urlscan.io logo urlscan.io
SecurityTrails logo

www.babup.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.file-upload.com/7z62jlxn8qgj
Effective URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Submission: On March 28 via manual from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 73 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.babup.com.
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.
This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 21 188.114.97.3 13335 (CLOUDFLAR...)
16 188.114.96.3 13335 (CLOUDFLAR...)
2 169.150.247.36 60068 (CDN77 _)
8 172.217.18.98 15169 (GOOGLE)
1 142.250.185.106 15169 (GOOGLE)
1 142.250.186.168 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
2 142.250.186.136 15169 (GOOGLE)
3 216.239.34.178 15169 (GOOGLE)
7 142.250.184.226 15169 (GOOGLE)
2 172.217.16.193 15169 (GOOGLE)
1 142.250.186.164 15169 (GOOGLE)
11 172.217.16.206 15169 (GOOGLE)
73 14
21    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.com
www.file-upload.org
16    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.org
www.babup.com
2    169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-36.bunnyinfra.net
images.dmca.com
8    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
ajax.googleapis.com
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
ssl.google-analytics.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
3    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads.g.doubleclick.net
2    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
11    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
24 file-upload.org
www.file-upload.org — Cisco Umbrella Rank: 967630
555 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
70 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
395 KB
9 file-upload.com
www.file-upload.com
4 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 632
www.google-analytics.com — Cisco Umbrella Rank: 34
38 KB
4 babup.com
www.babup.com
14 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
162 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
92 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 16201
10 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
30 KB
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
73 12
Domain Requested by
24 www.file-upload.org www.file-upload.org
www.babup.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 www.file-upload.com 9 redirects
8 pagead2.googlesyndication.com www.babup.com
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 www.babup.com www.file-upload.org
www.babup.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.googletagmanager.com www.babup.com
www.googletagmanager.com
2 connect.facebook.net www.babup.com
2 images.dmca.com www.file-upload.org
www.babup.com
1 www.google.com tpc.googlesyndication.com
1 ssl.google-analytics.com www.babup.com
1 ajax.googleapis.com www.babup.com
0 certify-js.alexametrics.com Failed www.babup.com
73 15
Subject Issuer Validity Valid
file-upload.org
E1		 2024-03-20 -
2024-06-18		 3 months crt.sh
images.dmca.com
R3		 2024-03-07 -
2024-06-05		 3 months crt.sh
babup.com
GTS CA 1P5		 2024-03-06 -
2024-06-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-05 -
2024-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.babup.com/file.php?get=7z62jlxn8qgj
Frame ID: F05508FEF5C527C842E1032577E77E2D
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1711619734&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x875_l%7C212x875_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734215&bpp=6&bdt=2049&idt=671&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1552768593752&frm=20&pv=2&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=708
Frame ID: C0EA8F3410557318B5BE4037B9215DEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1711619734&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734292&bpp=3&bdt=2126&idt=647&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=201&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=655
Frame ID: 44D03232B269526328B2C9EF6DE6039C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1711619734&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734303&bpp=1&bdt=2137&idt=664&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=732&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=668
Frame ID: 6B0B00DA7E2E5B290269B00FC6C2BC1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1711619734&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734307&bpp=1&bdt=2141&idt=677&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C555x280&nras=1&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1052&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=682
Frame ID: 1AD54A77EBEA5909A1F831087B507BB3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6751F72C55B7585B8032DBE1C3326CF5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 379764AAF14CCC837D8406652CF29FE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1711619736&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619736099&bpp=1&bdt=3933&idt=-M&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7e9d94c5f96fa22%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MYaV3k6bqTLYWMvwonxFCxhOQbr-Q&gpic=UID%3D00000d851ed1222c%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MZv8hH07Jp8lKiJlUfT9Dgs74PDIQ&eo_id_str=ID%3Ddf1f5cead6f3af09%3AT%3D1711619735%3ART%3D1711619735%3AS%3DAA-AfjbyUKZaatwOPuCGCsTM15k7&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280&nras=2&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2013&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&psts=AOrYGsl-IZvIb_f8PxlfEGmSRzgUuJW9CizepwPE7091Ik0frDyd_c7irsNgWSW2IR_x9HbCKY8b4s5Nm0EN0nxIV7A&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=385
Frame ID: BEB481F588E4916A7EC00B400FF818C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1711619736&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619736099&bpp=1&bdt=3933&idt=-M&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7e9d94c5f96fa22%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MYaV3k6bqTLYWMvwonxFCxhOQbr-Q&gpic=UID%3D00000d851ed1222c%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MZv8hH07Jp8lKiJlUfT9Dgs74PDIQ&eo_id_str=ID%3Ddf1f5cead6f3af09%3AT%3D1711619735%3ART%3D1711619735%3AS%3DAA-AfjbyUKZaatwOPuCGCsTM15k7&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280%2C1110x90&nras=3&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2864&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&psts=AOrYGsl-IZvIb_f8PxlfEGmSRzgUuJW9CizepwPE7091Ik0frDyd_c7irsNgWSW2IR_x9HbCKY8b4s5Nm0EN0nxIV7A&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=392
Frame ID: 539C4777542BA06F29797608E95EC82A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240326/r20110914/zrt_lookup_fy2021.html
Frame ID: DB836C2A99CBCE0744A1E8974CED42D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

  1. https://www.file-upload.com/7z62jlxn8qgj HTTP 301
    https://www.file-upload.org/7z62jlxn8qgj Page URL
  2. https://www.babup.com/file.php?get=7z62jlxn8qgj Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

82 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

14
IPs

3
Countries

1365 kB
Transfer

3607 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.file-upload.com/7z62jlxn8qgj HTTP 301
    https://www.file-upload.org/7z62jlxn8qgj Page URL
  2. https://www.babup.com/file.php?get=7z62jlxn8qgj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.file-upload.com/7z62jlxn8qgj HTTP 301
  • https://www.file-upload.org/7z62jlxn8qgj
Request Chain 13
  • https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
  • https://www.file-upload.org/mngez/css/app.css?v=1
Request Chain 14
  • https://www.file-upload.com/assets/images/logo_new.png HTTP 301
  • https://www.file-upload.org/assets/images/logo_new.png
Request Chain 16
  • https://www.file-upload.com/mngez/images/anti1.png HTTP 301
  • https://www.file-upload.org/mngez/images/anti1.png
Request Chain 17
  • https://www.file-upload.com/mngez/images/anti2.png HTTP 301
  • https://www.file-upload.org/mngez/images/anti2.png
Request Chain 19
  • https://www.file-upload.com/assets/images/norton.png HTTP 301
  • https://www.file-upload.org/assets/images/norton.png
Request Chain 27
  • https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
  • https://www.file-upload.org/mngez/js/app.js?v=20
Request Chain 38
  • https://www.file-upload.com/assets/images/favicon.png HTTP 301
  • https://www.file-upload.org/assets/images/favicon.png
Request Chain 42
  • https://www.file-upload.com/assets/images/favicon.png HTTP 301
  • https://www.file-upload.org/assets/images/favicon.png

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
7z62jlxn8qgj
www.file-upload.org/
Redirect Chain
  • https://www.file-upload.com/7z62jlxn8qgj
  • https://www.file-upload.org/7z62jlxn8qgj
28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9d019fbf0044f5291f6075708de37e173cc62ab5eaf105eb7c206e63fd52cc7
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b6beb738d1f120-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 09:55:31 GMT
expires
Wed, 27 Mar 2024 09:55:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZfZ%2BEye81yi%2FlzneHmRhRym0hkb9gmFlJ6KVeP6tBA%2FMOBHagt8anTJQAYHftXrL%2BMgDGpVeyUih1oP7vNVH3%2B3bsvrBqnUUlxDUSgZz%2F4WwSoIpyQ6fayQqxuI6ZGD96bN8eNe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b6beb4e8c63c95-CDG
content-type
text/html
date
Thu, 28 Mar 2024 09:55:30 GMT
location
https://www.file-upload.org/7z62jlxn8qgj
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkuy41cqrSGu%2BnEIy3wQW%2BeFIuZOIaUsJXiwE1sSQtRP6%2FOpi9TZtA8s%2FJkxYogrJw%2B5QPK0Ra%2BE6wKSATK%2F3mQx40lJSENeYW6LaW1wHD%2FEc5yN9Fc7AJFw4sUeP0tHek6BzhcN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.css
www.file-upload.org/mngez/css/ 		247 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71116
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
W/"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CI8L3N2evUaLo5j0hXGsa3s8YJpUFLohT59VdC2FbpRKpSDPJNsmR2ZCsBbb%2B%2FQw7jNiP0%2BmgnJLneKhidTmMIetSQ2kx3RMNL0DvfCGCwgkx4fpkhlns1LgP%2BieKPf59P1FrcG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
cf-ray
86b6beb849a7f120-CDG
expires
Thu, 28 Mar 2024 14:10:15 GMT
app.js
www.file-upload.org/mngez/js/ 		235 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ppKl2ZJI1mvqJDOLA3hgLxrBTKh3aEQ8UFgND71PGPvRiMcdixIRDWZI73U7QRZS6%2Bi9KTd9m4VgQ2gsD6bJ1%2FzbiqcSRyP3GlFwl6YZmEvObc5%2BGGMGI%2BUzrJHPNIyAcmAGE0b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
86b6beb849a9f120-CDG
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1441724
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fn5VjxBi%2FV%2ByJ6OdYOcx6Z2vciBkGSMPaUguttfauAX%2B4tyaaH6L7d4DVJXnt8z4bA1ckF5Z%2FgLixRvL5tmnxOeWv%2F%2FWOun4giHDh7P9sgZoOU3D8QnqlOGD7uKcPIlTtghRnirl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6beb849abf120-CDG
expires
Mon, 18 Mar 2024 17:26:47 GMT
email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Mar 2024 11:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fd6d96-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyufhUPSjBybxwBRY%2BiXVYXhJhP7z7PW5DGEv1lw7TZNjENwRwUJFMuOwmbQb5fd%2BUmp9Rl3ORSzCMXF1iAxgxsBH%2BLUSAsh0cZzduyLz1VK42m97T5djZ0pGXmue8uQw2PV44Tj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
86b6beb849acf120-CDG
expires
Sat, 30 Mar 2024 09:55:31 GMT
anti1.png
www.file-upload.org/mngez/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76284
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLR57d9PnvXqv0W9jVN4DeXZMyakltN1LGh3uWM%2Fybxd0%2BcQ08MEWCaO2Nh8AsuxYLMWy4lW7cYYF3Peyc%2BSXp46mThVkRRxYoLfKti7g6vTh%2FYYp9TS5p9OMuVtSM7oA14weNtK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6beb90a55f120-CDG
expires
Wed, 03 Apr 2024 12:44:07 GMT
anti2.png
www.file-upload.org/mngez/images/ 		641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1445811
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzBCx1cx4RCwS2vr6u5wg87ScQjEoQHsZN6Psa47uvXzrlFSwecKO3qWeaUz2FNBqd8oOqEgrSTbcDx7%2Fc%2BrkBpGKX230zU7uDhWEiZUUp5lVx6Xo8ghnX3Qn0tOElhhCMttnV2k"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6beb90a58f120-CDG
expires
Mon, 18 Mar 2024 16:18:40 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-36.bunnyinfra.net
Software
BunnyCDN-DE1-1079 / ASP.NET
Resource Hash

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
786d777b2854b0c2b9c60e244f398f4f
accept-ranges
bytes
cdn-requestcountrycode
IL
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205291
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6zedeAdmKjLAmFDkYKqukjrfy9uhDNQi%2FMcORhKvQKf5b9zIa9dicIWQUZTrZlLtoTj5yCtuBVt%2BMWT4s7opu9TvdZq1ktb7V85nLersGWwSwh40TUKJOvWmJwuWEgMxqfUNQzdV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bebb4c8df120-CDG
expires
Tue, 02 Apr 2024 00:54:00 GMT
Primary Request file.php
www.babup.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/file.php?get=7z62jlxn8qgj
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
09b33fa489f3f2ad963779dd9b0eccdc0755a058c752d2e4d360eac1ab592967

Request headers

Referer
https://www.file-upload.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b6bebd185f0488-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 09:55:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIjbzDmOXGjDl4%2BjEAB3EXZ%2FaB8AA9us3vxFv00JAtxp7c4T51GodQOzFjmkoUSeMzegtCntG%2BmjdlXNFyBOctnb1HhbiCph%2FsIiaMxyCuA20PCn%2FNP6ZmwtKZSM%2F1W1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.2.34
flags.png
www.file-upload.org/mngez/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1441703
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYC2xXZuuFN%2B22mLYsP2A%2Bx6Za6je9%2B7t1EQp5R8kadI1BC8bldty3tbPiWK0K4nqMv8bmBN1u%2FYjZkJuPnyfuBPB4iCNInrH%2B%2FwNNsMcTwhmVcYQxGf8SJBmy7SXCeA9ptxZUMx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bebb9cc8f120-CDG
expires
Mon, 18 Mar 2024 17:27:08 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1091
etag
"12d68-5fe4d56c8e4d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXYw2aQm%2BLX8Eb21ZMSyckHQSpvCUa8Dat9RIFM7W2aoyollpBYcUBUPb%2BOL6QkHVPYA%2F1Jbi7oZvGyXUGBl2ulFjSh0N%2FW%2By6hJmBIanfdyLNgWBvkC%2BdM46Dr%2B38qMx4FrWmij"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86b6bebb9ccaf120-CDG
alt-svc
h3=":443"; ma=86400
content-length
77160
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4251
etag
"1ee0-5fe4d56c8f861"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxV7mzK%2FPG0E3xoRMn%2BajDhg4ypHXZmU4x%2BQ1vJ%2Fy8qvHxDSL9YBAbuBIs%2BOhaWnjr1ZT%2BhNZUPqyoGJ%2FuW8mCh9Eeu%2B8ODnfS411JbvNKgdxaH%2B%2B6qeE8XrWt8Get5Ke%2Bs3EhLn"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86b6bebb9ccbf120-CDG
alt-svc
h3=":443"; ma=86400
content-length
7904
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:31 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6759
etag
"1ecc-5fe4d56c90801"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1mom0hqm2QO05ilDVcqaVNMKjUFmeiCksvbTkWratzdAzyqlqbu5quDw57u8OA7eUCSMH8CIgD%2BAEOvjBRh40x0Tl97NtiVJTkRwqagioft7%2BcZMbyOOsueJTG7qbxB4CJkykbv"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86b6bebb9ccdf120-CDG
alt-svc
h3=":443"; ma=86400
content-length
7884
app.css
www.file-upload.org/mngez/css/
Redirect Chain
  • https://www.file-upload.com/mngez/css/app.css?v=1
  • https://www.file-upload.org/mngez/css/app.css?v=1
247 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71117
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
W/"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2siiN%2BtBNNF9INuXoUK%2Fxtb0FZjEXumqf1WXUCL3ku1fb3oXxsWGuQEp3GyC1374hoBrWiJAVml%2BT64r7xla3W%2Fvu1HO0iqafdsiAMgVQ8%2FO4orH86RO%2Bc0AYg8DBqMVBu45Evj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
cf-ray
86b6bec199c704aa-CDG
expires
Thu, 28 Mar 2024 14:10:15 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
557
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZ8TRT%2B55vk8rxf8SyQK3oQ%2BYZHhZ4DcLXdZuN9cQOTgYDMCLu8McODAEWsZM4asd4OG0V5FkuFTO5ijjB0l3nlO5mmybUEajGZ82zkNTG00tIQKB%2F5s%2FgdBZaIDlDUxvz6R3XXS"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/css/app.css?v=1
cache-control
max-age=31536000
cf-ray
86b6bebf493bf180-CDG
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/logo_new.png
  • https://www.file-upload.org/assets/images/logo_new.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1441725
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzaVSbeZGW2GUbL%2BCvLiYOp2yC6KCnn0bTGha8bT14hJ4PJFgvVi5yvQXVbbkHEjUrU%2FbBOktg69vixnvyC8JVB8%2BbnTi1m9iKw8ODoMS8p5rkbnT%2FgpxRjd5bMyzOsP6KNLAaSE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec199c904aa-CDG
expires
Mon, 18 Mar 2024 17:26:47 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
690
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCnAtp65dHE4if0d9TW0kkFBan6ozvwC2DgzjaUWUAV4%2FKC4bwE55PuqbGeotYt3LVB3QrY8YSoXLZ0yoDSvLM1tF%2FIT5UmYIpT5RPpRvUHtByXuwMDNVhblq4d4%2BUM6Fu5MO1Re"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/logo_new.png
cache-control
max-age=31536000
cf-ray
86b6bebf493af180-CDG
alt-svc
h3=":443"; ma=86400
email-decode.min.js
www.babup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/file.php?get=7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Mar 2024 11:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fd6d96-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ikw2Kn8Q%2FDTQS%2Fl6hIbyjIy7OcP4Fc95rVcbDsxNXlJXbDVoJmQqNF65goevckcmCEPms%2F8d4cYbGS%2BLAzU1VE%2Fpaojj4DfooYL6UP6uXYZl20khMJLgGXor%2BqIy3bC5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
86b6bebe795a0488-CDG
expires
Sat, 30 Mar 2024 09:55:32 GMT
anti1.png
www.file-upload.org/mngez/images/
Redirect Chain
  • https://www.file-upload.com/mngez/images/anti1.png
  • https://www.file-upload.org/mngez/images/anti1.png
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76285
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpcmdpWBU6uKQMW1JV6kj944lBzxy8FPOihpI5DoqKhPvLtcJjiv6%2FGlEVS7aRJVJDtFlGke%2FzQjEx7yte5nfCbif2bNMP0lx9aWdqALReU8mzriVoqsxFSi0o5igKaT5gaoneIv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec199c804aa-CDG
expires
Wed, 03 Apr 2024 12:44:07 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8c6ncUzf19KR%2FfCqBNnvErVbnz9DYS89AzBBcx29mN%2Fm3fuaAAJlq4Q2Rs5fRgDBjGNnEk1AbvAp2dWDk9V61G4kpsr06RrjXrVKzyMkZJ0yVijaYYN%2BZMp80W5K%2B81ENo9bKnx"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/images/anti1.png
cache-control
max-age=31536000
cf-ray
86b6bebf4934f180-CDG
alt-svc
h3=":443"; ma=86400
anti2.png
www.file-upload.org/mngez/images/
Redirect Chain
  • https://www.file-upload.com/mngez/images/anti2.png
  • https://www.file-upload.org/mngez/images/anti2.png
641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1445812
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BxmUHNmfNYebUXHkUmup7HdoYq5Y0BI6xNOiEnvm4tEMtC8%2BPI9%2FmG0M8aYhpE7%2FT5A%2F2X98nUMT5FXJAIaBQOLDnmUKr9%2FDJqJf%2B8WZGdCwvtZsDrT%2FZ4FRDKY%2FScFKyv6ojk8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec199ca04aa-CDG
expires
Mon, 18 Mar 2024 16:18:40 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
690
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2yWmkaaWdv7u4JvQf45%2F0GR%2F0SgPqBwH2eByrE%2FiqtHb0kBGRFKRFj%2BlyhUuCFvAGi0zN3lVFNjfeQcsMH9vct73yOHSOGsrw2yn2c0quGzvcPf6kburuQ7BVA%2Fy6SToVtFJdA%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/images/anti2.png
cache-control
max-age=31536000
cf-ray
86b6bebf4937f180-CDG
alt-svc
h3=":443"; ma=86400
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-36.bunnyinfra.net
Software
BunnyCDN-DE1-1079 / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cdn-edgestorageid
1080
x-powered-by
ASP.NET
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
59f9c4cf5dfc07c5719f15100fcb61bf
accept-ranges
bytes
cdn-requestcountrycode
IL
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/norton.png
  • https://www.file-upload.org/assets/images/norton.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205292
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYFY%2BfXSOGm7OrPlDY%2ByoMpDZTyTJgN%2FIaNNK87ZQ%2B0ZET9Ym0qGJE%2FqhwVCVmrVbElqqo7Qy3IIYtCFoAvFTnikd1dFkT2yk0N47MZkkxvXmsZs1pYqqEOOfUwQ3XhVi%2BSds1UR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec199cc04aa-CDG
expires
Tue, 02 Apr 2024 00:54:00 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
690
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Obtxv%2FftWXnZwgMyQSuYjXiHtNR7Q2NH37vY9unlxHqi3t8koicjBGB3ksDn2mvOtCiaHJiGlkLm2KHlu%2BePAffbiVJOiYSoF5JO3apVlBcVGRWUhjG9ZIATkmk66kEuLcOatLWR"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/norton.png
cache-control
max-age=31536000
cf-ray
86b6bebf4939f180-CDG
alt-svc
h3=":443"; ma=86400
rocket-loader.min.js
www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/file.php?get=7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Mar 2024 11:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fd6d96-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HRm3yunU7hTB%2FhK%2FSpuOdDRXGWS9NYYI08Lrl6Ju37E4j9Veu%2FPSrYyJek%2BPWiqrLNLGEEDEBurgTEkD73OUgeAaply55kmHTuCHRsfi8O0t97zX0%2FkN97KGZGPYB%2BRb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
86b6bebeb97d0488-CDG
expires
Sat, 30 Mar 2024 09:55:32 GMT
flags.png
www.file-upload.org/mngez/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1441705
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0mP5YVk0lAkFtw5YFNHBQ65OgQtFlCPjxr4jF3pzVyiPbwgvokJ9sMyqApon9PEPTgjF1oV9beX0z6nfQCTnCr0MIouths2TRQGyMlOz9Af2BUrf7xKMz%2BWZz7KMv4EVHD0xMX2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec3ec2d04aa-CDG
expires
Mon, 18 Mar 2024 17:27:08 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		0
0
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 		0
0
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
40527af5a40463569879e9febf22c547549b04218b8d07b7a3f7b908e3ef6db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Origin
https://www.babup.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51238
x-xss-protection
0
server
cafe
etag
8117503631788468110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 28 Mar 2024 09:55:33 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 08:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 08:16:54 GMT
app.js
www.file-upload.org/mngez/js/
Redirect Chain
  • https://www.file-upload.com/mngez/js/app.js?v=20
  • https://www.file-upload.org/mngez/js/app.js?v=20
235 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEwNWzh5IJBlwZzdWhsoV%2BKzumiX%2FGLUD2a%2BnDGn%2BIXfjcxv6Gs3xx29ftuD9GmktmBiNx5khE%2FUF%2FkzJkkjFkhIenNgoTl4U96s8HFWiEg6z%2FoExyaAAa6OQDLEof9zy%2BJszJBx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
86b6bec4dce304aa-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 28 Mar 2024 09:55:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
514
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqH0jxGNeztlXGQuvAJ5gqBNzx3sy0cGzaPKNT%2BqeWt9DScNP%2F5qP6FxSXHIqWB3SkexFCfqmFghGquXG52gjuz6sIdEnNRCf9%2FMIrTWx9CoqBEJGhn6OdAtg%2BKPY0MU4Xqs7brP"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/js/app.js?v=20
cache-control
max-age=31536000
cf-ray
86b6bec41cf3f180-CDG
alt-svc
h3=":443"; ma=86400
atrk.js
certify-js.alexametrics.com/ 		0
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 08:02:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6756
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 28 Mar 2024 10:02:57 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
7cb1bdc08c38ba40cdb08b3653f38ee6dfc726792bb1b97edec2d5c74474e0f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 09:55:33 GMT
content-md5
xFYqe2HPJwZNpixrT9AjQw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=12, mss=1380, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
qkw/sA/IhavErPBb1Ra7Le5i/PhY/FUgeBZpprApH+WaJ4yAhcTxlK+ZZYIXF2yj5kZMhh2WXIYLbqooJdeAyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
84e7ae37c2690b592e6620bc819dc5bd
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"0165a2f4e5633e31724aa593fca40c9f"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 28 Mar 2024 10:14:40 GMT
sdk.js
connect.facebook.net/en_US/ 		303 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
18a2be3620b2fa020578ec98b1dafb8cfc9b45cc395774fa8362901f888f97b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.babup.com/
Origin
https://www.babup.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 09:55:33 GMT
content-md5
974w70dmArioRLw32BSXgw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88666
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=12, mss=1380, tbw=2802, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug
6PydIUVnokbCeREwxTXHH5DmgP5A1GoTi6/dp8U1f4iPyhFpwg6lVnJMv0Uz7da0MWdosUgMASfZM1OGPUo6ng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
664555b65b5971a10c3971a1130bdcf2
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"b6c6e3e369e7f710963fce3c21c1d6f0"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 27 Mar 2025 18:18:30 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cdc79ede736e34cb795a62861da74150907964e3728d0d393ecf4ac1739ed402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75371
x-xss-protection
0
last-modified
Thu, 28 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Mar 2024 09:55:33 GMT
blockadblock.js
www.babup.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/blockadblock.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e367a2d0e62116b0a999990fdf2a3584d916ca0458269b6a43e825b7bdbcb060

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/file.php?get=7z62jlxn8qgj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2792
cf-polished
origSize=6947
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 10:11:48 GMT
server
cloudflare
etag
W/"1b23-6038039110a59-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fz73bfu2ifKUQEYJaHQJ3BeJYZqMamPcZx3gEVSafWZv%2Fo3kRPrU1EL99JZip78qOkW7zCXCmjaqwYIOt8bNvJuzjWAYiNIh1f8dLcn2p%2B6CX2RBv61vS2kiK9SeWqD%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86b6bec41dba0488-CDG
fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.babup.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193726
alt-svc
h3=":443"; ma=86400
content-length
98024
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"17ee8-5fe4d56c8f479"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBDRQd0JMPf2y9tNtArwCm2M6d%2Fb76taxfs10lPsbyb9nBoaFyyl6%2BOCXGyGjLOLvNyW0UzEBuqBAV7TkKl19q0bSozkTxSVeU3fbZ5wEc8Cx5nZWTdg6%2F7VZOfBHnJDpcn6a45j"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec61d2722aa-CDG
poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.babup.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
478107
alt-svc
h3=":443"; ma=86400
content-length
10420
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28b4-5fe4d56c94299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eY87qZD0EV8bw4i4AwSd7%2BSkOQA204N3d9XI7z%2BoybXCZBMEkUG%2BDjAE1qfsiejFfURhu0kgPCnJoUwZaUg%2FkcyWq8poz7oACurREVeX2yL4zUoTmZ%2B55Gy1FGucAstFLOdhuKJA"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec78e4622aa-CDG
poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.babup.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205294
alt-svc
h3=":443"; ma=86400
content-length
10400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28a0-5fe4d56c936e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJ4tiK2dLx8JhC8xw5E2fA%2FWs5VqquHtYWPJyZiTrLcdW2vmPSxbFwwkOr4QOcT4W0f58iaQewo0kR7ZrRXZWuM%2FUskzxUcTpuQdivCOtqUFThnc%2BLbMQK0X7BVXVuOLOV2zJEBM"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6bec78e4c22aa-CDG
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
d1c590a61289146ce22a4a264576b7809d6db8205c226831acb28dbe7ead0e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141306
x-xss-protection
0
server
cafe
etag
11205498724935772922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 09:55:34 GMT
favicon.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/favicon.png
  • https://www.file-upload.org/assets/images/favicon.png
2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/assets/images/favicon.png
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732d7d5bcbcd4de4a8effa90fc28b8045c38ff54345d8680826cbb2c81915449

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1433458
alt-svc
h3=":443"; ma=86400
content-length
1692
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"69c-5fe4d56f8fd78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pp4hVx%2FQfeIyvuTizzzFybJ7vL8XqvnN%2FLNHJJj04abOE%2F5IznrH7wVx95Uj0c0CId%2FGNweuleeDCAzE%2FGX9gzD1rh%2BbsgKoXW6X0fe7zA9T4FLWxMB0doJR4XZLHB67EBkAwIHP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6becc3a6204aa-CDG
expires
Mon, 18 Mar 2024 19:44:36 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
619
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZdyePkPzyDoNK82m4GkGXWoq4IPGqDiNzDT4rASdOtBC1hDvkdTojKLlIyBCxHYlzyeY4k8JiEEWRiBhvt3nqx5cxIg6%2FwA4DGj9%2F9fLyGtDczULl6Wlw5h40KwD9WTVGzB1qAf"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/favicon.png
cache-control
max-age=31536000
cf-ray
86b6becb69e1f180-CDG
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1cf6184262ee48a15f2817d0bda10dffb56ed007523901907a1234dd74461554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89961
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Mar 2024 09:55:34 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Mar 2024 08:34:31 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4863
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 28 Mar 2024 10:34:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
afc1b5462c12f1c068d93a411928b7392c241173ef1418bdd957458d2ab47886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Origin
https://www.babup.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51238
x-xss-protection
0
server
cafe
etag
3515258702121446816
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 28 Mar 2024 09:55:34 GMT
favicon.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/favicon.png
  • https://www.file-upload.org/assets/images/favicon.png
2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/assets/images/favicon.png
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732d7d5bcbcd4de4a8effa90fc28b8045c38ff54345d8680826cbb2c81915449

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1433458
alt-svc
h3=":443"; ma=86400
content-length
1692
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"69c-5fe4d56f8fd78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LR233oHiAs7B9mPS6N%2B1XxbE9xRccyR%2FSYTAH0d8%2Fbsw6I%2BOaecYPrCUgf%2F7aj3MtwAruwIsQkE%2FCtgjI0OMe8tBaF0E%2FegqQyi4X8fmrOtomgex%2FUl6WW%2Fd2CdB%2BhYD5HFSU1c1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
86b6becc7a9504aa-CDG
expires
Mon, 18 Mar 2024 19:44:36 GMT

Redirect headers

date
Thu, 28 Mar 2024 09:55:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
619
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fx%2FoKyX7nQOXkV%2F8Wzvu2kxd4cMBKtCnUVB3bumIQKSnr1gDY3bf7%2BkjzA8n8gq6etGqebg477ljBX7eZnhaS3DhWGACLsHjfuRSKcNP2lRM5zz%2BA4jikwJZzZeZFUo9qp%2BK7eyV"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/favicon.png
cache-control
max-age=31536000
cf-ray
86b6becbba0bf180-CDG
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je43p0v9114416819za200&_p=1711619734222&gcd=13l3l3l3l1&npa=0&dma=0&cid=781967365.1711619735&ul=en-us&sr=800x600&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711619734&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2803
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 09:55:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.babup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=644962096&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=67804834&gjid=1356438501&cid=781967365.1711619735&tid=UA-119779859-1&_gid=2014244938.1711619735&_r=1&gtm=457e43p0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1585543445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 09:55:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.babup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C0EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1711619734&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x875_l%7C212x875_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734215&bpp=6&bdt=2049&idt=671&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1552768593752&frm=20&pv=2&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=708
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
54794
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:35 GMT
expires
Thu, 28 Mar 2024 09:55:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240326&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
36daa281bd61f8aad1937d66c33b6c4212fc4b98f8ee35fbfd9bd4c51619bb4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12105
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 44D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1711619734&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734292&bpp=3&bdt=2126&idt=647&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=201&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=655
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42740
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:35 GMT
expires
Thu, 28 Mar 2024 09:55:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6B0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1711619734&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734303&bpp=1&bdt=2137&idt=664&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=732&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=668
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28605
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:35 GMT
expires
Thu, 28 Mar 2024 09:55:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1AD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1711619734&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619734307&bpp=1&bdt=2141&idt=677&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C555x280&nras=1&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1052&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=682
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:35 GMT
expires
Thu, 28 Mar 2024 09:55:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 09:55:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6751 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

accept-ranges
bytes
age
56358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 18:16:17 GMT
expires
Thu, 27 Mar 2025 18:16:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3797 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MJoP3KKWM5zLhzY_b9zZyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MJoP3KKWM5zLhzY_b9zZyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:35 GMT
expires
Thu, 28 Mar 2024 09:55:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
8120b7897bfc2362118cab9200d0180846a54131c4e0bc43bbe5f20b4aaf151b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57636
x-xss-protection
0
server
cafe
etag
10373925409366579115
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 09:55:35 GMT
ca-pub-9176521898341909
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9176521898341909?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
78fa220e50e99de3dac509973166725dcb0e467a4fec4a18da0594100606c8b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LwHpZQQZuTBm6UB6pJ8QBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-LwHpZQQZuTBm6UB6pJ8QBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTNMePvlA1sAjv2PykGALPRMVk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
75a149c936a4e12d6ddb2556c99c2994c143fa1085fce2578040f82d3858701d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32312
x-xss-protection
0
server
cafe
etag
11887204416226868580
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Mar 2024 09:55:35 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame BEB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1711619736&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619736099&bpp=1&bdt=3933&idt=-M&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7e9d94c5f96fa22%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MYaV3k6bqTLYWMvwonxFCxhOQbr-Q&gpic=UID%3D00000d851ed1222c%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MZv8hH07Jp8lKiJlUfT9Dgs74PDIQ&eo_id_str=ID%3Ddf1f5cead6f3af09%3AT%3D1711619735%3ART%3D1711619735%3AS%3DAA-AfjbyUKZaatwOPuCGCsTM15k7&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280&nras=2&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2013&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&psts=AOrYGsl-IZvIb_f8PxlfEGmSRzgUuJW9CizepwPE7091Ik0frDyd_c7irsNgWSW2IR_x9HbCKY8b4s5Nm0EN0nxIV7A&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=385
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:36 GMT
expires
Thu, 28 Mar 2024 09:55:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 539C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1711619736&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711619736099&bpp=1&bdt=3933&idt=-M&shv=r20240326&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7e9d94c5f96fa22%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MYaV3k6bqTLYWMvwonxFCxhOQbr-Q&gpic=UID%3D00000d851ed1222c%3AT%3D1711619735%3ART%3D1711619735%3AS%3DALNI_MZv8hH07Jp8lKiJlUfT9Dgs74PDIQ&eo_id_str=ID%3Ddf1f5cead6f3af09%3AT%3D1711619735%3ART%3D1711619735%3AS%3DAA-AfjbyUKZaatwOPuCGCsTM15k7&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280%2C1110x90&nras=3&correlator=1552768593752&frm=20&pv=1&ga_vid=781967365.1711619735&ga_sid=1711619735&ga_hid=644962096&ga_fc=1&u_tz=120&u_his=3&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2864&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081575%2C31082198%2C95326316%2C95320378%2C95328826&oid=2&psts=AOrYGsl-IZvIb_f8PxlfEGmSRzgUuJW9CizepwPE7091Ik0frDyd_c7irsNgWSW2IR_x9HbCKY8b4s5Nm0EN0nxIV7A&pvsid=313736479509859&tmod=1788441981&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=40%2C40%2C40%2C40%2C800%2C0%2C1600%2C1198%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=392
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 09:55:36 GMT
expires
Thu, 28 Mar 2024 09:55:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240326/r20110914/ Frame DB83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240326/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

age
65181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Mar 2024 15:49:15 GMT
etag
5035419970550746386
expires
Wed, 10 Apr 2024 15:49:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXSW1curFkXud7bW66zF3ZWRSBIBihvsvp1-8JqjT82lMKcweF8qm7tVAuuJ1ZwV96n59idf9eduhQ-ZCuABs2KSH5c4WB96T2wL1FhVs8Gld-sI5NHebxxlbbGTyOfVPWNVisBGg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXSW1curFkXud7bW66zF3ZWRSBIBihvsvp1-8JqjT82lMKcweF8qm7tVAuuJ1ZwV96n59idf9eduhQ-ZCuABs2KSH5c4WB96T2wL1FhVs8Gld-sI5NHebxxlbbGTyOfVPWNVisBGg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNjE5NzM2LDUyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIjNBZmV0TjBWQ3FRIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
018687150309b8d0731bd17f618faed9eae43560efaf6ac3c14577b65af604c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lbH9Fox9CvWV8CmdDtEcnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-lbH9Fox9CvWV8CmdDtEcnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMePvlA1sAg2taxcxAQDb0jDS"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8sCsvtwQAEoh3xlnhU8tijUpVhQ61k4cQz3WAToX0GLkCIdHHvTNeOq8EKKfkQXMVsPKm-ymtNUuIavXE8MwBUTMgPtcz-iDeRL0F1iPsDPuzDEuXATBG6YHvzXuEMwhy9JgHiQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8sCsvtwQAEoh3xlnhU8tijUpVhQ61k4cQz3WAToX0GLkCIdHHvTNeOq8EKKfkQXMVsPKm-ymtNUuIavXE8MwBUTMgPtcz-iDeRL0F1iPsDPuzDEuXATBG6YHvzXuEMwhy9JgHiQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNjE5NzM2LDY3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJhYnVwLmNvbS8iLG51bGwsW1s4LCIzQWZldE4wVkNxUSJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
1d434c11c0f31544dcfdf81418e39fe077d81acd1f1aeec9e157715ee4b53a4f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zkbalepxYuSpJ-GL2i4Aiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-zkbalepxYuSpJ-GL2i4Aiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEwzHj75QNbAIHXv57wgQAL9o3Fw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
ad
fundingchoicesmessages.google.com/f/AGSKWxU4pMNgnpAK8C6iNxsz-tw5eMtS0cvBO4GXNWrIoV_TGRh06a11GzymLTCqB0okH6gY8V0jDzihYRbpn-nBhVvmjdYsuQHw5BvvJhPCqzY-TegKZIX68xa8ZzvMgbuORDgvLAfh2NaENJEfMkvEBxsSorSv0... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU4pMNgnpAK8C6iNxsz-tw5eMtS0cvBO4GXNWrIoV_TGRh06a11GzymLTCqB0okH6gY8V0jDzihYRbpn-nBhVvmjdYsuQHw5BvvJhPCqzY-TegKZIX68xa8ZzvMgbuORDgvLAfh2NaENJEfMkvEBxsSorSv0LyZ6KvFuVZI40wPVI_Qcp5IxK1qMr9s/_/ad/semantic_/public/ad?/dfp-ads./ad3..adsame-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzv_XvnP5SxFzHs6kVEZ5XM461H2A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
ab0b8abc1a4ba6d252d5fa1dbd2ef66e4c87451c5932296f3c6395a7c5b99fcb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JsVt-E6SB_74ksv-MwpL6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-JsVt-E6SB_74ksv-MwpL6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw0ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEwzHz75QNbAI35r5-zggAMGc21g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzv_XvnP5SxFzHs6kVEZ5XM461H2A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e483275bbff1656e26f29d7abc06865288ee233428d6f29d336385f790f54bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51240
x-xss-protection
0
server
cafe
etag
402419094346786653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 28 Mar 2024 09:55:37 GMT
AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HUly8UWvT8rUgxp8nhlKLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HUly8UWvT8rUgxp8nhlKLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1hDgFiIh2Pm3ykb2AQufH9-nQkAyJINBg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qkK-gbe0DbZS1jHelFQbLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-qkK-gbe0DbZS1jHelFQbLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIh2Pm3ykb2AQ23Gq_zQQAxZoMZw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.babup.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NkmySTPs9pR9x0m7qRyVcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NkmySTPs9pR9x0m7qRyVcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1hDgFiIh2Pm3ykb2AQ2fNl4gwkAyDQMtQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_Jc7nkKIj3qSbJtxu1SBuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_Jc7nkKIj3qSbJtxu1SBuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIh2Pm3ykb2AQePJ93jwkAxysMvw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUuVJw05At0kqEeNaoX_nmE6ATBoK8BcfOORh3U2JASKHZvw0iEI5Bcfu4FHMfV66ECe7PrwiHEPo1KW_WNTREEkCUQiT8RLWCE9MIrkBdIAFJxn_h5zZ5hcxwfTdrcprm6sDbf2g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUuVJw05At0kqEeNaoX_nmE6ATBoK8BcfOORh3U2JASKHZvw0iEI5Bcfu4FHMfV66ECe7PrwiHEPo1KW_WNTREEkCUQiT8RLWCE9MIrkBdIAFJxn_h5zZ5hcxwfTdrcprm6sDbf2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNjE5NzM3LDYxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIjNBZmV0TjBWQ3FRIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
7222fff258341db0d855686d8938036fac34440bd20ad81b938c15b376925977
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vULoUkplGawQ2cIKPx0TRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vULoUkplGawQ2cIKPx0TRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMfPvlA1sAid6Wk4wAQDjbjEt"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV5ptok-EL6NAtUlfkuA_RGvgmF6Gse_RILJ6g8SUyVsBxksujNFxtNOtAUYjqf17ILGDKG4knl825HfsAVevzuAhsNocE4y-mS8LIee2BTqsuzpzT4Lk6gF0tLlP2ZkBXEjdSCQg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV5ptok-EL6NAtUlfkuA_RGvgmF6Gse_RILJ6g8SUyVsBxksujNFxtNOtAUYjqf17ILGDKG4knl825HfsAVevzuAhsNocE4y-mS8LIee2BTqsuzpzT4Lk6gF0tLlP2ZkBXEjdSCQg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jqykEqMf_cJiHTL6zLEMJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-jqykEqMf_cJiHTL6zLEMJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIh2Pm3ykb2AQa5kzsYgYAxQsLwQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU88r64_8q5N1cPLv9vqWI2qAYNHQWGDzcMkbgimKx6KO5-Tt9yvHK0MF8yjUmsS3YQ2X5gwrV3W3lvm4WCif0hxabe7WhvFWLpTYNHFn_UehwoxnUrQlKf7_5wP-HoxWTfNf3Y4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.3AfetN0VCqQ.es5.O/am=wA/d=1/rs=AJlcJMxGBCBidqzABVkc5JavsQS1z-NNkQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RnIeXF5sypYVwklGVz3B6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Mar 2024 09:55:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RnIeXF5sypYVwklGVz3B6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIh2Pm3ykb2AReNLzqYQYAxuYMYg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240326&jk=313736479509859&bg=!HB-lH1DNAAYQOWS2MDk7ADQBe5WfOBYEujE7Ppltt9yMecwoCKrZrqMkCBjRPY3YQLUz2YS1oWbCSDE82IwmPWx4RH5xAgAAAHZSAAAABmgBB34ANZJjVEswJ18pFwNwUqYgH91QsdA-iKXCpuIkdS6e7JG5DnrhSsifhFd5k4PV5Agxr_6x2dEoCgB3mc652U9t9eyqhg1va1MVi92SJ44EjEg-eaK3Zs9sr4deb1bUgtTFsafTm0OxIsD2T54d94eIyTqA0tBj_t5tShb5UNVbYr7MbNcYw01zM8iE4Eg9tqOUKVedjw2h7gUMxhdGlSGV3CmKoNCDtegYMFBqvbKW1nKZAo-ieoKZyj9GpzmJAlLhrI__1EEfHWKx1ZYeYAAzR4vymwDP6ItmOmsEJ8BjxiYN46AJovYWtpTCp4EiwGtyX8VHL93pPnilMxei4LA_NgIcIw_tqRSXtpVXelUnkIFYE1c-J510u-MHR-nqBeCvNBhFhMBLgMZe7TazbGDTMRJvimEr-lwasNGD9lH2b8_BvPUAq2T0L4kWsMCGoC44DBp-H6adAi6DKGh4dB4qNEXPHyQmcEQHKrSgK6VN7JW_2NrUEA__M1Oem5Q7MfV0sIbzDbp2n2_piyJRqSkj7-QGjoZ9j70d3nHt2YyfMYnbv41TSjSuc00G8D1bQaLlUJZJ1H1bwVX4dL_H5uZPf_chwvlvAMicKmX3DmCoUhp2eIZe_ii9_jqBgsl8BYmZFElod79vgfSnjiTucHISvksDoR7stSkmAdC87NLUhm2Q9H91Q5GgHkeJq_tcxGJI1zMGrFggBgrSPjIzUqG1gudMIQt88jVqyUwZcGpyGPQGtGK3e-1mlxffWV26_RvbvvNMq90R-i6O90Lt1baUfj_6L_zpMMAEYK9ZT84kmH6XQzFyqa3zcmisu1gF711wi59jn-jjYJuptHC7Ic1B78MSLNUv1jQvAJH9ZxHQl5NRZI9hqJFwSZ5A51Q1yPowvAsgdp8cx2IgybPDgkJR8fvVKsXXXCAkzcliwnJWhyPTC21jU5kHPwACTezpXWJcgWAToqTSoLGMefKIpZTAnFy3TRAT1FHWoq6XadQ8z2I1mxZP8l2gqqCYnzlkmRDmzgtcfrxCCMJx2E1ACJdklagG_BTKSVXzWdOOUyyzBszi08Zr5LOVf8wxLjUQ47zhCC20NJxqQJDx_ufU6zMfYLZm

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onpagereveal object| __cfQR object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| BlockAdBlock object| blockAdBlock function| gtag object| dataLayer string| google_user_agent_client_hint object| google_tag_manager object| FB string| GoogleAnalyticsObject function| ga object| _gat object| _gaq object| html5 object| Modernizr function| yepnope object| jQuery112407182805390634386 function| CBPFWTabs function| $ function| jQuery function| setPagination function| WOW function| eve function| mina function| Snap boolean| detected function| adBlockDetected function| adBlockNotDetected boolean| __cfRLUnblockHandlers object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| googletag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NWEzZjc4M2M4ODZjYzg3M2xvYWRlcl9qcw== string| NWEzZjc4M2M4ODZjYzg3M2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests boolean| 376e6b18-616f-480c-be12-c938dd0698fa

15 Cookies

Domain/Path Name / Value
.file-upload.org/ Name: lang
Value: english
www.file-upload.org/ Name: visited
Value: visited, visited_expires=Thu Mar 28 2024 11:56:31 GMT+0200 (Israel Standard Time), path=/
.babup.com/ Name: _ga_3T7TKCZCC9
Value: GS1.1.1711619734.1.0.1711619734.0.0.0
.babup.com/ Name: _ga
Value: GA1.2.781967365.1711619735
.babup.com/ Name: _gid
Value: GA1.2.2014244938.1711619735
.babup.com/ Name: _gat_gtag_UA_119779859_1
Value: 1
.babup.com/ Name: __gads
Value: ID=a7e9d94c5f96fa22:T=1711619735:RT=1711619735:S=ALNI_MYaV3k6bqTLYWMvwonxFCxhOQbr-Q
.babup.com/ Name: __gpi
Value: UID=00000d851ed1222c:T=1711619735:RT=1711619735:S=ALNI_MZv8hH07Jp8lKiJlUfT9Dgs74PDIQ
.babup.com/ Name: __eoi
Value: ID=df1f5cead6f3af09:T=1711619735:RT=1711619735:S=AA-AfjbyUKZaatwOPuCGCsTM15k7
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi6Erq-1ne2jh418C9OdxmPTDFteL6uyX8tkKFa4c0dn_XW9JA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkZcW1Vb3QkFNA4qBgJtwSim_voKVR4ig4YYHzKygQkJ-WWGuT-89mH49CQ7AA
.babup.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_-BNb3qrUis7aounRIOJc2Bhgfdkxndh1L1-Bg5vn22y_T9qe9FsGQfCBy8dCmjHLV2glCJBLDSk-UtvWcCICVyKgXoBwrhd26ZsywIDnSPuFU3-_yAlxH5C4p__SF76D8u8U7vVpfEC8Qy53WUKZfWEHa3w%3D%3D%22%5D%5D
.googleadservices.com/ Name: ar_debug
Value: 1

33 Console Messages

Source Level URL
Text
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.babup.com/file.php?get=7z62jlxn8qgj
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.babup.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
certify-js.alexametrics.com
connect.facebook.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.dmca.com
pagead2.googlesyndication.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.babup.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
certify-js.alexametrics.com
pagead2.googlesyndication.com
www.file-upload.org
142.250.184.226
142.250.185.106
142.250.186.136
142.250.186.164
142.250.186.168
157.240.0.6
169.150.247.36
172.217.16.193
172.217.16.206
172.217.18.98
188.114.96.3
188.114.97.3
216.239.34.178
018687150309b8d0731bd17f618faed9eae43560efaf6ac3c14577b65af604c7
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
09b33fa489f3f2ad963779dd9b0eccdc0755a058c752d2e4d360eac1ab592967
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18a2be3620b2fa020578ec98b1dafb8cfc9b45cc395774fa8362901f888f97b1
1cf6184262ee48a15f2817d0bda10dffb56ed007523901907a1234dd74461554
1d434c11c0f31544dcfdf81418e39fe077d81acd1f1aeec9e157715ee4b53a4f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
36daa281bd61f8aad1937d66c33b6c4212fc4b98f8ee35fbfd9bd4c51619bb4f
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
40527af5a40463569879e9febf22c547549b04218b8d07b7a3f7b908e3ef6db6
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7222fff258341db0d855686d8938036fac34440bd20ad81b938c15b376925977
732d7d5bcbcd4de4a8effa90fc28b8045c38ff54345d8680826cbb2c81915449
75a149c936a4e12d6ddb2556c99c2994c143fa1085fce2578040f82d3858701d
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
78fa220e50e99de3dac509973166725dcb0e467a4fec4a18da0594100606c8b3
7cb1bdc08c38ba40cdb08b3653f38ee6dfc726792bb1b97edec2d5c74474e0f3
8120b7897bfc2362118cab9200d0180846a54131c4e0bc43bbe5f20b4aaf151b
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab0b8abc1a4ba6d252d5fa1dbd2ef66e4c87451c5932296f3c6395a7c5b99fcb
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
afc1b5462c12f1c068d93a411928b7392c241173ef1418bdd957458d2ab47886
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc79ede736e34cb795a62861da74150907964e3728d0d393ecf4ac1739ed402
d1c590a61289146ce22a4a264576b7809d6db8205c226831acb28dbe7ead0e86
d9d019fbf0044f5291f6075708de37e173cc62ab5eaf105eb7c206e63fd52cc7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e367a2d0e62116b0a999990fdf2a3584d916ca0458269b6a43e825b7bdbcb060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e483275bbff1656e26f29d7abc06865288ee233428d6f29d336385f790f54bcb
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f