnRW4Q4raMyNMbISSNTzCUS31SRYU_cmxAtMMFxaXF42YuXhXihPp6VBPQOYU0wbWRq-26YGMMFvk9Q92Sw8YI7huWx4y2PRfm29uvqJDpaeOROAMmHsRwMecQ6XW3cMdVkL5skPWdTZ5ftByH3k5BqwSkenXyT0c5L3c9gvf-Xljs4PfbSl20CTsR4QxmJTzk-Q-TzQ3gSHvHt-B1Y3upMiruR7DYIw_WM-6NCfkap43iOtquiqiKoHP3JjYxWS2uqR6FYbQiEC2fauzbOB4mqqhewr7xdWwxovnEHKhIb8fQxUkzzvT5_B2FOOJI04DahsJo_W0FITlV5_A5G4ZjXEhDk_WSNIw1Q_xleZzJgMJsRxFRg4Zy6IyQBp38n1bcXRyI_EXwr-r0uiBWKdPjCDeesXHgG6fp3nbR-ImnNNEkjv1WTiAX5fwY7WYOphqPy0lYiPtt7r24eaApxJUpbHooUzSRYpWGzGW8Jh57lR63Jj3DEoN2AkG_asyw928ux_SpRjTVVAlJRfK3uFo46S_Dwlhzxjxz4mB70k952diSyEA6zsv64HzBPMSwZgvG01ljAUu6uAvPaQ2CykkbwyacarGXZvX7mVjWvRuqp0Qrvb5nSINtukLKu4E2vXCMSl51dJjeeGSAFbKObgZwB3DeYMXnZ-ifskP8zrKTjrNWN5LlRExvWbs-57N3KaSatcxi4Kd5jqJRng6cl0IDHub7KRvOGAHaWnJcw0IXsAbcaCOSqlDLChgOe-E-yO7dJmSlYo2wtXpXmdz6STeEQY2MUIhDYNyppK5KpEap2a2tjXgvFVcohYF8A2RKjmrg-voThrxsVkk8B3MXMXvJevx_DnlBF-c-kdweTyhSIefBC_2Iuh-pKx3OBo21H2ElD7x1MFQW3kl4hdQdd6pA-YbFo0Vp7H8ljvaE-_CybQFuBvcDgarCIo0NS2aXC2-bLGBJat26fvHYwwj7_mUTn3xldi2xLIj58xi-CHV7nMmMqOSPAWJwXbvi1ipUPWaGByWJQuu1-JfqTrZwFP5dHACcmThONSr3_QMXim4xJri4lIkZR6epu7ORU3d2P-T803OPloMdXQa8fVEg6GJQv6CDCmK_o3ZK2_QU39jJt_aPkV57f3Yy1BVfmQ3_f1Bmb0xKTNgirDl8Y5guEkC4ZwrZbrpU2AFlXQ5u-zCuiZA1vlVpnJU3NCs_qnxwl90pfI4_EpNnzAzchUOTRNV4NM6SwLDbbNb--p04Q6BSOughsV_6yI_KJD2KsCaJRKPDT59JmuVG80GCV0etZ_IGtmmJPZe4jVnO_Xsrc9U42KB7on-_THDrAugcQrJKi363MDr4lOj8ZS0q-Bm9QF9q_0R9tTFgsjhobpfTmhKVp6ZWMHToVHmypAh57-bwJtsDwA_vOYDYjPBRvMAt7OtIEZDhvnSWawbPhl-KZIY_uEeTygvv6Ge_gLyy_w2TEcmaMzqqGSICSH7K8ZF1ScNjvo5xfPMw1qAJB0oz-uUaOwaIJOlt5kNU-SHj4pLLbsOhkUuHQxqccfVZU_NMci-loJ6WsevwxWuAqU2UrtmbEFJ224Y5U2P07QrpK2n55kWARQCrFRwIFAj6D9k3Ct2PuyXLnoXR6kajt2vU9h3XtP1wR7tEsPjYIfCCdr9qWwH58A4PWZrCBBYzHTJWuAqLs-0awATuwi6hDamFjDRsAwdegFzTGUFwB9LMeLVdZ_EOpgy0HIMSYr-Sh08pc2uAY0kHYfN2LUq15aWYK3csCOQ9bIS5fInqFaVnR84c-8aiXQTPwiYq6nh1u43_MAnQSodph7_efuRI2mdG3yTcmKk9xd1l02ADxmZrC7KOXn2b5222qN3tFHY-8verw5_OzhMOkMdjxIvgYrKxw9SeBEAPx8EtydJ-bX9X0A0R1kDGFCmrtcApiWA86tPSrvQq5xY5mOcUqbjF7RdWStQCaC4aHbC1A&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=5980069646753968000&adk=1935140218&idt=236&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2f4525585c6daab2ab2ad33ec43abd98c205548fd8a3b72730b1ec97e53f2820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 55A1 41 KB
14 KB 52ms
51ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPFDsVbOhI-Wy_yKsiRDH5XQS63FRjafw4DS3DJS7JLLO-aXnNh5xQNdbP468SjmwuDXP3riSOvc6L4aMf4Z_id6-VbM3NwFa8oItvemACtfsCNQVbzEaVmQwl_wJE7bWSus6-mE4935869eA3MOSwWhDt0mxbbdtYHjBBSGgV8B7sjtk&cry=1&dbm_d=AKAmf-BknP6FIiG_VSH7XU-upGT8P2l65ujKUNxqmDxGHsm1f7WGWndq4apriJqJ9wlWu-YOojnG61rZAtG_7J2tO9AK_AHhb-DqED0W4BvfvtEzXbv93HP4GzNrGoyNVq0SqE9aMG-U8kovKGkHZM2m2NZeYtHd1RoGnNCdrGF1Ce31nWgPhOboP5JQlOs6bXH4gooHQdw5Hhq0s2HNeD0grlQKiYb5tT6fWeSCDi9UFNXaT1GImTS_YJrmgf7M_4I5p9iSIDj7z527MIMv-H9gSCIpbCqVjRNEqjHvykAkNsIfl9Ng2w-CiDqL3066nxR3YpgftlWEZQXcXcPWriI3zZe5oTjT617Nd4BWBvmrDsJmvsHocL4V2PnomZidRAXHmD34IHaXaJKH37MOnjxgZY_2Q7AEq01It7VMnCmOmhLLC0F6yt4nOdIhxu2ZREVPoJduhAYa0vjxuObeZSe2MNA7qUlieKKupgH86jBfeOyp8HCDvYgFV2_tF4MfqF_hUJ49LHjjbAO1CkFW4IgKgQFV5FswKTO9M-4fX8Pjr3Mu54ValCZKxrFZ_VhqNTpAJoPK_jhdZfBv90VdqXZ8sU-Q4rLj_TF8S4MuJ2UFE37dxazQVsRmeCrxGp3pgNWmdrUcEVwuT95N7u5HfY9Ssyfy2vyp5iKFIK7m0Rt2xc1OsmN5uPdhmIKHcDTdtbURuL-lLVUt_abgWFU8R9gVarl_xeVdwq20JE59AhtWLHsqFj43_HgRFuNCvBmk6UI7yzIpxPz8V-BnVDSM42XOCmpZv-5h4Wf3XwGKui5JUhHQsEcEIhV1Jc-WOYULWEuyjnrSIx-uWkYBdEfM0TNdZrS-0sDNMRYCcAPdLjyTSuAo7yChYlUtPCY7qPntTG9PYu1mQ7QpI5QcCeybj1m15JVYaEzeePjWAEwS8IFrNsmulPaFqAaLGbWJ8cQlMZvHR_iLihMWseldsFqnxddbchVtZYmDB97LdFtoG5Wmjux3gTXifjCklPDCP4B_JcNDiYSgTXAEhbJencyZOkS5ci73Ksl2tF8MHAzaSxDuPU2kJZWkDrcO-8Ncb4I4Xv_getEhh9ZK0Sx9K9zRFlEc-sySkUr2YmD_bw4CiNtSvO74wMzF7Xv75RLUXhVuy8NzEb_GLSwGsikbkqcl_ocvCms1bLZSkC6indFm77L_PuHHStXZU-pJsW67gBQmu8lpixTtYCaa9a9JKdATp8nF-6h86DTRk1yPhbmJ43KyQfqbbhRenOwqzC9MkMN8GYh9UBHANnEJv_3mahzSGKlzlRIX3ZE2KJTRz_ufyhuGBZ1AozrDVyCpIe5TGgL46S6xSDtEXgiJzZdBK5mTQ9tS6gSXsuFb_Goy6nq6e54gQrAalsU6jGczH1YpQt2sEMM6KbVRkeJcXRGcFBh6NlmacHPuc-Mpf0_CkvpAdpSDktrdQRHZk80cH1j-MGqm6oyNnLkp3GMuQLG1oJjdOqI5qiSIE_URptj2c1hFQ-F4ID4tiMf2OSsr8kwOIBu1YS1YNw_9N08UwLc1spD299HeWyHGJ6LehK2sTL5DoxBUjVhwZW1tWZczmMHao98nk_Cl6rES3jcEMM1Rtc9L9Iwr_0vMd1250rwJ4nEjZtUxQwQX91WF1lNouviTPAyOb-kEc609VTBKzTOqqq9JoU5vkNH9p6FuZjhkCRNolhTE3a3Q9z4pr9dXdfx-f7CMN1_6qwx_BXeHNdpyGICkE_lo6kYuNF6NJILDx3l-Q6mD16XxKsmqI5G2eytHIJMsBS51M3OSQXG05kh06k-QSKL8myKbUUkGBFUtfPHkh7aJUjlCnj5K79OJBrUdozqsjtLSaUJQFVkupwOByJxnonf2D0GugBbfFTIdFbzxAVVVlbTEjQoMTI_i8hKgk_eTnGFrOdqlZY-9T0zOWkduf18ni0Kx6Ho9OMpVSObMb216PC5dT69md2v20SjIHs-KtVBFjf62zfOsAwz00xmWJDICXlWFMwGbYSNVR3s-uRrpupkZEBPoPcCMSYjNDd75WaMq4K0zZwSMBx-HwPwP_bHqpsdQfu4r3VGiWVjIodrEYyXRwdBN1ZUthPsZ42EPmKxTg0mD2UsMangnyKADyRuYBYQZ_tOPQlbABtKSi4qw1jAzmpcbUmvNyI7OugKa0ooR3m0CtGLrUll7yj2tukbKlUfbesrcVyw_MfIITq3IfadWhw-XNRoQ9NKhJ3G68bKi_eJnRusnJ4qZ30ZvSyEq3ZR9IQJxnb96t7CSfZcQaQrrN7i10XR4N9SRb9UloIuPlAEi81qEcY94EyDwiXAJfqnTGGGKbtOR5Izw2GgPpKULqGREtXRoD1o-2Yi5JbkXCJQ3nRxO3EID9n9mGXa-oF66l96rSlzyUkrzEJmJChGWSF1kjJqyVFpf8yzZ7kNCw4Ttrd58DcT6ngA7z5mzQ73-DSONTzGsQaRycPVSs99DyGYbhGMcaxnGWkIEVFjUHjy6JXgiH2v7SJQNLqClMPRJEWtgD88pkBi3JOIJmwQx4kqjcnZ17kfhrfPlpUgIh_yn4Yw8uSvEds_77FF3hWkIsW4gkIJ9KNRwTM9bWKO661LgXVX7amRK-cL4-MTcVmgbbLCfwihpVAzCFPJxK3l5_l_rE13ZaID_4HJlMGgYrAvjmV0d2fqiVi_TXgW1CtWFlfiZsxf9RtUu8pdsiRFq_nlJEu_icNUWNBMpyOU51KnraNqpTPABXi5eNlMjKZGOzX1fWy427J8KKDlHSZ4liYrLYyyGPHrtM1RgO_dqdfEfmq9z07Ves_0ztiDwTFWV5EsDdtHTO_sIMkTXZci2eaQm7wg1eijQodL58ZXNIGzjJ-NvELhr8ikBkuf9_CFS9ZtVw8RfX0cnSkW5YKhXmk2W4gpOCSYjspKdZUBMw1ywjLa-sdRkRFxYyk5qCIyH-FKsVOKvAd1xITbiO2dUbTgb68pB6Bc3_LC12bIedmmyRyqe2TppemndSb8oZF9w7xFICut2mZX_gRgY9vztxmRSKzsaIyggJC8YYxi7krSOw7w4jQ2m2MkePd_5cMg5sZjGlZIi2aHbBhS_3ShsGy7oHo7n-FbIjufS00oZ3u-bMfGvYmzfocr5t1rKqOfTHScjTqTsojWRJA0bT1GDyVM4HlVEnFuXQcOSGAnOrgu_DBTGcHY2KnVwMrNto8c96CYyx3PbhbaaSSMYcJMKwfY5cYc6h_hLnVWIuZfnTJIwOakSd6-a9gVS6beY_XJu5aXMqqQW2bPv3IIyPIaj28LH_akH5R6uq_dYR4mWIdxTlSZf4pHrcj16L5KjMiTka9gwUHm_2ln8rjYNy2SPXqgY8XIwa5KnhcmzClfqIDrYHUv0sMT06dfJ-bqgw0jbIyKxrIl0YG__2IL4Wl--PbCn1DwMIHBAX-vHy9UcgRTE6Qs8GrifGZp1RpaLLcFkWc1HtFyhcTEAPkvlKO5JYc3CvOWQSQ0ixRuj-2oVbTcO4dPzND_2uYqFL3Ja2Vzfx53JuXOlXrimT5yq1XtxJbGAguBHpTZVT3nH5WM3h2LrLRSTADTrq5P-OoO3t-6-PdN5eGSyeWdKRubMCyn47VJ3LoFaL0LQgVro0fYCMYkg_kfNs-eMJRObAqGfjQx59dc1JwTMJf25AahnJRrDG-3ZGHjBpPBwfVHEVpCcXZJhSNkS1RrTjbbSIZVEbXNdjSex_wcns4DKLdM2b_RPBmy6FyYGJj3aQgwg0ISeR7YGuDZSsTbEW0UMUugzhfSP1d0DemGC1eM5ESSQ0gU42OJaxlQzgwca8va_7c-sndO9ZhlrEZB9N8SvlFgJxG0YrWK1zp_sR5F80aYzC9klrMIAPQ&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=12840525814615087000&adk=3062569608&idt=153&cac=0&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4D4D 22 KB
8 KB 86ms
84ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 402072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A1BA 41 KB
13 KB 90ms
90ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkYtEdQ0c1AREBRlPMFF05y_Ety_Qq1h2HaU1RaPWUK86IWiUeE3GxJ4o9eIbWemJ0QWhTXzhCZLFPLah99MaH94rtyKIVAaG60YOj7bSy1wqI_JrIgbz8OhKD5YGLiIFxJcHJxuG6yonuwYgGaDJ5FsXymzWhV4qbRuc8F1GW-viAnOY&cry=1&dbm_d=AKAmf-AC_ULIbSHEV1tkm4Uyo-I3icQXaPnzVN7g2gl5voDp11LqWOfBbtlH4Ne_5vBKKh8hEcHc6BrnXBK_yqpgHoS4oOdTt11meVAv3Wc3LrF74gxRc4VR0cy_LVwMulEAJ0GNKiN5ksa8MiJElw4oVtyibmJwaxMvtIZsvFgXe3pRIONNuLbhBTgmv4oumi07an9oc2HKJg8nHkw65hPSuwisl1llDqcJibBnH5mVfCCdoiuREPnpLwzsxujzJ-gUlJelK63KlBOM-dAuFOZsItzPwwCy6oIgKr3_InU-AU5i9ZEouDqR8V4IVmbKt1ehUUqJSeYO3lF1JtNwhK9o1yYaWIi-q3zVBVDaQE4zT-t-xN45Uqmc9C4unpIxWXL4RC0V-5lUXZY4rdX9zNWMLjhSQUxxPqYAlY6r6hTHGv2Fw16KvT9A-4VFbTCPj-G9w4njj4ziwavNTEPD3TdCR93O2TcdUTlvdE-Y3IMeSCvloVRu4_oJHk1F2_vCtm4drBiAsPkC1YbnrN51C7AP1Qn21_52ysT3VAVwQHfpl3oqAk9G3wkHq-nokciuiBfcJN5EU0CJXLej-5QHCVPJ0pWbbl1rsDbltDHVlwTErMtrdQVZZ0RjQ1PPMUJ7YUSjwDIDyxp9aEBTe3sqGObYxCdX5NVDhQ88-dI0MAd6_wKRwTkFR-_t1pPyqlWsXkVcmtS3ibN9KimzgJlx0H82o70dtrcU-SKEJ6BOtLyb93U3S8r-clmEWM2NYBhOzAJPiekcUN0Nb5S5fphuKhj_wdTp3OeAoPnIB6CfzJQ6gwyQinHdAlvJEh7hdA8mvQIYPAd7iCKnvmp0Xnqdr1nX3R9vglQEsXoJSahBgMrn7md93uzCaRqyz9_CF8SbpVaZsUrX5LWYkFVjQgnLbTeJcmsTjMoRwKHLSQ3B4LGMuYeKTmtrDuISjXanlJhVs6bGINdZCgE2EKv2ve9EHfVPK_EsUnmqdKAs7nN1s5TcMSVZ1XpSjSGkZYIJF9Sd5gqPi0DZf8erTT6KvLSBb6Xk37huisI8wFVGtVgrZOR2nHrrznVeC8hme0SFZiLNURPOBDd6VmfUO_sk3Lb1thrWV5YvO-p10EGzhsJrI7cq4BcrokzZPPjMw8d7CnlcmvWx9CDHv5XkvpvEVBYkC8hGpxPVwPrDoG_0or9AMHN8ssfcuzCxSIc7bPD93bVo5fsDJS6zDRR5uaSAUOMGkPbopNXBVRznVO45s6CgHUdFWbDqpAWEP4exkc9bvQRkzbD00Sn-KYKOPugebX4Jh8BIDe7LWKd9kG4_dS44qqSfP_3NyaBToRR61SXIQ8Rvbqe4O1JzSJZ5fVxUqGCbKq-tkoww0Xldk5r84ZCbLVaY96sI1woKTbwSDwpowddUBzxx7lyo-YLi0-PHzvMVyzB04f0Iiebb80rXfxpjO6VQVIxr8SBzNmHjW2wF-xlW0xQd6qR3l-RX2PDb89uWgANGAxorUcv-Ehf7xkqZ6MuYd0DnSAuvj5VTpiV-c8CwUh_FHovLmvOp7Cx0ryr9KYAhvRRPsXr7iQqeAZzF1wnNN10NYaw4zeZDfApxuAePPKwVw2gvee8ezf4DROgPmPXKNuqXSBT8FATZ6RGtgHsKyfuLy2vLstVXRhW9ArS1klCUGkFdwWdInSSMu3rEWj3n_G0m9j_Oy6ZiCppJo2qBvhmTv5Oy1qNQRPMSrgCuPrFwXec-ySt6U9_O5wEnTDcklgl4YiLtqeizWpT_TAZUj2gNTPGalBC3Ryo-Xbq0CxeLWHw6otV34OxUMX8aHhF_Gl6ym9Lv8GbRTOTwny5N3MyZVpy3QYXx8WmI5brRmJsO9tkssKgH3k3uqLkz-novLl9AUZRmFHR38Ybd9m6HmHsfnRW4Q4raMyNMbISSNTzCUS31SRYU_cmxAtMMFxaXF42YuXhXihPp6VBPQOYU0wbWRq-26YGMMFvk9Q92Sw8YI7huWx4y2PRfm29uvqJDpaeOROAMmHsRwMecQ6XW3cMdVkL5skPWdTZ5ftByH3k5BqwSkenXyT0c5L3c9gvf-Xljs4PfbSl20CTsR4QxmJTzk-Q-TzQ3gSHvHt-B1Y3upMiruR7DYIw_WM-6NCfkap43iOtquiqiKoHP3JjYxWS2uqR6FYbQiEC2fauzbOB4mqqhewr7xdWwxovnEHKhIb8fQxUkzzvT5_B2FOOJI04DahsJo_W0FITlV5_A5G4ZjXEhDk_WSNIw1Q_xleZzJgMJsRxFRg4Zy6IyQBp38n1bcXRyI_EXwr-r0uiBWKdPjCDeesXHgG6fp3nbR-ImnNNEkjv1WTiAX5fwY7WYOphqPy0lYiPtt7r24eaApxJUpbHooUzSRYpWGzGW8Jh57lR63Jj3DEoN2AkG_asyw928ux_SpRjTVVAlJRfK3uFo46S_Dwlhzxjxz4mB70k952diSyEA6zsv64HzBPMSwZgvG01ljAUu6uAvPaQ2CykkbwyacarGXZvX7mVjWvRuqp0Qrvb5nSINtukLKu4E2vXCMSl51dJjeeGSAFbKObgZwB3DeYMXnZ-ifskP8zrKTjrNWN5LlRExvWbs-57N3KaSatcxi4Kd5jqJRng6cl0IDHub7KRvOGAHaWnJcw0IXsAbcaCOSqlDLChgOe-E-yO7dJmSlYo2wtXpXmdz6STeEQY2MUIhDYNyppK5KpEap2a2tjXgvFVcohYF8A2RKjmrg-voThrxsVkk8B3MXMXvJevx_DnlBF-c-kdweTyhSIefBC_2Iuh-pKx3OBo21H2ElD7x1MFQW3kl4hdQdd6pA-YbFo0Vp7H8ljvaE-_CybQFuBvcDgarCIo0NS2aXC2-bLGBJat26fvHYwwj7_mUTn3xldi2xLIj58xi-CHV7nMmMqOSPAWJwXbvi1ipUPWaGByWJQuu1-JfqTrZwFP5dHACcmThONSr3_QMXim4xJri4lIkZR6epu7ORU3d2P-T803OPloMdXQa8fVEg6GJQv6CDCmK_o3ZK2_QU39jJt_aPkV57f3Yy1BVfmQ3_f1Bmb0xKTNgirDl8Y5guEkC4ZwrZbrpU2AFlXQ5u-zCuiZA1vlVpnJU3NCs_qnxwl90pfI4_EpNnzAzchUOTRNV4NM6SwLDbbNb--p04Q6BSOughsV_6yI_KJD2KsCaJRKPDT59JmuVG80GCV0etZ_IGtmmJPZe4jVnO_Xsrc9U42KB7on-_THDrAugcQrJKi363MDr4lOj8ZS0q-Bm9QF9q_0R9tTFgsjhobpfTmhKVp6ZWMHToVHmypAh57-bwJtsDwA_vOYDYjPBRvMAt7OtIEZDhvnSWawbPhl-KZIY_uEeTygvv6Ge_gLyy_w2TEcmaMzqqGSICSH7K8ZF1ScNjvo5xfPMw1qAJB0oz-uUaOwaIJOlt5kNU-SHj4pLLbsOhkUuHQxqccfVZU_NMci-loJ6WsevwxWuAqU2UrtmbEFJ224Y5U2P07QrpK2n55kWARQCrFRwIFAj6D9k3Ct2PuyXLnoXR6kajt2vU9h3XtP1wR7tEsPjYIfCCdr9qWwH58A4PWZrCBBYzHTJWuAqLs-0awATuwi6hDamFjDRsAwdegFzTGUFwB9LMeLVdZ_EOpgy0HIMSYr-Sh08pc2uAY0kHYfN2LUq15aWYK3csCOQ9bIS5fInqFaVnR84c-8aiXQTPwiYq6nh1u43_MAnQSodph7_efuRI2mdG3yTcmKk9xd1l02ADxmZrC7KOXn2b5222qN3tFHY-8verw5_OzhMOkMdjxIvgYrKxw9SeBEAPx8EtydJ-bX9X0A0R1kDGFCmrtcApiWA86tPSrvQq5xY5mOcUqbjF7RdWStQCaC4aHbC1A&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=5980069646753968000&adk=1935140218&idt=236&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6C70 111 KB
39 KB 857ms
54ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 07:03:24 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 6C70 11 KB
4 KB 134ms
134ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_LblaL-qyXj03IjDRB2BFdcddKKGKVKqIDZfzMtfldupF0QhZgOcPYwGog95y6MfzuykvlE0AcQlGbwN1CjT2RLPrbIWOL_R7tAsVmfyZJMUwI4OYSyQvySKCP80KRKx1nnySBEw49ZnqOqQifGP-yeRUYbWRgwPExIeWvS_xuWI89yPpwdk0UUlyUuHAbeaKqdHQ&cry=1&dbm_d=AKAmf-C8l1GM6tPrZSQTTS_hEAru0h9CFqG93dPQX_K0xIYPTSCkPMxTpkVuBrjtj8h470pdoDhYaCGbnEi2NUHaSaQQpCh4xsNqP674g1awzGf29yi8gZnIQYgA3qlc2e-SJErwd4mFyKe5YpbTRA7Ha42qP_QqLMYXg9vMatXYRYOQYHWwnx3bDDSoHopzna5GJnP1cscRDnR6rOqNq_0gXGr1QC0WFHvnjQiLAgspQiFaEI34SX3xln5w_yJSo3PZuUWHlK9QCw9CwnbBvVy_UPrAMD1RokAIifYJQbMNQzAuPces5mTP4ht40NyfQ7NdibRmzCMI5EgjiqWYq6XhywTJVPkgW6CegRmitbsBZfzKbXVNO4DT5nDLG_9chwEDdtlhSUcdyz-cyaDnf_DyD7c6tnRkVgbnF_BRq6TJ3qKFfsbi1YDyR3ELO2uT-wz8TXOdOSNZd3Sc1RgPrMpwiloAjl_pF3AstJAPHMc7cH7Oew-ardso8i4yaixSBZtiUZk_SHA4fZm-r7bKnosgZ34pjqWMO0_AQYy4wGwQz5kyjYfTXARr5M9mLSmBVZfdTt6MFlP-WUvmx7hHzTP2mF3WcmNcoe59ZJB9RuzpsU0l4H4KaMG1pMje1dHe75GK9GP5B54aJQ9QfO9vcYEly2aIa02oA-f-vMeqofWq0VuYaoDwnT-5qh0oJzJz9o9lK9vHY4v6S4C34nzVynXwCNQAoD4UaX_xomWYAs9ojJDyii8zTf_A6813hwQrCyKEwUy-j-OZT626WKzZzzXf8Y_McU5dnBqk-elfr5lIUXqH1I9XD6yi5Wbdl-FMsPvY0f0T0DU7Brn8Dr1dVv7NnTC8rZ4sHFlrn4wRcvsuvvvLnaGujdC7T0upt4R5AuyzdFi9p9o4mm77feqahUWE193Iq6Wbspak6qim3nBF6xAwG1BM8G_H-JZ7UAtIveFV5u8pE8U75TUivC-LlSYEy3DtQYSEZHii6SC27g4ORQvyE2OWnhU8ae49ebB_IJOSdD7AL2O0KBhlYHfr89Wh6lO4vw9C7_R7ZHQAv60MmFJ5tGvVWmmdE2wMLkuO8FhRIi8Lsv8RX58mPWXQoaswPk7SF-xydvPBuzPUOM8fsTGhxw_E3SBvcSLvxbiAN_SzMnab41e9f8vAsqTnUr1LKq5MKp4yu2psqMPPQGhToG7i03M8DFGZZBrFJIwKYL51cKMo99THCKRoL-K-vFxA9OYSv0MQZdH8TKstvQGqYwHiEQUxOv2sSwRgD1dVkWyGSHlXWfPE9I0Tm-DU_eM_WD6hPp-TBbXk4Ax_woUZasMFCLIhwImReguTRUklmVROpRsUyp3o6mqjRILUuHp_cb0q_5mjc8ZsKDk77H4Lq5ISk4E5Bog2IMnDPmew46zcLQOi8l1Esg3zKPX8YlAwMcfL2iX4fDA9o_QQ2blHSTN_JOy7ogF8D_Okkbge5F63LKSRnm-rglrc7X9Xn79WYLh7NLsE5L1wdJTTrefhUo928h-Ee6Q-rP4moQbG4L5bkvLcdL7WHglptuuixma6ppIHEzOod2uhKH3w4oOAeOW15DKQZ1wjj3FoLkftNjrVUDW6P8MznxpfPW46rmt4pLvOTdvsYzmeTlnO6kjpt59y3LIApSOsLLMhr_uGU9G-LCf4KG7SlZtGu7SMxlCjoot2G2Q1ObKj8KHfT6HFdlQy1N2-sl4JC5LvzGvt-PaScbxn_G84-lgJ9tpfhovKrU6PPhIoYmt-Sc74Kp4EDwiajSazDHWxAg2FjMCkxij_gCx4suIs64zc4eoJIemLjNML369dXM0rHHq3jvVk5V41WXoIzy7LQwMvgxSIk4gdlIWGHObTveuxIQtNhaURulJFVuYmuDLSUNX-MlH0bqvjRV_wtQcQ3_j2SH0jLfcgXAyeUcA9AbaQ4oQu3fn4Ck8PcWOXmPEVe9noz3F8dEuvvaEANbELZUDxaplrZndqpCwryu-L3RFt5rPBoC2gY0MXsRdCF-I24UFErtqc-zPo1Jg9ojvoUj5nAgI4M5KwBqUmUn0tXgDgN29tkjyF2p4DLr2iuu9oJgBYDNOx55ni7Vx_RgwqH4F42rMpI9TyaeSO-ZalfrwJcaEKd5QdWZowK42Ne0uesHNQ9WF4atq4axDaW7Qjjc-mrr635rXHvBKqJgVCsCplEjidBWCFNM2zb20gLgW0dspSAHo_Z0koyaTByaZuJ_gcRHmY7K7lfvZBf4eXfh9yC5BM4s50mAFjMSa6diwD8jSJ1wfwDivXgKm1vuTPDZTKCTzbzSXgv-WvSPjw9tFLqLvmYFZmm7LwoAhlhsKkt8Q2h88T-noWfzJNy8i88n5E8654_uvLtirWUGpLqmY-hVy1fS0NP5VQMPigHpeGKLnXOq5QtW-NxaTVmMwp02cObUwf8EaOFozXFQSKUbXD_ShZRFYgqPuhuEzsaBdTi0BPyBMnd4p4HLcuRcQ__ZikmwnqBWnge2OK35z4zI18nxIwVLyaeE3S7H3VgIlrzUmOts4o3WtaexTr6A2abHioDR5zdywTOvIpLBM6RuNUm1fA48vZZoiY3SSsZd9q2xx8IIS1YCyqg8iJ-Yrz6qWVGxD71t4obb4-dZ0Jne0wYDhdHpKdhgytSwul8tqHSErGL4zevKj8MjOBlAlpNgCBfOzCCJtEJgkVNcOWe3KsnUXzMjG-6iizkljuuv0f_15DpZ-pfiemQH9rWSNK-CglzCjUe_cg7w85EWnbp6ZS7um2w_iTNmlwGMXFyNCFMp1hoM6bu8OnyklmobWznvgz1NeJlsjD_hjIh5ZcJ1JiE6Dk6QUqfF2oZg6jmGjLMd7rpeoCRzwsXawse_Sga6P0dZNQMaiqBzjoR2txWQdXPKrr-WEG9zkGEpdhIiQpsC94jT3H-Jpz_oo-8MRitjf4EeXpZz1RfcMHE8dmHZx_w4x48f4K9LruhV5ncYdDYsddlVKNXYh_C_GaPsSgqirDMjXnxaZRl7KtNkH6P1FFThfbd_9vhBzYHv3VXuVA69i_FXGvrSNWvLMCzl6v5R744U3djGuyqQvpGftTHJbFTTDkKTfJwLSNH_Z9TSv69LV6hmc5o-_GA3VgTA7Oa_gq82KWIETF13WRDRygc2AHSbYeQfldumZ7Nz9frban3P51pWSBMgvBif_Nz5lEcPiZgYgki9gJAHDM90Igis_XzOLSP-Fzs5FbKwQfRZufaJHf8HljU5kF4i4ig-eTL4cXujnykF2EE5Dq0q11-VfXFDhXenIl-AcEij0lFL4tpKsF2XCzzpq0JyNOC0utDl6hERNi1f73z4rZ5qnXkpDOYFqqrQo3xJIhmTuSArO-Kr5yUaa2Xvd1MhfSabp5QoVWjzXPyuUGsO0FXsR-Pz_fq_hWOQ5KczQq92jTaiaNi9xeP41mW34mjgxuholNm3dvNqZ0DDeNhTXQ_lMosqFcsK4sAo8X7aIfYTha4LjivNomtcVL9Cg66jgWTj8w7TZx6_sbPnO8dofk2zHFNmbgTs6cGzSvTDfCu1wSVBwOWowSyoO9iEZN2zfAhIeYpBTkYTdT2pYizAJYawzWQKMrrJxSyMoJFoE0YdojJsSRMWme63_cv5O8gSEnm0pxXqy5TvBqvpo-WtXuKB0-MudKqrkaxoKHAtuV_BCaWm6-pBRPCmy1w6qpNsyyo19scvgequQIerPmOTyPbj4-SvRGguoisKH4hmKCb6P18q43WLAtjQ19r2laugTJXAoxMSJglOO1-o8oSOUynkz5FeFrab2-kAxPFj8-7S1KtO8EasvyqyZMAgoocNjVKP9_ep89hgKTWr0mFIvhGQZm9mNThiw1fTLKYacOC_LTQ5Ag0rdymfWiluW3eBOKWQYZWDJjQ-cjjaEL4dw7d2th&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14559153518205784000&adk=1405019969&idt=190&cac=0&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:38:45 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 6C70 30 KB
11 KB 129ms
128ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:38:45 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C70 41 KB
13 KB 146ms
145ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
DATA 200
OK truncated
/ Frame 6C70 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a8ba60d2eea2d0efe04b7208a495f3dd692c8c30cbbcc1f6a25d09191cbf9e6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D4D 37 KB
14 KB 95ms
94ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:33:08 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8380 22 KB
8 KB 108ms
107ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 402072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 932A 42 B
174 B 565ms
564ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuauoBvBceE7SKbJpbGpX9mn718bqEo8Bb76iMbh6YibkrdesAxUQK_PF26IyCyZj0SehdGyghmmNe2yHcRg3Vd7jhbnCl096puvdCjjuDWyUdjCQVgMm8D5kYKpaNgMcSzQV3SPgo1NrRcpFB5MZsrmetlP7gMVvbr9Rwb81sc_24t4MS0JKnty4xfod12qAyFjXOTpv_nv9ovx9vgfFMbneZVv2CljPc6dKEQ-zymvRCyP5mMQc1dOlJG3WoxRr00V5ht3esDq9nmaDE_bd2miDi_Wh8weGCLi0DQ0b0_c3J66BOMTSUN7x9CgO4yLmSF8SVYuFBQsF4iHwO69UcS-5z0fd_PTEnZANJy8JEee7ofDpQm8WhoT-aijOWLWyTXuAJ0aLGlF5tl0JpuP4Kj--REgGMZ1rLhKX11Ef6d12foCkzV1MbtggdnuEzPQ4MUfJjZ4yNyeThEtSCBWNXXLw17a6Qy4X29_DWT04aRHoJKisP8DRMkt98I7qnzmj-38htekwZgka2Pqn45ZVrqicgH92ejd49yLpKmV0HQZoxQDcmSQow0RC0ITKb_yUWODy7UI9j2GgUxx4hgoE6Db5wkLMouvAplRqfOO1ln7l6NsR__JrVipAbooQqW3hwVpAZGsHvYSbh8-SYeLrqH8o8Xq2J3zGOSq-B5FHA2O9EBrL_9Z2HzP85vtEeLtBqyEW73Uwze3aacB7s2kQy6FVTfj7NNLw9XYi0SWUbfYUC040wYEQ-o64KuDBuJg-ng0zbxk4Qc8mMk7TUSwhtTgpJjjmTyzArEESpM6YSBva35C1uF4VoRD1X9SNEe1njp1Q6IyFh_1WIoID47oc1KP1bOGf47nF_pyuzPPPqg8UFhQybQE1W6j2KIrC7sJQFlGUNKyE6sNTm4sGWyDX0PJ7oiOMbgbyCrSmCUuuUMJ1Eny74v8hbseF9j7yJhhjC5KZ1TouYaKUexhS8YbPaLU_EgXRtomagc17_ay6oe5yXruXB6OsW79aVA1PVwwqAjk4TTM9nUKvhTEVLrxKMcUOo4mJ5sjHD1tA6z9rzQ&sai=AMfl-YQbWHA1leZN7i8AYDyK3C3_ovBECpmJmKuP6pthFZNI24VfG0S4BaVcCczg85CsRqssD_65fhZlX-bDkRlVgolllJgbKwB80N5L_PH7IjZAx4UM-8sihlmhEqBQ2222NyCtY9HUz6NVtIfBbl4e4kKSXbzRmqJVdw&sig=Cg0ArKJSzIPCpoiuXqOlEAE&cid=CAQSSwDICaaN-8YWvwOgadN4qRMBNyobU7hXWzo0lpS4aPELLm99ruNhO7wbMn5R2AXvFYwRiOe2lOP36TIA5JBi3forBIjnwuqr1Qbc6xgB&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2300165494&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696915841293&rpt=2190&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAC9 42 B
108 B 520ms
520ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvezl7ja_SvkaAeWqNX5tZRInucR4OTlJViCD2ImSjvkdCYuCgg6I8TQQxub2VsKOJlEFsSWKQSeXfjMdn0h5oM_SSPUeQvZNVb_IjE9Z9x4Sr05mAp0A3ZPzNnOxSQksTcdpcHVSmDC4_c2nSWIjUy-3NTRye1TX0sSykx0HqyHkJoQK2GqV53Dyu3wmBb66uRHnMimz9SClQbAtgGncE52lQfAde94zRPhjgbcGeyyu0v8sGoNvabFUVJrZA_LKejuMlolTnmLRUI1oZFGx1MPSU_tAZOV_7efa2df2cfb1iQzwUtEA2ZbUL7U5iMCjDE7_VDMwylW5mUWwPzuTDNwxgXmkENjQjY6OxkTPJjtn8FOts-SbRW8idxFYuK1tLf90rxPRddHT6xAHtx6BdC_7R8vQVjb5JYUCiTpx7MA4amQDHs1Z8JM5TBXp8nhYhBAQdn9ziuLLpMR2t8jGNW0vTEDxBHkkD_H9YQbfzWbiVjyFl_WM4vbBCZZ2u469op4EDBi-ebWzFyjaVYp6g2roHLmX2O_PjCtVLW4Qokymw-tE6KJTBYzph6USIUqWTMDqqLjA9xVSzrhNxPPrH2VAoZO6M2eoE-ti6NkSutshLWB4IGu0KwX7ScNzkor58NDFzG5uaAbkWlAvcmLBYzGlpLxCxGIZSQr9r-y8cLVWEcFUJ4CFz0wP_MH2zH1EtsFRghnx04BsSr7OAnwBcTEAlw51MyZjFX1qHbXI5RzxOMy2I58u_10_KnMkQPiivdQyGguNU1Idqi540QuElg22448S2OY8zCRmL7471qB28PP3kDvbyA_Hg3Q-TGhKtMnjqUmhrfNbymuUJaGOgvB8DmR6Qh7SnKy7TwMmG_UYv2UQPKkm-hHe3bp-UIKSm3VXdt5gdEXjWaC1S94eWUILaZunYVBPVtbe2CyIRd_Bdgirtlp5H0LAN0NB1o9Hg7-2oZHv5UFstdn5CI6QSBJJp6676k7c63ukVnPG7JQ0OaI1ZRvzsOscIANgkpDeTURksbxgq87ODoJ4f8pp849lgKLr9_HCXXupFq9wTj9KVfxA3ANIDDoI-PbJs5V70g4qTcexvkiZAzDa94iqVpVR5Ic1w_y949mDjCOxqCxWS-D8SU6oqKXlJW2lhvBTiewOXb&sai=AMfl-YQj-UWXZlYy4Aar8oj3wdyU8m3lj3uwN_lLjipjj7wjzD6wNYTm6tppylJBDQbG9PBuOIh-EoXAd9wLB8pnywwoKMNxnzDVeITZ3r2gFrbaGoCiYmhOPDiwj4gjXZ3JKzxmZoiQSoghjoFpR8BmBj6siklnbyZcHYs&sig=Cg0ArKJSzFMMX32J6SZKEAE&cid=CAQSTADICaaNGzONxaiU1Uyir56Yzi4_P9aH0vQiZnCznX9qx6OuceMQbO6qc3pdM_Thzo3ry6VaeoAG8L6yn5V_yxtaS7jaLIw-EvGKAhoYAQ&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3654258318&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696915841300&rpt=2231&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame 55A1 60 KB
20 KB 156ms
156ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890697&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gSfgT6J14AdIjoUowCKN9g&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Wed, 09 Oct 2024 05:30:44 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 13AC 22 KB
8 KB 423ms
423ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 402072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8380 37 KB
14 KB 423ms
422ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:33:08 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D4D 0
56 B 344ms
343ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br1fdhOEkZYK5CsvI7gOY55vQAwAAAAA4AeAEAg&bg=!d3SldDvNAAYMG8UMLBs7ADQBe5WfOAce01uXYkc20NyPcl-ME0zff-v8q6QjJbQzPnIuMU4x9uDR3il2nEO11oR_sdxRAgAAAGlSAAAACGgBB5kC_ybExYPRf_VuJMSYmCTaEkgRd-BXj0juTp4T8qdX7Y552L-559HHyvzLfTSHkA4ddjLJQ4eVqz6jYlwNTkP-nV5m91eV8Z_NGmqb22UOS-B-KUIvt3e7HbwWtAwfVKWH0HzpeMi168FNSqns7MKfmqtA_1W3lNXRZxHXrE7bIhk1dgSMCnVk0mDbEh65bCPeKevb2fcLdjgtK545ziSZKYCBZjhsfBolp1Y8KfCCYriq9SqSiOvX8fflU2AMX5mewkrw5O3vLXOy7QbKU1hnpeXREzDgcSk1xoBDmxBvZJ5ilA-6lRtdeVWgamiOXsd1HL5bvZ6z1dehHv9XK3ErTrzDt6YGF5hKuGGWVOX2BfzmvuLVo8ilj4MQOIB953BnlKUR0d4AQ_XvFoYp9SAEMhBo7Qfx4gahXQZbwqwo0iqrxekAvsN7W0xzkg62kiH3zx2QZk-oL65kTFaFcyeRz35v5HwJ8ngUZsNmyN8zOAa39Gl5Fvtj_yAW8ysxJ7v6OOUSRH9yQflu7pkZw4Kf9XPiwlq2osfe9eDw0sWV7y_dhRJqn_qLHQYzo39JcLCA9dlmxGIeGohx29QHeSMeDugnfRtQ10cgrNgiLZxG3lUN_cCVaAKN88AKauWjOzMZSG0TCqzBch4eZDACMaVvkIe-zua-P3oJWUUiq3L6OTV8XIo5JJocS4jCCulf-g7z1rdMaD4_jkts7t3mvZeQurVR4MIWF7d5X2s-9HhElThjLyXMs47P3TuEcasY08VF8VyIaRjuedPFQWEuAMQNTogTAnpcz3aWf7HehJOo44Fd6sBUgPsw2TuaOshsxiPhX5vnolerZutM50RyZ2Pufl_oJgUkSL3KfKuiYSLDEA3wg7GUeohLHR4DaTrGJ4myT6ssKSthC_549wa-vTLii1ffys0zGYkxxkST1T2qxbEQngpJRaPOQn3i8C87-D2_VAffkr1OG_fc050ZTAKnGO8dK2yZhkA_EHoRYWtGePvdoEHVnTZ7UUzBQ7nq4Ae1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame A1BA 60 KB
20 KB 346ms
345ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4890697&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hHR2o4PZgfoWLrAlLxicOM&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&turl=https://www.babup.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Wed, 09 Oct 2024 05:30:44 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 55A1 1 KB
928 B 534ms
66ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_184829209051&jsTagObjCallback=__tagObject_callback_184829209051&num=6&ctx=1828362&cmp=115750&plc=4890697&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=184829209051&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.70&dvpx_strhd=0.70&brid=3&brver=89&bridua=3&dup=null&turl=https://www.babup.com/&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gSfgT6J14AdIjoUowCKN9g&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=15&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=8.50&callbackName=__verify_callback_184829209051
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 4fc3ca567c74a969cb073477ccd1b3b9ec409ea8e97df0eba087a7f12a113843

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 05:30:45 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/09/2023 05:30:45

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 13AC 37 KB
14 KB 79ms
79ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:33:08 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A1BA 1 KB
926 B 194ms
61ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_407027593693&jsTagObjCallback=__tagObject_callback_407027593693&num=6&ctx=1828362&cmp=115750&plc=4890697&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=407027593693&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=89&bridua=3&dup=null&turl=https://www.babup.com/&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hHR2o4PZgfoWLrAlLxicOM&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=15&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=4.10&callbackName=__verify_callback_407027593693
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 7d36e055134b5c37884502d05390e0d290e955f2285cd0cd51a7f4c52189e50f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 05:30:45 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/09/2023 05:30:45

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
517 B 95ms
95ms Image
image/gif 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.6456629786284545

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iNYSt84C5WSa4pPsfFuK6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-iNYSt84C5WSa4pPsfFuK6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
252 B 96ms
95ms Image
image/gif 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.26229675805411934

Requested by

Host: www.babup.com
URL: https://www.babup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-6u4_hgERM2obPa1zb2cEew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-6u4_hgERM2obPa1zb2cEew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8380 0
56 B 95ms
94ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNMi6hOEkZcrCELbB9u8Ppf6ogAwAAAAAOAHgBAI&bg=!6Oul66TNAAYMG8UMLBs7ADQBe5WfOLj-lwOAcaW6pR3VPTCZP5dmz2PJWFxCPTUhzW8oquQtDwjHXOf-nYqXt-UlIZGqAgAAAFVSAAAAB2gBBwoASeBJ1qOWGOVO6ksrZ89VHx9tANlOWnWpgEz10Yf9TJ913RdMyIb28FUvNqsRdn-71Nv-p-FTWsQFv156F-_EvkyII02TMtOdEBeZAv2cs_SFHQwkoc1qWs2rKWZP5COeqbyYB3c-fS-mEGNtzfjKLYV3NwVgHLLUEWgMsuc7g-rElo-TlbYeDwcWNpPGE9WxLH765bPlyzsAf46yE86JzFUz_vEJeF0BXr1O7rBo1zVzD4al-Hf-xFHmEXR5np1nUtq6b0BsconW4eUqVhbumWzptiraXNREJPb4ojJYtBI8d18oqpNQIbHzSyR3EpNXa0m7xBec92_1QhxR0cWzqP_CDfUHLQS5FUL2BhC_r_f4cuofB-81d7IzQlVxjR26XmLfmC-vrSk8RR7XOBmMgXmP-HjwxUFDmaNnA57GR1DhCKM7BIX_vTpNhPD08UtcU0vUCHlWlF0om0uZQroBguLb16sqNNMjKnwCMK82QF738ZRGmH_V4O0ZrJULNRN5C0D7btCKjE1ld37KncklUrtAHNh3kFGgD41D5b1fJuD-RXsdV_JlONGNm0s7ERZ_PS7oHGm8fap-kREUF3xQwP_Gqqzuhta6bGhYCWKuqjDuJO5WERtNxU5yFlNhR0mtSp2RpJ8hMq7K0yb952fflqXQuR39_-7mT_GN0-CDxHyPSLU-KXsQmOercMAVqMBDJgFVgUHHxUN9cEyKPLmmXHL0Nln8QGPBm4IHLk-5Jj5YW6Deyjcxb4AlkmNiYxtMzbRMptjuTNUaK4960PIfLFslM3kkM3MKwqZupGidBTstlcQGQT8wCZAKIZDF4lUrjg36j9SukR5ku5Yb78igdwNl7dT_z_CceNmnBTAr_pf-VkMbKGx50Q0UFCtdjeJ619xcKtBi-mv3SrrmwBmuDm0zJ2pdO9nIBrGL4UiNgSbC_RbEt1Ma8oBEoBXcFkSlNuP2dhNopmo5WTptZRR7cGCSHIYQSLGmICrVB5_7wQjygyFCUVJtGX3TiQSVOUFp8xxpF2Slu5iURY1CUUOaRSZvNduh1eiwSlAh5e8mMQdcMAVQ9vJZIO6fRNHvP9cge5C095wYakFfC6YzgTbJHdUAyNZKTUIUvRI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 811ms
75ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C3zzNO8x1yeOiI6G3eA3ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C3zzNO8x1yeOiI6G3eA3ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3908 37 KB
14 KB 87ms
87ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 07:33:08 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 55A1 24 KB
10 KB 52ms
52ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Oct 2023 06:05:26 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A1BA 24 KB
10 KB 67ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Oct 2023 06:05:26 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13AC 0
56 B 134ms
133ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrgQhhOEkZdjsDImU9u8P0ZaNgAIAAAAAOAHgBAI&bg=!09Cl0J_NAAYMG8UMLBs7ADQBe5WfOOvbTj-rfB1il9qhugRLcWqAbC_lyGA52esQYYOEh5jr5VMRrMb-AAf2hSIagaYvAgAAAGpSAAAACGgBBwoARUZgqqSGTKOeBIaOPqpWgemMkM-oddI943aySyhcBigqabGwgEaOW0XvJzS60junjLtFp8H1cdQ8D9xPt5IoKlK7X5jzX5kC_7C0VXxyeQZba8_vbsY5jE10Uk0JwAuThIKyHIw6W80s7XOvv8zQb7ENK5PpVEojnBvFaxmHgnED4zb_jnElnk5eUxNkGGSkJp-ORxwXVJ5-bufTR2MEO8cGsHUm2Q-UbaXQIpCxvvl68Qlqzfj_9e9NnPJXdR3fRvrSPdaVsR4FHsQcW43ux9z1lKsr5o7agSfoeU812aPTROysrdV8CBYlq86Onjp3-jqQ7SwheuHiM7-XKx_R_-4z6WIqR-9ly-mlTvb0fegcgxhMX3OUPOgjSZ3ppSueeuWz3r858TsgN9RsbvucBqojXZu2Movu-wd1psHcd6avv4b33iUeEQreaHMfK-wxqtBhYDkjl9z_9fNJ1ZPYUv-OrbFCUzlyvQfvFMHFgV4nw6XVS_YbZQ5wxLyjwAMQHRXgFaBFqjFBJkSyPuQo72uvx8Bl8KRxFAyRPq893bkT3pScwyQIGfryJ-nAeC-lUHTTpRmBDa6pC9fv3ufxqNd3NoncE0f0tIUJXBbc68Pw8CdYI6zFt-dCRDyzkIPZr8Yki0d7txH03uqwUf3jHGZln13Cxc54kCy8NiBzaZ-JrniuRgBcptid_UA4B3F_BQTmB2quk-QyjN8GNiGepRXFNbUWC8Rt44qRNmoYtZN8sIiuswqyM__2-LLg9KL7RpogcI1jjfYbIJjouRRrXUj4YUdIfYqfZ3mQcoKb1gWy7zC96iP5Jx9SNGkHbF8paYEeWrAhMNT2dt2havcci0NwdvVlGcAgBAC7wiRS2FHJVo4l49POM7t3giuKvKEUI3zn5GZ1ZoCRLqC2zHt_bJ83X_Fmjs_GlP2P8-Xj55zdGxMKLVGq4X5b3G0J2UnwONXa0ie-wQvqs2tsYRHb0hhtXX371CoxZkfCjZTMfd3xFX7XalFMN3hcMPdgg5681Ao5sMOXJ5e7sEbHrZyVhjKC1jqM7PrnMoAIa5U-M_OjnO60jSPk_gHT30_9qkaKc6nYctzWdWd2r9h-EuKBSe3lFYKmm-PH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 05:30:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/ Frame 01E4 4 KB
2 KB 783ms
47ms Document
text/html 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

473aae51528adc32bd350a29e318a8001cf46ee6d948c34ef79a87947130c5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1484
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 13:41:42 GMT
expires: Tue, 08 Oct 2024 13:41:42 GMT
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C70 0
0 443ms
101ms Fetch
image/gif 172.217.16.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNZQC2WIYifia9MZ49zaGN4Tj8S__uBdAapgLFHMf4l00g8MOX2lp8kvxGij7y1FSD0-mPzyG8rPDdXKgNRonj-BWUz6YN5FKbNklHJ9UNj5gqKAk9EcI-4vUKET_NwIXE8rfOGWatMuisVaq5YqxZ9ojkVh6sfWg3M3ho5q6Ci-qRlti2E8f6zceTBvj30_xZ-KDIv0bfwxusmL_EUVgm5tuGy85NIOn2sghj30RERYnTA9xl0dIaYy0M1WF2sWO8m5U7Y_ZMow5Zwk7R6NZU2xZeWAOWM2Hwvnb5eywB3w47h-pHpR0hz3kSuVagqVPUiCUJ8mWw8QaZwXuDkNAI1pT9BmSm1yM0e3iseBsmaI1Y0m2VVx7vjNWg_mIJw7bycsaSiaETqpVk-B8Mr66Q5t4KbTjcJQubekzXwzuoBXo-8mGgh4n7NIYTG0ROFywL5WE-SCeZPFmqGqBeDgUa95YOZz91Bmtt6HOW-R_Qp2R4GbwTdT5Q-413QFprizZh_ikbG69BZca0p0IG1IdsE5dTJTRByqGGVja5IBmSAZ-MHnpnX_f5706iMgKVL7soLNbcTasVyb5UjYrVJjN7z9jbhA6fGhLJoP7QxCHMFB2UFIp2LIoaHpTdVkDYrDQUGB9fUFeBhm72bE_RrWkRFIeMYIs9RsG78Cxa5iW1LUTqj4BapzjOTW6QcTPbtakfIsn1D4WyTbgSO3i4DyQA9lMN2kb6sagqoTPISltJvhXY8TSUQUEfuzI2Js4X3WlFherehuwfIe-fVp0996__CvpfpwzogkvVCMZ3dt6xkn0yxq8_-UkGlRMIBJsyOGYxneHTur0-kmvQkXKRXjrOVVisjVwsGjG4BOlDEkd-ovmlPGabPkbUIrhlnfpmChcRRCTTwuN3kCIAHY8H_XmEFpj-f7_Mc-HD1hKmMRiahIMCp4CyjO_O7dJi3n9iod3xOtUQBHN0-1H6FLIV6W862LI_9r46EP1_ewHVYlfPemeAKG00COYwLWP5uJ98MswfREEPVbSTsYCBb-WFZFSnRXckk82gVCeaRa6LDpmmXzFCXLdeRh1w-c4RdGKDRp6U2QL75u9b2c3LNQpWmrHbWz7_X5MDUdTVhC_qY3zdhcoJLAwd4_DxBNh2EIcOemlA7rdKBwoYEEwzx2Vhh3ugIAMgQ0FsWL1laKO9QY-qAY0ZPfayr0UNWA7BifzMgK6zEoViBjDqvw0tOl5L1uZ8pkvX02VfuFgM0MFWc9U&sai=AMfl-YR6PunXRuCYjG4hMjgMk2LBTV4koISOZvJg7LOERdpQ4Q-cHZk1jjPg3j-1-hvkqwsDxB3nJ4gbMx1BaOo4rkXV7uW8Z6W35FrdDjYzOi_tzq43lkLX25-3_ktH-4P24IEgR8QAbCs3SkZ5w0AvidTAYccjk8zwn5wUhK_kSntcmuI1yDWjIkEE0jRURC3bC_xj4_fGy3XZX_uX96DLrBBAywFDBad14BlDi8aqlmEoedQbbGHewFur7mZvzK1y00Jh0hy4m0UmLI5NCDNWKjuvFftQuaDh&sig=Cg0ArKJSzAigsJxhxXglEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=921&cbvp=1&cstd=918&cisv=r20231004.06688&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 10 Oct 2023 05:30:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 55A1 57 KB
23 KB 92ms
92ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:19:14 GMT

GET
H2 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame A1BA 57 KB
23 KB 94ms
94ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:19:14 GMT

GET
H/1.1 200
OK dv-measurements4803.js Show response
cdn.doubleverify.com/ Frame 7BC1 420 KB
99 KB 96ms
96ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4803.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 08:04:58 GMT
Server: UploadServer
ETag: "6e216fbcbcd9255ae84b27ab277cefe7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101040
Expires: Wed, 09 Oct 2024 05:30:45 GMT

GET
H2 200 B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=h1qe4k;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdL... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame DDC0 63 KB
29 KB 225ms
82ms Document
text/html 142.250.186.102

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=h1qe4k;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=166;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6ab6853d01962de3d5602b6d4f9d84de2d056ff57f91d5f3b26c0ea05dd340f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29065
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dv-measurements4803.js Show response
cdn.doubleverify.com/ Frame 2F58 420 KB
99 KB 68ms
67ms Script
application/javascript 2.16.238.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4803.js
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/9avfkcdcet8g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-5.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 05:30:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 08:04:58 GMT
Server: UploadServer
ETag: "6e216fbcbcd9255ae84b27ab277cefe7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101040
Expires: Wed, 09 Oct 2024 05:30:45 GMT

GET
H2 200 B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLd... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame 0A8B 63 KB
29 KB 241ms
99ms Document
text/html 142.250.186.102

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c4f8bdd472c0a67b8296164b2433f3bed6bd8be34257747a5765737553be810f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29143
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 05:30:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 7BC1 694 B
729 B 314ms
64ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=231&ttfrms=29&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1696915845737971&jsCallback=dvCallback_1696915845737488&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=15&brh=3&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.babup.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gSfgT6J14AdIjoUowCKN9g&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1463968613.2645214&dvp_tukv=6550097.565764781&dvp_strhd=0.6000022888183594&dvpx_strhd=0.6000022888183594&dvp_tuid=46690227096&jurtd=1878566838
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: ee0f58de9d0689aa7d144631a848ab5a3b956b6a7c068f06c6ce5efaafdd831c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 05:30:46 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/09/2023 05:30:46

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2F58 694 B
731 B 184ms
98ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=366&ttfrms=14&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D323FA%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1696915845917477&jsCallback=dvCallback_1696915845917617&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4803&tgjsver=4803&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=15&brh=3&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.babup.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hHR2o4PZgfoWLrAlLxicOM&DVP_DBM_1=3060631&DVP_DBM_2=24779278&DVP_DBM_3=15176179400&DVP_DBM_4=396411281&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=46784522437&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=112602802.86659619&dvp_tukv=371992866.15040827&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=989480150678&jurtd=2154866903
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4803.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 87bb95458ee65d7bd4731440e43bb353089b945d3cd54cdd8d1308677871f8b8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Oct 2023 05:30:46 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/09/2023 05:30:46

GET
H2 200 2457098971912548461
s0.2mdn.net/simgad/ Frame DDC0 84 KB
0 403ms
102ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2457098971912548461

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=160236217;ord=h1qe4k;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=166;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:20:41 GMT
x-content-type-options: nosniff
age: 202205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176805
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Oct 2024 21:20:41 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/ Frame DDC0 10 KB
4 KB 42ms
42ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a1ff5e441184a332c1230e3082320d940687d1354e845be0ef0c079af4b32642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4269
x-xss-protection: 0
server: cafe
etag: 13754952903490634883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 14:29:55 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame DDC0 11 KB
4 KB 47ms
47ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:38:45 GMT

GET
H2 200 2457098971912548461
s0.2mdn.net/simgad/ Frame 0A8B 173 KB
173 KB 50ms
49ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2457098971912548461

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:20:41 GMT
x-content-type-options: nosniff
age: 202205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176805
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Oct 2024 21:20:41 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/ Frame 0A8B 10 KB
4 KB 46ms
46ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a1ff5e441184a332c1230e3082320d940687d1354e845be0ef0c079af4b32642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 14:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4269
x-xss-protection: 0
server: cafe
etag: 13754952903490634883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 14:29:55 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 0A8B 11 KB
4 KB 47ms
46ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 13:38:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDC0 187 KB
59 KB 59ms
59ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDC0 0
0 142ms
141ms Fetch
image/gif 172.217.16.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXpeFSb7IfmAofgEizTPSVb9mSn4uH1MzlUKRttVcPStk_vaf5igi-kiUMyD_t3WeQgsi4mBh1VGq9wYfYp7l7OriRcjsV0fWuuwpNOawCstUme-yGcSn42KHOtM8OAEooqrODTB8kfe5L37VkHaa_EmT8fjx8lAMl&sai=AMfl-YST0zK9_8OchBpiplHEBYWnjj5GZGCnLv9YtqykKV9dofiV8wnkQ8aEkTdA7e8XNtVrfDkEYKiftMGgIpT9IHtAZ9-ZJmD2JgsIzg&sig=Cg0ArKJSzMAtpK1G4dhbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231004.02926&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A8B 187 KB
59 KB 85ms
84ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 05:30:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0A8B 0
0 140ms
140ms Fetch
image/gif 172.217.16.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKV_LiLd8W8FSmNKzIbu7Y1m94Ys8oONdVFbhl_gG1ZXV-NeLi5z80KaKDdib0kCqXzE2q7OKbhdmmS7geOzW8LORCvrrAgxAMJCjpeZEKrP5kx73kCi_HONndTcMBIWOOpgDceJ6WFGY-zvfPrF62wm5MRDCc7J8o&sai=AMfl-YTkCsXptfSE7sC_jbmBhq0OylhjCcXX__qZ7B_G8XPF6WanU_No7mRkl96Egz1wwJmlqgjl7n43HVsETjcNuqAcXQ3SeYWZaia_Hw&sig=Cg0ArKJSzOb4ZlgKrhT2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231004.29625&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DDC0 41 KB
13 KB 124ms
123ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0A8B 41 KB
14 KB 120ms
120ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=97.287;sz=160x600;u_sd=1;gdpr=0;dc_adk=4102376853;ord=by8hhk;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.babup.com%2F$0;xdt=1;crlt=TLdLkCMoqB;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=222;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DDC0 8 KB
6 KB 130ms
130ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

58e79f52135cf0ee62988998a4520cbfa4a3c94288a9f7ec03b52179406e6519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5869
x-xss-protection: 0

GET
H2 200 ad.css
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/css/ Frame 01E4 550 B
373 B 107ms
106ms Stylesheet
text/css 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/css/ad.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

261aa98c46a19c3fc1463a3ed7d9017b957cfbecbde7ed05cbd04ecfba629d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 300
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 07:17:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Oct 2024 13:41:42 GMT

GET
H2 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 01E4 112 KB
38 KB 108ms
107ms Script
text/javascript 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Oct 2023 05:30:46 GMT

GET bg.jpg
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET arrow1.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET arrow2.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET logo.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET cta.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET cta_hover.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt1a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt1b.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt2a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt4a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt4b.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt4c.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt4c2.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt4d.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt4e.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt5a.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET txt5b.png
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/ Frame 01E4 0
0

GET ad.js
s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/js/ Frame 01E4 0
0

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A8B 7 KB
6 KB 161ms
161ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5752
x-xss-protection: 0

GET
H2 200 kitad.
fundingchoicesmessages.google.com/f/AGSKWxWQcSJv6sK0SVp357BNvrYnJ_NRXv_v3mZ7SkCjHezbQn5l7Og3isR7yoe5sS38-OG_NOMjTkV84wEiP6hWWZ596tuL-SVBFVZtV-sf1l8ZGUjanBKPeE0WZe-Jzzc5dzJ3xC_OXgsnH2fFisIiJVoCveC3L... 54 B
298 B 101ms
101ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWQcSJv6sK0SVp357BNvrYnJ_NRXv_v3mZ7SkCjHezbQn5l7Og3isR7yoe5sS38-OG_NOMjTkV84wEiP6hWWZ596tuL-SVBFVZtV-sf1l8ZGUjanBKPeE0WZe-Jzzc5dzJ3xC_OXgsnH2fFisIiJVoCveC3Ldai4RSTIAK2yexPU4LaCNROxHBM71HU/_/ads-reviews-/common/ad__fach_ad./ad_left_/kitad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ijVdt3sf1ts.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyOha332GaUQAyltJTof-mFfmmeNA/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-f51OfSrcKWcW4aYTDPQxWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-f51OfSrcKWcW4aYTDPQxWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 47 B
146 B 90ms
90ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 11:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Oct 2023 11:27:51 GMT

POST
H2 204 AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==
fundingchoicesmessages.google.com/el/ 0
201 B 100ms
100ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TX7VBiN6Tk55UHGs3MlqBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Oct 2023 05:30:46 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TX7VBiN6Tk55UHGs3MlqBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6C70 0
0

GET Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D5BF 0
0

GET 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F644 0
0

GET view
googleads4.g.doubleclick.net/pcs/ Frame 0A8B 0
0

POST AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==
fundingchoicesmessages.google.com/el/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.dmca.com
URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/bg.jpg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/arrow1.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/arrow2.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/logo.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/cta.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/cta_hover.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt1a.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt1b.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt2a.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4a.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4b.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4c.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4c2.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4d.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt4e.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt5a.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/img/txt5b.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12162973243351611827/Hilti-Nuron-DE-728x90/js/ad.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUcU4XA0AIQXcrLly2DG_GOx_jSwYlaNvXcUc-bh0bRTKCuJ-WkribFbxaQz8evzI3JAY5f9vspo4ftX4wI8yBjTl6UyWylqbmDZkZOiR-o0Onmdz3WQ5VMW-7mtll&sai=AMfl-YRhNCEwBna0ziIsJAKWmNzrujAozMJm2TxxRL2QDZ0dalbHpgPEdguDARKoG_NF9-4GFOLsJ7oxyh5oEObRKqr-Ld_UD17ggQfb8FmfVmJkwTFjRekLtunmYvQ474QD7LixWZlKiCfXv3zk&sig=Cg0ArKJSzMEvGkvCTNV5EAE&cid=CAQSSwDICaaN3VoDacBfA63vgdGI0H2AJFQFvxF-pOmMCiUpsuJ1sWo1tAF7xDrIcV2j8rsIeHDa4JjbNYQkPWuveJzR-WrIiRtYL3vshhgB&id=lidar2&mcvt=1019&p=0,0,90,728&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696915843951&rpt=1337&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKV_LiLd8W8FSmNKzIbu7Y1m94Ys8oONdVFbhl_gG1ZXV-NeLi5z80KaKDdib0kCqXzE2q7OKbhdmmS7geOzW8LORCvrrAgxAMJCjpeZEKrP5kx73kCi_HONndTcMBIWOOpgDceJ6WFGY-zvfPrF62wm5MRDCc7J8o&sai=AMfl-YTkCsXptfSE7sC_jbmBhq0OylhjCcXX__qZ7B_G8XPF6WanU_No7mRkl96Egz1wwJmlqgjl7n43HVsETjcNuqAcXQ3SeYWZaia_Hw&sig=Cg0ArKJSzOb4ZlgKrhT2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=195&dett=2&cstd=0&cisv=r20231004.29625&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxXC-NPNRRyZm7t9hvqU8z7E9Vzi4yp817oMuXVIC3JHeNGwNCwI5Twb1w9qEAr9bUSpZjfDy6A0IMD7HBazMTzAtaJyjwntt0Q-qgPEmSW2SiPT6MsYTEQ3poqrsEmIDlD5u7_OKQ==

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Tue Oct 10 2023 07:31:38 GMT+0200 (Central European Summer Time), path=/
.babup.com/	1970-01-21 00:57:55	Name: _ga_3T7TKCZCC9 Value: GS1.1.1696915840.1.0.1696915840.0.0.0
.babup.com/	1970-01-21 00:57:55	Name: _ga Value: GA1.2.1452202521.1696915841
.babup.com/	1970-01-20 15:23:22	Name: _gid Value: GA1.2.1194026508.1696915842
.babup.com/	1970-01-20 15:21:55	Name: _gat_gtag_UA_119779859_1 Value: 1
.babup.com/	1970-01-21 00:43:31	Name: __gads Value: ID=e47f6dd21bdfce89:T=1696915841:RT=1696915841:S=ALNI_MadZaOeIJFtMUhL9mjQVAV4xtvtpA
.babup.com/	1970-01-21 00:43:31	Name: __gpi Value: UID=00000c93535b300d:T=1696915841:RT=1696915841:S=ALNI_MZXPkTTszCe5RsmgR_6ruC4Li0szg
.doubleclick.net/	1970-01-21 00:57:55	Name: IDE Value: AHWqTUm4NNlULlUuOLO4eInaL2DM3G8gYb9TXW0ih1Lg8cQQLMRJ2CogkZBdsoH5LQ4
.googleadservices.com/	1970-01-20 17:31:31	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 00:07:31	Name: CMID Value: ZSThhKuARRFxU39pDY1njwAA
.casalemedia.com/	1970-01-20 17:31:31	Name: CMPS Value: 2190
.casalemedia.com/	1970-01-20 17:31:31	Name: CMPRO Value: 2190
.teads.tv/	1970-01-21 00:06:05	Name: tt_viewer Value: 07daa6f9-103f-40ad-900b-695c49f9354e
.adnxs.com/	1970-01-20 17:31:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbX`juh!!1yIE`fS1ueD1W-044)d+]Uevp'1F[Vh`_d@_8JV:C=7)(n%j1.!!_spjLP(hw9P-HC_#tt'R)iIa^
.adnxs.com/	1970-01-20 17:31:31	Name: uuid2 Value: 8464804929049293975
.openx.net/	1970-01-21 00:07:31	Name: i Value: e429c6df-f485-4bbb-bbca-d8fa2d24d9eb\|1696915844
.doubleclick.net/	1970-01-20 15:21:59	Name: DSID Value: NO_DATA

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/ Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 103) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
cdn.doubleverify.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.dmca.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
region1.google-analytics.com
rtb0.doubleverify.com
s0.2mdn.net
ssl.google-analytics.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
us-u.openx.net
www.babup.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
certify-js.alexametrics.com
fundingchoicesmessages.google.com
googleads4.g.doubleclick.net
images.dmca.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.file-upload.org
104.18.26.193
130.211.44.5
142.250.181.226
142.250.184.232
142.250.184.234
142.250.185.194
142.250.185.206
142.250.185.226
142.250.186.102
142.250.186.130
142.250.186.134
142.250.186.42
142.250.186.46
157.240.0.6
169.150.247.38
172.217.16.130
172.217.16.194
172.217.16.200
172.217.18.1
172.217.18.4
172.217.23.110
185.89.210.153
188.114.97.3
2.16.238.5
2.16.97.41
216.239.32.36
216.58.206.35
216.58.212.131
3.208.239.138
35.244.159.8
51.15.15.22
00e0f6d46b5a90b7becdfe2a2a1112bba3649bd1ce99cf4a84a41e70cbd8036a
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e8030b6637b5f7ba9930e9cc0cd17094ba1651596254c09c0f56070a0ae90e3
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17e2b113f6bcf71a88fb50cc62d19b7130ab4a2ec34c6d08d0ee9c2e3dba4534
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19bb74674c0a9acd2f62fb5c2b36ef0b6851f06fbb4efb4d69fca95948e112b0
1c3177b2bb09130b3eb00f3ec5cbc0a43c8c2dd90bfccb329359601cab1697b1
217d849bd408dfc27046a8c03a28f9ac136cfdab21c740ccbe3a8472f89d3614
242a82c96ad7bbee333f2ad239495262973e6d679ddb4d7a5265a53aa3dd73d8
261aa98c46a19c3fc1463a3ed7d9017b957cfbecbde7ed05cbd04ecfba629d39
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2988e4e6b5b6637f3d7e4c116811b4712e130fb05cbe2cc0e2cd3c46d6187d5e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4525585c6daab2ab2ad33ec43abd98c205548fd8a3b72730b1ec97e53f2820
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
354341c6be40733e0a1593df84686f5077f345648d3521c724496bb998b9c282
35a7e11c4ab312f98a008a9812acda2279b32051e5d6be1ee21f79c5f6b8499c
39bb05f2757b65dda0339b96e6905aeca1bca1ab35812753cd62b53615e53390
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
473aae51528adc32bd350a29e318a8001cf46ee6d948c34ef79a87947130c5c0
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd4f1f7a48ffd534ddf6760cb54244410e9f65656d8b6e0a2bb1b2e85716637
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc3ca567c74a969cb073477ccd1b3b9ec409ea8e97df0eba087a7f12a113843
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
58e79f52135cf0ee62988998a4520cbfa4a3c94288a9f7ec03b52179406e6519
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7d8e29da9302c675472e399559e665a9c60080c11d34602feed7d41a292e9e
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6ab6853d01962de3d5602b6d4f9d84de2d056ff57f91d5f3b26c0ea05dd340f0
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7a35cd5f707773939d41fd3cfd24ccf64c7d12f45c3a150b239f982067f3a218
7a9cfefbe46e47d6971a5d4487a2ee0e9812cba5f76668be71ac25ab8d88d6ee
7d36e055134b5c37884502d05390e0d290e955f2285cd0cd51a7f4c52189e50f
7e2b27956da0220e3a28b7af3c42424021b1ca33ddc1859cfaff3b24b9c1c444
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87bb95458ee65d7bd4731440e43bb353089b945d3cd54cdd8d1308677871f8b8
8a8ba60d2eea2d0efe04b7208a495f3dd692c8c30cbbcc1f6a25d09191cbf9e6
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
9f6bca83a30b6a0a454e1fa83a7143245c2a52fa372bcfbd89f8831aa901007e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0eaaa3695ab6de1db0d02f9c6745bda872cc8a34cc6d9a58d982f1fe6157add
a1ff5e441184a332c1230e3082320d940687d1354e845be0ef0c079af4b32642
a492b155ec3440d55a27595b4539b76004b63c0845d40172c950a399a88d6e92
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
affa0e51fc1c7d05dc3fd913297bf564bba57f7cba0407b27dd308974da58c41
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ec162fb40313327aa6b7f086ecb73f133f5808711b174bd9e3830b1330b2d0
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b5ffa81768670029d01777f59917b176b96b54740acc3d432be2215cfd3d77fc
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb09f6f5afc84a2d5c07b93504bd195710d337e66f0080f3d371ca6d4d13b06e
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
bf9a6701fbb25440341484131c369e95c90ee545b43c2276bb795ad4532bfa78
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c3e767e863f1704849fb36c0752568cced6b8eec562d769f9321c0136d2a0182
c4f8bdd472c0a67b8296164b2433f3bed6bd8be34257747a5765737553be810f
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c6d936ecdef45ae728c54f340c27542583e5e6ff0adc994857ba57445669d3f1
c9a0e13fa76f7929fcc709a1db13bcb7fb8c335dc169f82fbe5cfee360c5e950
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
d8867aebb4315d45def8dc22390c21ae36764ef8d0cabf46ac15bc5b0e957114
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
def498d5d96e40a00d550f06901eeb172883e6ebf2b56da7154862a15a98f6ed
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee0f58de9d0689aa7d144631a848ab5a3b956b6a7c068f06c6ce5efaafdd831c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
facddbf076c613b2764419454818e5d29f153f57b2e29c99eddcf5183773d52a
fdcb8c555c78ae62ae5e89d280c49f8ececd17ffebe399099c9340e98daa588d
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.babup.com Open in urlscan Pro 51.15.15.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

235 Requests

80 %HTTPS

0 %IPv6

22 Domains

35 Subdomains

31 IPs

5 Countries

3221 kBTransfer

8804 kBSize

18 Cookies

31 Outgoing links

Page URL History

Redirected requests

235 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.babup.com Open in urlscan Pro
51.15.15.22 Public Scan

Screenshot
Live screenshot

Full Image

235
Requests

80 %
HTTPS

0 %
IPv6

22
Domains

35
Subdomains

31
IPs

5
Countries

3221 kB
Transfer

8804 kB
Size

18
Cookies

235 HTTP transactions
5 data transactions