www.babup.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.file-upload.com/a6cq82dkwnky
Effective URL:
https://www.babup.com/file.php?get=a6cq82dkwnky
Submission: On January 26 via manual (January 26th 2024, 11:20:51 am UTC) from NO — Scanned from CH

Summary HTTP 153 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 22 domains to perform 153 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.babup.com.
TLS certificate: Issued by GTS CA 1P5 on January 7th 2024. Valid for: 3 months.

This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 7	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
21	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 15	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
1	213.227.153.224 213.227.153.224	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
11	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	23.215.22.232 23.215.22.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.147.29 18.66.147.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.84 143.204.98.84	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:1200:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
7	23.218.208.47 23.218.208.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.192.228.113 18.192.228.113	16509 (AMAZON-02) (AMAZON-02)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
153	32

7 188.114.96.3 (Amsterdam, Netherlands) 7 redirects

ASN13335 (CLOUDFLARENET, US)

www.file-upload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.file-upload.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.babup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.224 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.22.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:1200:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.218.208.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-47.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.228.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-228-113.eu-central-1.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	541 KB
22	file-upload.org www.file-upload.org — Cisco Umbrella Rank: 864914	550 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	151 KB
13	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	71 KB
10	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 954 cdn.flashtalking.com — Cisco Umbrella Rank: 1296 ad-events.flashtalking.com — Cisco Umbrella Rank: 1404 stat.flashtalking.com — Cisco Umbrella Rank: 1445 secure.flashtalking.com — Cisco Umbrella Rank: 2387	61 KB
7	file-upload.com 7 redirects www.file-upload.com	2 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	66 KB
4	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3066 data.ad-score.com — Cisco Umbrella Rank: 2906	163 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
4	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20340 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 25373	507 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 570 www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	38 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	33 KB
4	babup.com www.babup.com	14 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	176 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473	29 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1933	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	148 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 15449	10 KB
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3835	13 KB
0	alexametrics.com Failed certify-js.alexametrics.com Failed
153	22

	Domain	Requested by
22	www.file-upload.org	www.file-upload.org www.babup.com
21	pagead2.googlesyndication.com	www.babup.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org www.googletagservices.com
20	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.file-upload.org
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	www.file-upload.com	7 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net www.file-upload.org
4	www.googletagservices.com	googleads.g.doubleclick.net www.file-upload.org
4	www.babup.com	www.file-upload.org www.babup.com
3	data.ad-score.com	js.ad-score.com
3	stat.flashtalking.com
3	cdn.flashtalking.com	ajs-assets.ftstatic.com
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	b1t-eudc1.zemanta.com	googleads.g.doubleclick.net widgets.outbrain.com
3	fonts.googleapis.com	googleads.g.doubleclick.net www.file-upload.org
3	connect.facebook.net	www.babup.com connect.facebook.net
2	ad-events.flashtalking.com
2	www.googleadservices.com
2	widgets.outbrain.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.babup.com www.googletagmanager.com
2	images.dmca.com	www.file-upload.org www.babup.com
1	secure.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	servedby.flashtalking.com	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	b1-eudc1.zemanta.com	googleads.g.doubleclick.net
1	zem.outbrainimg.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ssl.google-analytics.com	www.babup.com
1	ajax.googleapis.com	www.babup.com
0	certify-js.alexametrics.com Failed	www.babup.com
153	37

This site contains links to these domains. Also see Links.

Domain
www.file-upload.com
www.facebook.com
www.instagram.com
www.youtube.com
file-upload.com
www.file-up.org
www.dmca.com
safeweb.norton.com

Subject Issuer	Validity	Valid
file-upload.org E1	`2024-01-21` - `2024-04-20`	3 months	crt.sh
images.dmca.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
babup.com GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.babup.com/file.php?get=a6cq82dkwnky
Frame ID: F157780A98920418DF004C6437F7B8DA
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 0371E4A722426C4E8ADFDCF27BAF63EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1706268046&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046255&bpp=3&bdt=303&idt=263&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3755261679864&frm=20&pv=2&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 0AD8DF6509CDBCE100C3C44BC07250F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046258&bpp=1&bdt=306&idt=285&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=288
Frame ID: E2BDB5D1B9D426845789FA03763BE889
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280
Frame ID: F99A47CE7BA0CF7564AA714B89EB9C6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046272&bpp=1&bdt=321&idt=279&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C555x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=280
Frame ID: BBCF4857DA53B82CD7D43589EB6D3253
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEC31A6E54C2D3BA37AB5C291101579D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B73332D0F63A0225AC916F45AF35E48B
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: C7A99AA289438F94D15D64CFE68B2ECB
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 7572E086BD029F6BEE47CFB9285859F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1706268047&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268047738&bpp=1&bdt=1786&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a758acd5afe490e%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_Mb8nXzzksAITRuCeynXZQZ8DQDVKA&gpic=UID%3D00000d49d132186a%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_MbfAUzQj6-XWfuX8YZVjNNseOqYsA&eo_id_str=ID%3Dcda03a612ff98a3c%3AT%3D1706268046%3ART%3D1706268046%3AS%3DAA-AfjYx-EV-ChPpn6dEbFBBkOGH&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280&nras=2&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&psts=AOrYGsmQwIen6wMY7zR5tSUAlSfu4lVBRfBFcZazn5RLOI85SXJ6UJbnIFmJAH4t790r1CKtVQOKmLeridNHN6XM1a65Q1Xw&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=72
Frame ID: 8C6FA105495C2C7C7753E601C6E58BAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706268047&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268047738&bpp=1&bdt=1786&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a758acd5afe490e%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_Mb8nXzzksAITRuCeynXZQZ8DQDVKA&gpic=UID%3D00000d49d132186a%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_MbfAUzQj6-XWfuX8YZVjNNseOqYsA&eo_id_str=ID%3Dcda03a612ff98a3c%3AT%3D1706268046%3ART%3D1706268046%3AS%3DAA-AfjYx-EV-ChPpn6dEbFBBkOGH&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280%2C1110x90&nras=3&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&psts=AOrYGsmQwIen6wMY7zR5tSUAlSfu4lVBRfBFcZazn5RLOI85SXJ6UJbnIFmJAH4t790r1CKtVQOKmLeridNHN6XM1a65Q1Xw&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=74
Frame ID: DF93A837CCE6101D1E512221BECD67C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 3583E504FFDBAAE664744F106DEFF441
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 908D8D799D812201E3CBF94475CB741F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CBlack%20Ops%20One%3A400
Frame ID: A9C398C0F991F8DC8DC7F57B03632E5D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EDAB00111D1C46978E2BD54DE36FDDC9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY2e6KggIwAQ&v=APEucNWbhiLvnUHN2b7AFRQOF0B0Sr394xL_95W4cr0wqO0SN6tv0YY2uZIPP4T1e7ajmavDMk30ZgABAStuKMhXrU-W6suWUQ
Frame ID: 04F87AC0ACEE0CE14A7933C541194750
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D9E2D4C3A01C659ECDE1699823C211F5
Requests: 34 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 0BC4D7059A4CE899995CFFEED50E395C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D2DFCF61392BDEA96CF322E4AC04DA86
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4C79C5BBD08ED613FC60EC52A3963F4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

https://www.file-upload.com/a6cq82dkwnky HTTP 301
https://www.file-upload.org/a6cq82dkwnky Page URL
https://www.babup.com/file.php?get=a6cq82dkwnky Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

90 %
HTTPS

56 %
IPv6

22
Domains

37
Subdomains

32
IPs

4
Countries

2340 kB
Transfer

6444 kB
Size

17
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.file-upload.com/?op=payment_proof
Title: Proof of Payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fileuploadcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/file_upload/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSbk9gxKeQnawO7cZ0hZPJQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/make-money.html
Title: Make Money

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/login.html
Title: Login

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=register
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=forgot_pass
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/desktop.html
Title: Desktop Uploader

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=english
Title: English

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=change_lang&lang=arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=payments
Title: Premium Download

Search URL Search Domain Scan URL

URL: https://file-upload.com/a6cq82dkwnky
Title: Free Download

Search URL Search Domain Scan URL

URL: https://www.file-up.org/?op=register
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/tos.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/child-exploitation.html
Title: Child Abuse Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/copyright.html
Title: Copyright Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/contact.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/adv.html
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/dmca.html
Title: DMCA

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/reseller.html
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/links.html
Title: Links

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/?op=check_files
Title: Link Checker

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/refund.html
Title: Refund Policy

Search URL Search Domain Scan URL

URL: https://www.file-upload.com/banners.html
Title: Banners

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=ff6622a1-89c3-492e-8fab-02994910b766&refurl=https://www.file-upload.com/vsd4gox6iv4l

Search URL Search Domain Scan URL

URL: https://safeweb.norton.com/report/show?url=www.file-upload.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.file-upload.com/a6cq82dkwnky HTTP 301
https://www.file-upload.org/a6cq82dkwnky Page URL
https://www.babup.com/file.php?get=a6cq82dkwnky Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.file-upload.com/a6cq82dkwnky HTTP 301
https://www.file-upload.org/a6cq82dkwnky

Request Chain 13

https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
https://www.file-upload.org/mngez/css/app.css?v=1

Request Chain 14

https://www.file-upload.com/assets/images/logo_new.png HTTP 301
https://www.file-upload.org/assets/images/logo_new.png

Request Chain 16

https://www.file-upload.com/mngez/images/anti1.png HTTP 301
https://www.file-upload.org/mngez/images/anti1.png

Request Chain 17

https://www.file-upload.com/mngez/images/anti2.png HTTP 301
https://www.file-upload.org/mngez/images/anti2.png

Request Chain 19

https://www.file-upload.com/assets/images/norton.png HTTP 301
https://www.file-upload.org/assets/images/norton.png

Request Chain 27

https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
https://www.file-upload.org/mngez/js/app.js?v=20

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CrECJjpWzZfW1J7qptOUP2ZGQ2ALe1aDBcvHN19GoEqClgOyQAhABIIK6uHxg9YWAgMwEoAHpjfeZAcgBCakCTWdPBq9Ysz6oAwHIA8sEqgTVAU_QztEoeDA_yINnRFjWetzrHcu7zcjwyZSDAuJCck_VHKu3636l8H5Lp1eBIZalU8LeeJPgtz4EmVjvaBeccHfDW94FVint-iyw-IBh9BC-PhNfyOVaEpoU9yiWyi2F1L90ptxxnCU9Pq45LKswsIdLzzGZJnsqwm7wb9FS4UBWtPB-PJgoQlKrelpiGL0NIsArTsj0pTUXrSD_tMhd9962WXG8Q4DJSDW2sCvF__PgiqEdixao_KwQYznD-yxEyVes8TPLSJ_pXqZa0rUNM3ruTU5Y_MAEzJnaldQDiAWImtviNJIFBAgEGAGSBQQIBRgEoAYugAf_8YjmAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEITRBtIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY-sO65vf6gwOaCUZodHRwczovL3d3dy5tYXJpdG9hbm9sZWdnaW8uY2gvcHJldmVudGl2by1ncmF0dWl0by1yaXN0cnV0dHVyYXppb25lLWJhgAoByAsBogwIKgYKBKy6sQLaDBAKChDA6s34htOz8y8SAgED2BMK0BUBgBcBshccChoIABIUcHViLTkxNzY1MjE4OTgzNDE5MDkYAA&sigh=6431dGh_QwE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_dc8Zw1Mp3UkyIkvMmoLFD7Yg2QySULGLBDJCXZ9fXTwRp6U0dmbEse6tj6vygeSx9ahf-7zvCwAhfPPS9lbhAXK4gqeXBN7GM6AYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe7a123ceebbb4c000000000000000000%22,%222%22:%220x72ed333c90c507440000000000000000%22,%223%22:%220x574e180c9de880ba0000000000000000%22,%224%22:%220x7f32853250fd49190000000000000000%22,%225%22:%220x19ed1521411a34540000000000000000%22},%22debug_key%22:%2211824641971198209924%22,%22debug_reporting%22:true,%22destination%22:%22https://maritoanoleggio.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22322815721%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218392437635607463457%22}&andc=true

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbOVkGWfd.0MjAO4687gtgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1&google_hm=2

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

153 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

a6cq82dkwnky Show response
www.file-upload.org/
Redirect Chain

https://www.file-upload.com/a6cq82dkwnky
https://www.file-upload.org/a6cq82dkwnky

27 KB
7 KB

137ms
74ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3dd8cbdb8165b83f53b8991a6814d037378b068a2ef92f8523030e37a74435

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84b85e54b8740e17-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 11:20:45 GMT
expires: Thu, 25 Jan 2024 11:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oU38OKwGLJ9J4FJ4qlv%2FD1WjmLQofRg3Us6YVBML%2Ftabu0Y7%2FNWB%2B%2F1YPA2nPIt8T0FFWYrExdU%2FzaEpSDgX6%2BWrAMybwVIZjr49vo2LShJt9KkRh7ErvWsDCNkAaph2CHmPDaq6jD7MvWlk%2B5IBFENv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84b85e53adddbb29-MXP
content-type: text/html
date: Fri, 26 Jan 2024 11:20:45 GMT
location: https://www.file-upload.org/a6cq82dkwnky
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgmroLFqJa48n2uuAWQ46Ep%2FrRsxrwMdAkNkgjaA3bRt8Bs6gzsWCJAvS6MSFgXf3yUfWaQlAq7MRWMrPe%2BHW7WZkE7%2FjXA2A2FJn1CfjVPhARfGcB1yxhiPc9lixmyQuZNCXgIF"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 app.css
www.file-upload.org/mngez/css/ 247 KB
41 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1988581
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gi%2B%2FPiyEidAYpf0gnVBo7h37qJzp0CIysm%2BgCFQp9cYOwNmNTRWW6sT1UH8uv0111TMs40qE0ZN30IuRfwHb29Pjit2jDrqs1okvSf9cKlU%2BU3IkYKl64zV6MeOeC%2FAOwY%2F7LcAMtnumcaV5IEjObilb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 84b85e5529880e17-MXP
expires: Thu, 04 Jan 2024 10:57:44 GMT

GET
H2 200 app.js Show response
www.file-upload.org/mngez/js/ 235 KB
80 KB 100ms
99ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDdqcnaOiRx%2BQocy12iVvziQBJdy%2BhwR33ABNPs0PgtwgyXhlyVo5WrkRsU8WonEskPoFqgU%2Fpu1VNcgHepQFXBrXn%2BCmAQo0RJfD16HCQrQVII2F733V%2FVVDNRXivnz26Yn%2F0w134N5a7ERvLkM9q%2FR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 84b85e55298b0e17-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_new.png
www.file-upload.org/assets/images/ 3 KB
4 KB 29ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4861512
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXB43P1L1RE13AaWh%2BS%2FiaJqK%2B%2FdLbn4RVcltLN4AzZ7QFwkOPtGL3E6XtGJ%2Bd4JrO1V4lGcUWKc%2FrwGmB003nE0KL3UVzkbb39T%2FzMashc9w03tjYJSdDMCU0CT6tuGUBoiJ0wbs4DhsDJotNB1pmQw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e5539900e17-MXP
expires: Fri, 08 Dec 2023 04:55:33 GMT

GET
H2 200 email-decode.min.js Show response
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
24ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 14:02:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b26a01-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbIcJ0LVJwBlTH87PMrdwdVid0CZyihGknkAOlJQzjKaNkQDkRF86jFKaAkZHUJlZ0Z7rIID8X2KYtEWYjD9R%2F5nZ3IweLnNtGtDeQIhBMWRwzEXJ5EMp7zOkIRfZsp8xBuyd9XNhGtAJyunBdzFcPOW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84b85e5539920e17-MXP
expires: Sun, 28 Jan 2024 11:20:45 GMT

GET
H2 200 anti1.png
www.file-upload.org/mngez/images/ 19 KB
19 KB 30ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4958020
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGi%2BWIUtyjlArmrjxZcvQCuvnJs%2F%2BAxQvtuHJUJtRd6mbbSdn8D4isrVWWFZzVbVh2NVbj8MK7HUbv%2FZgAXIq7Gzj7F%2F3a%2BR0qIPuf7AW5jMhWjCs%2BGRFPmCOAMfqXicWqrZbF4kH0dhxV0db6GGeRXC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e5559dc0e17-MXP
expires: Thu, 07 Dec 2023 02:07:05 GMT

GET
H2 200 anti2.png
www.file-upload.org/mngez/images/ 641 B
1002 B 33ms
33ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6776397
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTJUfdhz9vwT%2BUINWNX02aOR1c0QLcEE0O4dh%2FBwZiwUpNkbZHFzezUBleoa%2B%2BLqK35F4G84BILXKPJJaJwNhMmJEuAeY5dXqnmfwOzavUQyZWH8ASsort6516RXyC6eM5IejEc3XJDtVwSw3ogTb0lt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e5559f50e17-MXP
expires: Thu, 16 Nov 2023 01:00:48 GMT

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 100ms
26ms Image
image/png 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 / ASP.NET
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 19:00:16
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 1bbab80dffe31c44a3414fbe1f45945c
accept-ranges: bytes
cdn-requestcountrycode: CH
link: <https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 norton.png
www.file-upload.org/assets/images/ 5 KB
5 KB 30ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4958020
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfBp%2FoSY0yGUhTmBY432a9UNO8sj2mn5Sryw3BuPABJ8sA2nOrQ%2Fa0tNwpeO7%2FJlzQNgDMaXxNl415jyVk03o9Js%2Bi3chYLrBtEiGGSv8ZJUt%2FdO856s9NdrhKREa1P4%2FYYJdGzd4y%2F19iUyufolQQUC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e559acb5a37-MXP
expires: Thu, 07 Dec 2023 02:07:05 GMT

GET
H2 200 Primary Request file.php Show response
www.babup.com/ 23 KB
7 KB 192ms
127ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 6550423bd3f1fa2d8529c496bc47357b50e6cf1a3c17825a73978c17b28be3b8

Request headers

Referer: https://www.file-upload.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84b85e566a0a3756-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 11:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIj6TMqJV6tFk3RCXH%2BnoTCbczSLTKQ98EKY12PTKFHLIPkNo0gvhM5TXSmpy5OnvacA3%2FADeYvyJOFi4KYb%2BB5VYTZ1dUHN0HdaEptuGSZPUrp7onDkjPmsOUB%2BhGURN0Y9Gza5jiYEieKB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.2.34

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 27ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6671668
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F5%2BnNdb%2B47g2hFoX8miFDzBaMYwJqsZ%2BkTkNPCf2T7%2BT2zjNj79gi%2FxgCKDpTC3ymbyFRLIiS0Oi2jwmG4inwGU2bIEtZgd%2FveUH3ibefPSOtcrGb7nL8L7IimAI4NhBPzU4fKif00LQnXOaL%2Bf2rBp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e560ba75a37-MXP
expires: Fri, 17 Nov 2023 06:06:17 GMT

GET
H3 200 fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 75 KB
76 KB 48ms
47ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5727
etag: "12d68-5fe4d56c8e4d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnP8AcjJ%2BDx03dhCeERfaIQ4v8maoFmhp3Fhgh%2FfKmOLh1QIYNcNnlQzjrMZ%2FfyqLgJC1HkoiRWtbIKUuJEnQt1G6jWeyw06w13AoALrNUBq%2Fe%2Fd8%2BYHMfWvHxc2y0c4Ml%2Fu2EbXanVFX9NUYwJQYjB2"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84b85e560ba95a37-MXP
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 85ms
85ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 989
etag: "1ee0-5fe4d56c8f861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YctmgCLlbQ9fmjrSKCif5coH%2FLAnE0GfJKmU3Ok%2FlR%2BW1%2FSA2E5vtHyfgXY4pIfo81Sd2QUCiXlxe5ZIuRbqH3OwpJspF4vVksMVRxUWM0XMq3%2Bw5AIHKLtCVhxzlx3pd7Yh7W4cMb%2F95HVSpZueABqk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84b85e560bac5a37-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7904

GET
H3 200 poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 8 KB
8 KB 86ms
86ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.file-upload.org
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1821
etag: "1ecc-5fe4d56c90801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX0rXu7mAS1cv2MkdfeJ3HotxTIAIBmRcJqdMfuys7lL5WJ88CnfvNjNYP%2BGqTOFzxC5XXrmWtaoOJ%2BUQWnBzcBgQ7YHI1RzEYgf9Mv4wFCmmonVfIokaFClCYTDQEXRgsKYJcSuZpMve0w7aiqv9EE1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84b85e560bae5a37-MXP
alt-svc: h3=":443"; ma=86400
content-length: 7884

GET
H3

200

app.css
www.file-upload.org/mngez/css/
Redirect Chain

https://www.file-upload.com/mngez/css/app.css?v=1
https://www.file-upload.org/mngez/css/app.css?v=1

247 KB
41 KB

70ms
70ms

Stylesheet
text/css

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/css/app.css?v=1
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H3
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1988582
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: W/"3dcf1-5fe4d56ca6b7a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJa1C7Aj7kg8vGt5M%2F1Y%2FA1RSSU8pOEy1zWPkA9hV5%2BCzCGyGdz4ljDPjUzjCNL22UunOX3m8lKPsk9UcTAY5fJP4uoivbqHVojRMPoTqL3xaxWH1pJrHKcN%2FBYqXRtviuE22RjYm%2B9DmZxlo4eaPGQN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2692000
cf-ray: 84b85e578e265a37-MXP
expires: Thu, 04 Jan 2024 10:57:44 GMT

Redirect headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 871
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io4M9L3jeoD8JiFt%2Bi6vr8lY10ODCa0KHcSqkcm7QsaCeuzPaPDA68r9JKAALxIszymyb4GH8vfr%2FU7M9%2BWUQftGpYSXFKotuwyfgWT9m3nN%2BUWuB%2Bxx%2BmdEkYqUcNUYk%2BImVbFH"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/css/app.css?v=1
cache-control: max-age=31536000
cf-ray: 84b85e573bfcbb29-MXP
alt-svc: h3=":443"; ma=86400

GET
H3

200

logo_new.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/logo_new.png
https://www.file-upload.org/assets/images/logo_new.png

3 KB
4 KB

60ms
59ms

Image
image/png

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/logo_new.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H3
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4861513
alt-svc: h3=":443"; ma=86400
content-length: 3215
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "c8f-5fe4d56f9b8f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE2QWWM236UWLG8LwTK4l%2F9Bip8rRLfQGN%2B5neiazuRcu9vHl%2FNHjLf9zmrRGRDMJTtjHd5oO%2BqqfrNmD8qsHUprRSH532UiazipuO5gt4n%2F6EKnIOoowT9emIuq16m2fZQoS9SxeNXj2pjGwoe63F3%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e578e215a37-MXP
expires: Fri, 08 Dec 2023 04:55:33 GMT

Redirect headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 811
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJAby%2BVXJpx4I4sXczjEsFt2imydbhVSGiv%2FBUhtdf8UYGyJGR4e6IisZkAEquXdj5NuhIdpfIhs8vu5oZc9AkW75v1u2abXgcUnzentVDPF%2BbiloV7IaifQVX6G4aMNhXDKu%2BgX"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/logo_new.png
cache-control: max-age=31536000
cf-ray: 84b85e573bfdbb29-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
www.babup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 14:02:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b26a01-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61bG4qhtxJsRDNbxQRkgmcjtgSloy96V0BLjagn%2FYjJngkz1sLujw%2FDGaaCK7JsH53bJGhap2MnZrJo75DuiOs%2BH%2FNlD2QGjmMa8fV%2F1rl2QDbbfeU4D5ZWWiYQ54LPZimZi%2FGnHXHuohn1H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84b85e573b413756-MXP
expires: Sun, 28 Jan 2024 11:20:45 GMT

GET
H3

200

anti1.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti1.png
https://www.file-upload.org/mngez/images/anti1.png

19 KB
19 KB

40ms
40ms

Image
image/png

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti1.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H3
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4958021
alt-svc: h3=":443"; ma=86400
content-length: 19118
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "4aae-5fe4d56c96d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPXpbc6a3uorHng6lqTW3TvEHq2wxfl%2FYtkGSHwvrOK5wAtJbyVpnO8IWJE6QlIytjUw%2FSsxCFCO3fB%2FUzK2rBEmrXwu1GDvaMYf65U%2FCWOwbWtgoN0vXVHDniwpCDlpeJFWo1qiEkBaNUOQCaE0lYOu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e578e295a37-MXP
expires: Thu, 07 Dec 2023 02:07:05 GMT

Redirect headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 811
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4%2Bd8%2F3Gn2J34fvbcbYti8BQeZG4i3RK48ls5%2Faye7iI0mNEkjwujuMOvAFkl%2BuU08T7zrYyAYLwLmir3AALdAJcZawk1jHx2E4dB3pkWVYThLjsPFb39JxVC9QA7IQKM19HpsQQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti1.png
cache-control: max-age=31536000
cf-ray: 84b85e575c17bb29-MXP
alt-svc: h3=":443"; ma=86400

GET
H3

200

anti2.png
www.file-upload.org/mngez/images/
Redirect Chain

https://www.file-upload.com/mngez/images/anti2.png
https://www.file-upload.org/mngez/images/anti2.png

641 B
1 KB

40ms
40ms

Image
image/png

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/anti2.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H3
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6776398
alt-svc: h3=":443"; ma=86400
content-length: 641
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "281-5fe4d56c988ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSyFSkEV%2FYLUiQLg4pRvBlG53o1N3RahpAW9AbBknnEXiPY7ZMY2IZYYlF%2B3zTbpIehdEJIHPiRh4vlsVH2mS3TqHHUN6Gbii2SGb3rIkGWaGsneSfTYzgCSpNOYQ32mR8CQSre97NOir1hIRXO01Cmq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e578e2b5a37-MXP
expires: Thu, 16 Nov 2023 01:00:48 GMT

Redirect headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 811
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3WAR2XkOP4XQxKsDAtP1tM9H6POoVg6eq5XbddnRb4zVnn1BTnjWZyhKMp%2F30rs8kfW5Uv3rBkepN1a7MzHtUVp%2FnZF0S0cscHDwKxow9etTFIhz9xjQIh0lxBG60UuS6dZQcbt"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/images/anti2.png
cache-control: max-age=31536000
cf-ray: 84b85e575c18bb29-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 _dmca_premi_badge_4.png
images.dmca.com/Badges/ 4 KB
5 KB 26ms
25ms Image
image/png 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 / ASP.NET
Resource Hash: 0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 19:00:16
cdn-pullzone: 1574055
content-length: 4535
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "0abbdbd420cc1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: d43d9b4785998997bf4595be7e9fd3ac
accept-ranges: bytes
cdn-requestcountrycode: CH
link: <https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=466fa1aa-ce2e-4b71-b329-6cd08d681302>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

norton.png
www.file-upload.org/assets/images/
Redirect Chain

https://www.file-upload.com/assets/images/norton.png
https://www.file-upload.org/assets/images/norton.png

5 KB
5 KB

40ms
40ms

Image
image/png

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/assets/images/norton.png
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H3
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4958021
alt-svc: h3=":443"; ma=86400
content-length: 4963
last-modified: Sat, 17 Jun 2023 06:23:28 GMT
server: cloudflare
etag: "1363-5fe4d56f95368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEp0NMQCCOzRQXzlJUiSIP%2BT9%2FHhg%2BAg3iaeO6%2BVwlIs0PjScVhxUSpgfC7%2BOf3GHC6i1VUPPgCoGj0DDmoNnXLKDp%2BqSBbiXyoPCndBWxg%2FCTOsXmJkU8vYc%2Fy6kIxjlKqeO4sh4GJEEm5%2Bs9l86V0d"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e578e2d5a37-MXP
expires: Thu, 07 Dec 2023 02:07:05 GMT

Redirect headers

date: Fri, 26 Jan 2024 11:20:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 871
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYYXpuOuVtPiulF2gC%2BAe%2B5wVxw4u51bVGxTyz%2BLS46EGzkWLSYgpfoSoLHSw065xZZYjqK8MRA038vINKahrLiZURRcj7%2BRwaKI5zIkkUNVHeAFhdZ6vlVwzI5UgLhh9l2n5q8h"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/assets/images/norton.png
cache-control: max-age=31536000
cf-ray: 84b85e575c19bb29-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 14:02:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b26a01-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9VQ8ESokUVBzcK%2F8yQjNxGab7jiwI6JCbwIVW2rskixqvbQJhcw7osZrbDGiLezkAYRfXyHplxRJcQN0%2FrOJSAeO74CZwIs3HYHmBUp%2BAE91nZvf%2BKxXuUN70TvfIorXut2RYIWsmW9OZgg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84b85e575b583756-MXP
expires: Sun, 28 Jan 2024 11:20:45 GMT

GET
H3 200 flags.png
www.file-upload.org/mngez/images/ 15 KB
15 KB 29ms
29ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6671669
alt-svc: h3=":443"; ma=86400
content-length: 15022
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "3aae-5fe4d56c9bbb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ya0RHyoKiz0Xq2gW6AXHdF%2B2DBGrFXSYCZbJJ0xCWy3XH5yHxfmiW0LRWGBt4XIYuAczfA0qFw71ArT5jHV%2FlZk%2F3%2BjQ80cCr76RAcN5812FAa2kLk0%2BVGuAnTzrgksJjtTpIbYJiUezcpqaPFigBz3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e57fec95a37-MXP
expires: Fri, 17 Nov 2023 06:06:17 GMT

GET fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 0
0

GET poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 116ms
65ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1be2cd886243c82588acbd0f88bd90ef5ffa444e97226de899969a1177167cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51438
x-xss-protection: 0
server: cafe
etag: 3931408010561503350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 26 Jan 2024 11:20:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 02:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 02:28:29 GMT

GET
H3

200

app.js Show response
www.file-upload.org/mngez/js/
Redirect Chain

https://www.file-upload.com/mngez/js/app.js?v=20
https://www.file-upload.org/mngez/js/app.js?v=20

235 KB
80 KB

97ms
97ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/js/app.js?v=20
Requested by: Host: www.babup.com
URL: https://www.babup.com/file.php?get=a6cq82dkwnky
Protocol: H3
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa0d-5fe4d56c9e2c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwgEYt7UyeRTGiT7P97kyfxhUD%2BmN%2Fug6O1wOdMMQv0d3UnUfc3%2FHVMqdufBBOIlgaTxZBK9ibZhh5x2AOhNe77NdoVkJD7yHLUI3PatEym3AqSYVoyME31zVASk%2F3ZB5ZX1nwnXqL8TNkmH8fPeBjrQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2692000, private
cf-ray: 84b85e583f525a37-MXP
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 871
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4M808MOV1Lkxm2ojJMsFSM2swzfEHWf0dbHL4dkTfEAf3EZhL%2F7%2BR7XQ6Yn9Te1kiuudmEgOzn8GV05FioW2N6HD0q8yoRSQL%2BnGxB%2FzRz6Xpl7KTbIriNzCdjMt%2BH1YjDOY3SK6"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.file-upload.org/mngez/js/app.js?v=20
cache-control: max-age=31536000
cf-ray: 84b85e580890bae7-MXP
alt-svc: h3=":443"; ma=86400

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 09:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5149
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 26 Jan 2024 11:54:57 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 75ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa065d68d911464d327db0383a006cd6e1d8c356eafa59fe3a418b27213efa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 11:20:46 GMT
content-md5: BCcAi/NEaAu86w3BRhswVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: vcWGcjZdDtuzMqGInDF+SjQXKPksBG6+RdftmivajtKNTrByEWCNBv+vjpSs3EqxkrTZYFoQ0XPS11aPco2zhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f0321702e1db71996ee324d2bff63121
cross-origin-opener-policy: same-origin-allow-popups
etag: "bf98d2e84f6772756d8126e145a7b9f4"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:32:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
86 KB 74ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3450a58fb25e679b239e3737aac74f993bc76f12011d35ca8df8173b667984ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 11:20:46 GMT
content-md5: 3k/iT99wLJaOHcQP2aRa0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86997
x-fb-debug: t2Hmh57qT9+Ghvx8VTTwx7iQEmqjpNPXS/5aZnVqGoh4HKFL/BiCqEDiuxqLUdnv7fBHCz9uiYsZr6SBVIaSYg==
x-fb-content-md5: aafb172b86e820b2d59760a45e1905ad
cross-origin-opener-policy: same-origin-allow-popups
etag: "004240c5ae5ccf8758b25767823fd519"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 24 Jan 2025 01:53:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 82ms
32ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bce58d63ee6dc3cc766ae94965eb9bfc12bae1aea1843017e88270a8a12e97db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69486
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Jan 2024 11:20:46 GMT

GET
H3 200 blockadblock.js Show response
www.babup.com/ 6 KB
2 KB 41ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.babup.com/blockadblock.js
Requested by: Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e367a2d0e62116b0a999990fdf2a3584d916ca0458269b6a43e825b7bdbcb060

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/file.php?get=a6cq82dkwnky
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5682
cf-polished: origSize=6947
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 10:11:48 GMT
server: cloudflare
etag: W/"1b23-6038039110a59-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWZsdeg31MBfWWX0OGcpMovZdQbnnQe3qjuOsthaIPk7qq5y38%2FVvIWpfnGldjpr1fFAafiRdpRxdp6oiiSgm%2FFTeFkREnJk9TlHfmKYZkKWhY2I0w%2BT%2Frjo6S2sngCcHzJFbo3XviE6DYTy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84b85e580d4e0e66-MXP

GET
H3 200 poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 29ms
28ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2317446
alt-svc: h3=":443"; ma=86400
content-length: 10420
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28b4-5fe4d56c94299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F0uU93Ovrv3iDU8dmNz1KEYCRmflEFiu%2FkDJoK94OhwzhUZZgWJbt62Vl6E3%2BOmOQab%2BjZlf2YJTM%2B7VhHUAZK8wdEcT1Fj23lyZ8pB2O%2BnDFMTVExCPfE0HB6omh%2BlEqFSQZf4OUmdNeCitmq%2FS5Ju"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e587b11bafd-MXP

GET
H3 200 fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 96 KB
96 KB 32ms
32ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2317446
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "17ee8-5fe4d56c8f479"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZo45aYDAq5HQptDhP%2FxZnU2ufHePOKaZjTBui0fIoj8CiBqhVq0LpeepGPDajetqmRi3jZv0Czt54%2B2M8mwXx9cT7B54piNUf7dw%2B%2BYfWjoklAAzehfnrMlvRF2oYN%2F%2F0b19a%2BitRRAYC1pW6%2Fiwq5w"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e587b1cbafd-MXP

GET
H3 200 poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 10 KB
11 KB 41ms
41ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by: Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer: https://www.file-upload.org/mngez/css/app.css?v=1
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2317446
alt-svc: h3=":443"; ma=86400
content-length: 10400
last-modified: Sat, 17 Jun 2023 06:23:25 GMT
server: cloudflare
etag: "28a0-5fe4d56c936e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8a1kMoOPK0ttO8GEcqDTwoi%2FK4hGA%2F8J7glSD%2Bvciz2CtZZx8NetEki9C7RkHh60TgZ1dvaMP1ZTTMx70s9iRJ46WIZ5XXIaA3x6dXgJfK8o5ylPk4ZRojalj8IN9JyagEpc3KxhRsJ3jxiqJqPrrCm"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84b85e589b41bafd-MXP

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c5726cab93d289a3e3999a3c0942b6a1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

503974c29f83b3e1b90f10945ab1bc105185625969b4a217a229b46b6c644f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 11:20:46 GMT
content-md5: R0WUwed7EHC5ccVofrUjIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88455
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: oGGTIYJ5/gHvnHLx9V8SmIVUyAWODrHb+e2KzMLiyj0NEy6VJYYDxrHJW2a+v4IJTD0RhoYbU4fF16h3D20qyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e08db1df713099ec45e13123a818b89b
cross-origin-opener-policy: same-origin-allow-popups
etag: "7d29b2744b828eb70572b4ef80855315"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 25 Jan 2025 10:18:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddeebfee7d668023c879ea2be1a356dc4fa23174d5750978acb909c639445673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 11:20:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 09:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5557
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jan 2024 11:48:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Requested by

Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5a84a07c849f846c92469476791d7b32ba2396fa17dd095f9b128397b0c443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Origin: https://www.babup.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51440
x-xss-protection: 0
server: cafe
etag: 3116367500660859016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 26 Jan 2024 11:20:46 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 151ms
107ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaacc82ef93a8875e4de6854b47dc8c16584dfa69a397f9dd5ac5e6b3bbfd393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139767
x-xss-protection: 0
server: cafe
etag: 7798604949614810379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:46 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 0371 9 KB
5 KB 71ms
22ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 43428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 23:16:58 GMT
etag: 9539045072340585784
expires: Thu, 08 Feb 2024 23:16:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 96ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je41o0v9114416819&_p=1706268046218&gcd=11l1l1l1l1&dma=0&cid=553134796.1706268046&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1706268046&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=546
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 31ms
31ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=332085175&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-us&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1570513483&gjid=1288861188&cid=553134796.1706268046&tid=UA-119779859-1&_gid=1717291027.1706268046&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=2028867161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.babup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AD8 239 KB
62 KB 1093ms
1092ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&lmt=1706268046&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046255&bpp=3&bdt=303&idt=263&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3755261679864&frm=20&pv=2&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b834ff16eacf4a97fb25656c46ff4e585debeefe22bf29378a268336a975bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 63350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:47 GMT
expires: Fri, 26 Jan 2024 11:20:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
76ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fa4fa66264d0d2c207556819a202b230886c07853685e97c33abc0301da4892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2BD 128 KB
42 KB 437ms
437ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046258&bpp=1&bdt=306&idt=285&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=288

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ec3cfab842057579ae612676a68604d1ab9ec4f507f2fe120c068811353cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43247
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:46 GMT
expires: Fri, 26 Jan 2024 11:20:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F99A 49 KB
17 KB 580ms
580ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5454a32c730194b415ad7bd1ff3b5a9a22ad0cdb029be672642c0fd4c05d73fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:47 GMT
expires: Fri, 26 Jan 2024 11:20:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBCF 714 B
578 B 390ms
390ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046272&bpp=1&bdt=321&idt=279&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C555x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

120e1326f58f865339db5ba87f60cadd92537c6bfc684782ec6a9db8daf7bfb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:46 GMT
expires: Fri, 26 Jan 2024 11:20:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 11:20:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEC3 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 83206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 12:14:00 GMT
expires: Fri, 24 Jan 2025 12:14:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B733 829 B
1 KB 81ms
32ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5d285cd77b8307ade930cbd4592f505f85763af3a15afc1a489aa63b85d346e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UOVGgBRH1_3nZanRPx8xSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UOVGgBRH1_3nZanRPx8xSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:46 GMT
expires: Fri, 26 Jan 2024 11:20:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame EEC3 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 10:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 10:22:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B733 0
0 168ms
168ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=4405710708861288&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EEC3 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VwaGwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E2BD 14 KB
2 KB 97ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046258&bpp=1&bdt=306&idt=285&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 09:42:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame E2BD 2 KB
822 B 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:50:21 GMT

GET
H3 200 3476445066299407086
tpc.googlesyndication.com/simgad/3227687138518139968/ Frame E2BD 25 KB
25 KB 112ms
112ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3227687138518139968/3476445066299407086?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91f9e3f623d080102f963443dbfe1e1feb88463d69189510b2e5afa980f3d78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 26 Jan 2024 11:20:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25198
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 06:19:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Jan 2025 11:20:47 GMT

GET
DATA 200
OK truncated
/ Frame E2BD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E2BD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame E2BD 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:50:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame E2BD 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame E2BD 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2BD 205 KB
65 KB 106ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame E2BD 37 KB
16 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 15:50:21 GMT

GET
DATA 200
OK truncated
/ Frame E2BD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 227d2b7da7cdcd77837fca8e4a303b55a7b8034901f64419f44cb43c413c621d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame C7A9 53 KB
14 KB 110ms
29ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7713fb56b5aa338b53d90b38fc0e121c963c29bd7781a8215311af5405e99491

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
content-length: 13756
last-modified: Tue, 16 Jan 2024 15:14:19 GMT
server: AkamaiNetStorage
etag: "551d2aec09d35b19b129e3e098883ad7:1705418627.814861"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Fri, 26 Jan 2024 15:20:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C7A9 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C7A9 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7A9 205 KB
65 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E2BD 33 KB
34 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 298870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 00:19:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E2BD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrECJjpWzZfW1J7qptOUP2ZGQ2ALe1aDBcvHN19GoEqClgOyQAhABIIK6uHxg9YWAgMwEoAHpjfeZAcgBCakCTWdPBq9Ysz6oAwHIA8sEqgTVAU_QztEoeDA_yINnRFjWetzrHcu7zcjwyZS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe7a123ceebbb4c000000000000000000%22,%222%22:%220x72ed333c90c507440000000000000000%22,%223%22:%220x574e18...

0
0

106ms
53ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe7a123ceebbb4c000000000000000000%22,%222%22:%220x72ed333c90c507440000000000000000%22,%223%22:%220x574e180c9de880ba0000000000000000%22,%224%22:%220x7f32853250fd49190000000000000000%22,%225%22:%220x19ed1521411a34540000000000000000%22},%22debug_key%22:%2211824641971198209924%22,%22debug_reporting%22:true,%22destination%22:%22https://maritoanoleggio.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22322815721%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218392437635607463457%22}&andc=true

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe7a123ceebbb4c000000000000000000","2":"0x72ed333c90c507440000000000000000","3":"0x574e180c9de880ba0000000000000000","4":"0x7f32853250fd49190000000000000000","5":"0x19ed1521411a34540000000000000000"},"debug_key":"11824641971198209924","debug_reporting":true,"destination":"https://maritoanoleggio.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["322815721"],"22":["true"],"4":["01-26"],"6":["true"]},"priority":"500","source_event_id":"18392437635607463457"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 11:20:47 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 11:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe7a123ceebbb4c000000000000000000","2":"0x72ed333c90c507440000000000000000","3":"0x574e180c9de880ba0000000000000000","4":"0x7f32853250fd49190000000000000000","5":"0x19ed1521411a34540000000000000000"},"debug_key":"11824641971198209924","debug_reporting":true,"destination":"https://maritoanoleggio.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["322815721"],"22":["true"],"4":["01-26"],"6":["true"]},"priority":"500","source_event_id":"18392437635607463457"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7572 50 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:12 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame C7A9 990 B
1 KB 22ms
22ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sun, 25 Feb 2024 11:20:47 GMT
date: Fri, 26 Jan 2024 11:20:47 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/MFRPW3YR4ZCB3BJE7Q7JXBXZY2SR3O4PPWMNU36H6QC2ZQBY5LY6SX5DJ5ZURX7WKGLDXN3D4GV2D6BYOQL5L67BJGTBV4NMTWBUVPTHY237G7OOPZTNO77IN5UYRZEBE52RJRYQMUNRGBAIX56NNXVTSZ6HOV... Frame C7A9 26 B
151 B 106ms
30ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/MFRPW3YR4ZCB3BJE7Q7JXBXZY2SR3O4PPWMNU36H6QC2ZQBY5LY6SX5DJ5ZURX7WKGLDXN3D4GV2D6BYOQL5L67BJGTBV4NMTWBUVPTHY237G7OOPZTNO77IN5UYRZEBE52RJRYQMUNRGBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NACA73CSYGCR23ORA3G6LOCVFFFQFTKEFH4QVMXQGQ54VXC3YJV5SH5OTGUBJQCOKQSUQHXYEYT2GUGXRUHVET6LSZ3CQVVU3PRTYIBAKUFBJVNITSSHFWZJS73FX5PDF4FQZJE5L52GN3YLLEGAEHZXIDXQ46DSYHWCDMKMC6Q2VEPYONDQ5V3AFSXB4JT44Q/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 11:20:47 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 6a4aed7f7d2ac843e3134ae1ad9a31f124.png
zem.outbrainimg.com/p/srv/sha/b2/09/07/ Frame C7A9 13 KB
13 KB 110ms
24ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/b2/09/07/6a4aed7f7d2ac843e3134ae1ad9a31f124.png?fit=crop&crop=edges&thomcrop&w=334&h=166&fm=jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

41a9bacab6618adedda5556118018e7934ad057d77ca2f62137426bb25f62643

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1779597
x-cache: HIT, MISS, HIT
x-imgix-id: 8c9475c8155c8d1fb3dc6c2a588e3e44842c96b1
cross-origin-resource-policy: cross-origin
content-length: 13088
x-served-by: cache-sjc1000120-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230040-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 05 Jan 2024 21:00:50 GMT
server: imgix
x-timer: S1706268047.369269,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame C7A9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80089fcfbb306f938984d77e97815e93c72e92f0b781072aa33b70261d799276

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 109ms
53ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 11:20:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 174ms
174ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=4405710708861288&bg=!trWltfrNAAa8BdJLnAU7ADQBe5WfODv-pTxXL3sSlRX-Og1sqTEOLaKut5SlfORPz219HM98MvOznZofLaznUM5K9uCWAgAAAERSAAAAAmgBBwoAFLcMEijG-48rCXD7BeEQzP5lQ88-mQK9XiqCv-PTNEwMSCY6zGR1oQrgYVbE1jbt-uEU5eX0R4IJQ562yBnp222gokDbZk_AnRDEEK4uELGrJWOULIfaIS0fK9Yg48YQSvUReMtrUmmL2FcmpWAdGfEiVjgArSKRmEumwzqW3qLi8djBxSsjriESSSwfz_m9ROKOZJZkFse31syUcW21sDFm0oRearlUYWKgA6pd9pYLOUrdiHDlImJXSF2qqBoTPBxLcG4mdEAuRkOjbsPQlonp0iSRIo3PLHYtiQ1NfbEQAo-s-3ZlT_1fjQr6ivAqaAhlNvzzwmaYJgZWc7-XnXt0KZgpC1yWC5OuhsAA62ll4Tl8NNLMh_u4nunI7z3h_U2h_iCHBUQ-6-u8yjf_dQojrPf_iERmvhntCum93Qw84OTK4VFbu4VeodJMG5CBvfPUy0fJlXfOTU_ylablhlnbGD-sangCgdBgwYdV0QF476ZUBXJR6AVyreIUbdTYESgyLjug6rI-tVxp9_7uokS1nTloYcy_vH-jkcCYOpWC7ig_1x1owa0BDSuKBhDT5xaVXnQC6irE3Ah77Lsjj93xqqAWG6iEqUt86kLSuKZHo13xNYvkKHRkuAutz5bzvTSBtmtrOC2WM7BrasETSJ-3-2uUxpfRSqDQ3zMFRMAbze4dwlWlW-UAfhO2UjcJWS1Iat0ko6bnjhYt2mkQml379L5Jr6AAqMsq0QwWSftY0N36XjissAEgZBvEDE5ozATymfXwJcH70oB5rAcf2da56TfuL02UFasIM8JzrRUOCA62Saf0ArZmd7_NWu8GuOX-FINC9OaJUSFq_IXmp79R6oCYgd0qRwhjtpN4WAMfAaimgnuYiVhHMpacjVDQy5Og3OsQgR-hyKrOqLcGpDH_PKI0UJR75V6LztO-rvh4JCSUIFHYgzT_yREYHnCxSZcQfgo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C7A9 0
19 B 62ms
62ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZKDujpWzZfPWJ46Zi9YP_Jup-AjXrJyCbsrq_Lz9EMCNtwEQASAAYPWFgIDMBIIBF2NhLXB1Yi05MTc2NTIxODk4MzQxOTA5yAEJqAMByAMCqgS3AU_QK9EsyRf07YYyEehQ9h97LF_udBt5W_ygfH-tQ1NaeveiSkErwOaSJfOwxuAZVfDLHxSwhoKxGwWf25nnZ8dAQNmJukJC5CbsHaIJG5sQR-6dhAE9fn5uHpGkjDokAcQIAxSD8tGB4OzzI-RaWh50wgoZ0aMOdK68mTROf5CIuTGpBdwL4H91XhNu1IvjUQ2gyD1I7S9fF3ByONDf1Yc5VsxhRvc6oKYvy_tDFjjFRwInrE7TL4AG55mH7vDSz-yBAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljp6Lrm9_qDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05MTc2NTIxODk4MzQxOTA5GAA&sigh=aOhGIeUDCj8&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_AX9KHr_kglZ7oK-pTe329ewEVfnqDrhTNcEo7MgE4Ms_tKreyjzrKnyrwyjy2rC_lBh1DHwBFZExjNIy1gzV-ffAOeqvOk6jhBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 11:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/f3b31aec-bc3c-11ee-9c76-54fddb394c47/ZbOVjgAJ63MEwsyOAApN_Eg-YrOHuyhjBbSjyg/KUGEKUKN4R6SK6U2KHBIUWLITLX2JQRWSTVKOCLBLAJ75IC2E5W5YBECYKAZOJRETHCKFZF... Frame C7A9 0
99 B 97ms
32ms Image
text/plain 213.227.153.224
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/f3b31aec-bc3c-11ee-9c76-54fddb394c47/ZbOVjgAJ63MEwsyOAApN_Eg-YrOHuyhjBbSjyg/KUGEKUKN4R6SK6U2KHBIUWLITLX2JQRWSTVKOCLBLAJ75IC2E5W5YBECYKAZOJRETHCKFZFYYIQZO32AV7WWSRVONV7BO2WGK5BOH7RANNVU7CCVCDB6EN6UXMSXTMII3UIT6BEVL4GVX2NIMRGA4H7MYZUTUJUGC7MKVFYIZMA25SBF4VSTYKNVNRG7QQMSURPCJZU6P6DPJCADNODCUOI4DUI4AWRNU2MOTVALZXX35X2456V5OHVQ6K6HJYJUB5DZZLR2UONRSB4D76OJG5QXTFW7RBGWOSVMRUCZVH4IDCNTPDMAUSNMUV5C7KR7ANAD7MARFKCQGJK3MDK72A7ZSOWYP6NJNYTYDF2NWWGF7RAOJKP24FR3CTMB3ODZKND5RUQDBXD5YPV6TTAGA3Q5KHGWGWFFAXG7X7WB3DO46FUKXGXSFHGKDO5SKR7HZFMBQG7HPOVVTVIXV2UWD7VZ7FRSU5NKG362O752PQDZWEGMFY3WYAIKBVWE5WE4KMS2PIZN3VMFQNW7CJZ5BVJ2ISAAYEAIDR4X2ZIJ53SKNVE4GRDZ2H35YAZAEPCOXQ3Y5TCOL32HGI4QOP2YVRLCCCPJ42HXPDRUNUJ4NWPO36G56DUYRQFPVJXYR5QR2SVWELH5MGB2GUZOXFLMFK6QXUUYVFJEGKWGKE3HBERXQKQXJ5KONATSO4JWZLB43KQK6JOGACS6E65D7SPSOW55DNJDJOKGU4SNDREGYPHM6EFNICISIPHKMU3M5RCMJCKRRKY23BIUU7AARGUWSCVC2W6C5BZGYRJOLL64NGDZE4BXYHZQ/?amtw=&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&fwrn=4&fwrnh=100&lmt=1706268046&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268046270&bpp=1&bdt=318&idt=278&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.224 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Jan 2024 11:20:47 GMT
Content-Length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 163 KB
55 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a47be012687bc6cf4c1d8d77cfc3aeffc6f9d3f949c372fd6532c6317b54898e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56684
x-xss-protection: 0
server: cafe
etag: 2701779588653041134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H2 200 ca-pub-9176521898341909 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 112ms
57ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9176521898341909?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b95af781c1c239444462c90d24af3a26d88134c88cd916b396339634883f6c8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cBVbpWwA6LOcZqDxFaEFdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cBVbpWwA6LOcZqDxFaEFdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusKoxSXF4KwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIh6N_9bm1bAIT_t58xAQA7BRhzA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C6F 436 B
235 B 278ms
278ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1706268047&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268047738&bpp=1&bdt=1786&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a758acd5afe490e%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_Mb8nXzzksAITRuCeynXZQZ8DQDVKA&gpic=UID%3D00000d49d132186a%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_MbfAUzQj6-XWfuX8YZVjNNseOqYsA&eo_id_str=ID%3Dcda03a612ff98a3c%3AT%3D1706268046%3ART%3D1706268046%3AS%3DAA-AfjYx-EV-ChPpn6dEbFBBkOGH&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280&nras=2&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&psts=AOrYGsmQwIen6wMY7zR5tSUAlSfu4lVBRfBFcZazn5RLOI85SXJ6UJbnIFmJAH4t790r1CKtVQOKmLeridNHN6XM1a65Q1Xw&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=72

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3758f6cba90322b8e12eebb9cd4f01fca6a2b5821e1177ce8f2ff673d45320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF93 436 B
234 B 701ms
701ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706268047&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706268047738&bpp=1&bdt=1786&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a758acd5afe490e%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_Mb8nXzzksAITRuCeynXZQZ8DQDVKA&gpic=UID%3D00000d49d132186a%3AT%3D1706268046%3ART%3D1706268046%3AS%3DALNI_MbfAUzQj6-XWfuX8YZVjNNseOqYsA&eo_id_str=ID%3Dcda03a612ff98a3c%3AT%3D1706268046%3ART%3D1706268046%3AS%3DAA-AfjYx-EV-ChPpn6dEbFBBkOGH&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280%2C1110x90&nras=3&correlator=3755261679864&frm=20&pv=1&ga_vid=553134796.1706268046&ga_sid=1706268047&ga_hid=332085175&ga_fc=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C31080533%2C31080588%2C31080591%2C31080619%2C44809005%2C95322195%2C95320892%2C95321627%2C95322164&oid=2&psts=AOrYGsmQwIen6wMY7zR5tSUAlSfu4lVBRfBFcZazn5RLOI85SXJ6UJbnIFmJAH4t790r1CKtVQOKmLeridNHN6XM1a65Q1Xw&pvsid=4405710708861288&tmod=1714762257&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=74

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51eeb34b16bc39881cba9146d5bf384a8991db772c506dd0f2592d489b2cdb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 3583 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 71359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 15:31:28 GMT
etag: 9539045072340585784
expires: Thu, 08 Feb 2024 15:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 908D 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 71359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 15:31:28 GMT
etag: 9539045072340585784
expires: Thu, 08 Feb 2024 15:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVZYHa_Te6G3Lnt_vqqb3mOU3RnduF5YFp0dVG95Jlz2K7P8CkAzQdomzRU4bcbwgswE4NZQYQYWHh3SSHbsXU6-vGUAQIZ3wkwf9krxAaQzq-MJxKsAvDQTA-LXdWvPCnyIuCusQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVZYHa_Te6G3Lnt_vqqb3mOU3RnduF5YFp0dVG95Jlz2K7P8CkAzQdomzRU4bcbwgswE4NZQYQYWHh3SSHbsXU6-vGUAQIZ3wkwf9krxAaQzq-MJxKsAvDQTA-LXdWvPCnyIuCusQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MjY4MDQ3LDgzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f85ef7e7b3cb06467619d23a40011bc5c93e9ca9118044aa70ef7e7ea7bdd99

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mHnSBJ7RCYjSZPL4yUb74Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mHnSBJ7RCYjSZPL4yUb74Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIC67fY61DoiFeDj6V59byyaw4VvHXGYAo65cUw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3583 4 KB
744 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 09:36:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A9C3 9 KB
1 KB 33ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CBlack%20Ops%20One%3A400

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f0c8f15addf2b65d14438e35f5c815e359e20ec28bfcf504b39d0ec2bdac765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 11:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A9C3 2 KB
822 B 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:50:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame A9C3 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:50:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDAB 143 B
166 B 25ms
25ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 10:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A9C3 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A9C3 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9C3 205 KB
65 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame A9C3 37 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 15:50:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 3583 16 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:41:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3583 205 B
520 B 26ms
26ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 13:51:31 GMT
x-content-type-options: nosniff
age: 250156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 13:51:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3583 604 B
696 B 26ms
26ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:34 GMT
x-content-type-options: nosniff
age: 214633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 23:43:34 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 3583 22 KB
9 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:38:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 04F8 478 B
198 B 59ms
58ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY2e6KggIwAQ&v=APEucNWbhiLvnUHN2b7AFRQOF0B0Sr394xL_95W4cr0wqO0SN6tv0YY2uZIPP4T1e7ajmavDMk30ZgABAStuKMhXrU-W6suWUQ

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:47 GMT
expires: Fri, 26 Jan 2024 11:20:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D9E2 89 KB
31 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D9E2 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D9E2 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9E2 205 KB
65 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:20:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E2 42 B
63 B 168ms
168ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AybOtRxwJm1R1zUq2eCJJKNCw-BzP6HiHBfDE3JfseoRAPiT4Tww-jv15nuMJpV2cafU9GkutGUrriT5viSYqgNuDpdfu1QJZy8kicw2FJS1NoxW0

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUSaNKVsh_eJzVqgZzjZTWm4McRwYlaIQ53ETGJTUlAHG1z4PhTczbQREmTnIh1vLNZ9xmTyenv58767dlhZenxMkHoOFD3TFSMzPpnoKeD1itupxn61cDyT8Gm36VNYbyISjrw6Q== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUSaNKVsh_eJzVqgZzjZTWm4McRwYlaIQ53ETGJTUlAHG1z4PhTczbQREmTnIh1vLNZ9xmTyenv58767dlhZenxMkHoOFD3TFSMzPpnoKeD1itupxn61cDyT8Gm36VNYbyISjrw6Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MjY4MDQ3LDk0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJhYnVwLmNvbS8iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7654e435149df886ebe742c65c69aa8c4a26bc2a2492e5e4bd9d64979768736

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SdwO3Nm3L3WQ50rlyt9bGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-SdwO3Nm3L3WQ50rlyt9bGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gbistvnWOuAWIiHo3_1ubVsAjv23bzEDACmu1yh"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 04F8 170 B
243 B 104ms
40ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY2e6KggIwAQ&v=APEucNWbhiLvnUHN2b7AFRQOF0B0Sr394xL_95W4cr0wqO0SN6tv0YY2uZIPP4T1e7ajmavDMk30ZgABAStuKMhXrU-W6suWUQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 04F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1

43 B
336 B

49ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY2e6KggIwAQ&v=APEucNWbhiLvnUHN2b7AFRQOF0B0Sr394xL_95W4cr0wqO0SN6tv0YY2uZIPP4T1e7ajmavDMk30ZgABAStuKMhXrU-W6suWUQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT%2FuK%2FmomSC1jNiemssjWdELYNYtBtSntE3yvRmvQBhrm3epmIY8rN9ILzhRDl2DJ2MhIxQMCvkctbR5CbLMpxpP%2BPGVRmdzZVtjp2GpWx61IgMfnGT4xm7Ch49UoF4SV3obh6bmdY97LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b85e644e4d01eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 04F8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbOVkGWfd.0MjAO4687gtgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1&google_hm=2

43 B
771 B

46ms
46ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY2e6KggIwAQ&v=APEucNWbhiLvnUHN2b7AFRQOF0B0Sr394xL_95W4cr0wqO0SN6tv0YY2uZIPP4T1e7ajmavDMk30ZgABAStuKMhXrU-W6suWUQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1txSRkRGi5BRaObkgmULuai6ezZvryRp%2F7XWRdbqFiNAExq42q1n2FvBzAel3VnISFA2svRYnu%2BYHslPwGInnkpaDM6IP%2BmNCFyT74Ilf%2BrYXF4AG6xKzjNuklvWX56h0uZcMYKSMcd%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b85e64c8f001e3-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6OTr5K2cdukQFBXhB6soE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDAB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
36ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:48 GMT
expires: Fri, 26 Jan 2024 11:20:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 11:20:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E2 0
20 B 169ms
169ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3591573583802&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E2 0
20 B 168ms
168ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3591573583802&version=m202309260101&ct=77&x=1&cor=14247684673298700000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D9E2 20 KB
13 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjikhzOFAb_-lazqYhYL9zVYC2IAXr2ZFsyJ6iIHHkW-2OtVb088uPETOsHgJZvhn_ntGKFqEnruFJW4xTxi_7_NMDKO9dzFwsEo0yXtn7hvF06QtwSF2-rbwdzI1i1Xgju6rrnbv2FZ14aSplVa-oLEa9EeTIqNaihSIf9F4_xBAlUc4&cry=1&dbm_d=AKAmf-DrwCoUL4W64TpfD91hFFtpM-Q2dQwJBoWiMGgVdQ2gBf8DCddWhkTWm3dZk_sjUJM71N5D6xvYMkzwnhILboW9nYnZtAcl1DvU-11dUaIxzuO-OqKnUOPTIhiADPiOrDSWMB_XTkQd0YsIM0B-Ct7oVoO3wi0Bdxny4SiyQPIKamH7aDcNVWPduxVa5RhBPuW4F_6oKl-k2qs3mExn_kqisEKSMjYl3Qim6aMZlPtvyd-wZWwT8H6lYPBCmndMh52RmqApHf_TN2TXFMz8uTWL1NP6lyUwU-11ReoHTzP5Rv9mYBx529UWW0Ky8QZB5pMbGdG0AeUExlnaghSnHFaAIRGw_qcOzD-gYxxFJy4ic687zDfhO8uQGj_G5lQNSN4J72-66UzoZxjP2OGReUwyvvNBIa9UIVDtHRLdZNw-pYKcRHcU2SiKzSbE-EbaRzbeG0xh1zbF0awEQqatGeG83r83uF3-VZii5lBunQ1R9rrcNDrmwBpVoZ4VglT8T2C9bKnDkVJxsavcGUnyo8bljwLhhqU-e5NvaTqtTL0CeeLBlOb-a2-Sm39d1gI1UikxMWR3lOQZDvRrJCqexlg8c3XMKnAYASMuhAKAYWb9Qm8MORCYJr0oxXhBqa6zTRCz5GlMnVMc9aRdp4HvBouNifBkbWNSY0ctXnydWnijLa5D4FNdhMXhAOdPv2D5L7xWUZU8276kYQG18F-gvWayv5uIheMunMeaEpwefvsvL_1CQfLN6085ST4G-IjAsEsoMkEn6tsKBdh3FxkGaq1_VwGxC4L82Qi1idiJA06mdZdL0NtdTcxBH9gU7G6XKKdaQWBgv9LiwnblXfZDVgY0jZ8IZ4njm4DuvwwbjEV6-3y_HpfQDrbjpIlXGf1186iJ-eDb8cenjV3tm-Mh1GpT9skLoAJFKPHCb8i0HJKYNHROdCWoEk8g3qTqDe2x1vA4QaOOGzW1FZN2UgpMvDz0RonPFmRsgzz2bQ9DIEa7Gf5D2nd02D2vNpbC70kuLuV5wZ1lE9jLmP4q54q5gVQf2-F1CL2zgK6IVKRZvpWDUQ33ysz5pnJil7nLwhEYDI6EuXoeodtPZr5J418CxVidhqKCbEYFci72wMlmvbkv5KOHs-vo50omqZajEBGpYu1OyMsJ0G5Afp8HmOgXv5kj1QbAW4AnFxEVwzbqzlypyWx8nJr-ApwSKDKyN3v0csFDhVZhZ6ix_MoEBUI3cbGnU58E6lXf6dG1we_dFKjja8Itb9bHZnEsf_d-HXDyICzexl_V5lWurBUVVifJv7fuqMIhef1GB6nGPZBLBRSLFR7Mul48rSr3Ghi6E3hIJK_j7NNK56SFwjJFkftUlJAeYWX-PmL6nD11rT-lPs-uAlQ3xhI0AcNWsTn3SsdkLvtarfz0As6ZyML2D_JcGeW3IsEq4zs58bANwYT3SUHBhTEKU1vuGxRNtfTkY-7DHbOOLnlNrp1gvTeWX1FvG4f5dH73_lFB3BxvQ-dHYNBezbmWWjqXu_eiyi3zS4YNwiXkN4pWQGcjrcvQAU821VgG_LERyrSxNZpgtQBTzmLJzRp-Z4bhTVI3neBk6eo6bIQJuPLZy5vJYOqJ4QZjCl35wwXS86mw3XD_P3m28wEha5hsdATdTVR4iD8QTYgMm-_CQkH0cA1LWdyp7xA6n3SI75YZUtVRwJEI35Z-sy_Pis8xzGvLrfWjxRQey92eUyi46Vmv5pgyxGye5M3DZ1f_W5t5W2ofdesueyzE_FubXqUEdiMasCyNShXJvRdKEqINKezHwRB9TtYFHYeupf2yvS7fnNw2AewTDLKgIp1HvTDAGsu17h3bMt4O6-txmpVceQcUFXORAsG8eNlO0t8kbcqzQnJDTygAOk6pW4a1taCwpvGVsmMgb39-n2K-FHfFh31jElzUixqxZSgiDTHDvu3UA5-w5xfFtNuAwWNGrnheexb0aVspwqhlLaFVBqLEvUT2uRDqRkbKXDzSec0y-H5Yrn9o7CGjwz0TDkndoafT2f77s-wC32m1VJpOxWJQc8k2BIieZuoou5RkL7e10M3W3wFfpNE54CxHMMh1-bWIsqP5QP_u4FDfUOo_pk9GiAP-OfdvIh5OgxegloGlv-ymz27UC2nXz4tKi1ZtK0vYNI6dTrDSfmWbiNE8ffcEIMSdOygML_SCNFV6Em2je4djj4BARv6DzRoR-TZvRxGUDr-0pimQ7gZVNMf-j6nmQYEd24OCwT8pbCesW7Z5AxOKoQ1OiSjKjty0SsuBv5r4ttSPRxPtiayO87S9ZcIilRvZVqw98QtTq1K5bkszNy53PoRZtU_kbY8VoZlDtbMjiOQc3jkGZaRK2J0d9Br9hZ9EK5bL0DMk4DtxCCXwBALrxLCXhbZ8WjYhbtx1aaArBjl_9qm-mFYmc9zjvUMDcTFMQP-LSpfBcZPqEPJds2NrPSB2e_00o4zNaeSE4qsYQC-YSD5mGDi-xFTeWpx7jvwB3TVbERsYdblxLaoTKaRuM1DdwN8VyWmH250QbkAo3R6BjAyobePHiUP1pkVxXWRspATb7avTEsoAuzIG-_8ryzo193PbxqiXVg2PaXL3v4hhc8R1QaSGSn6PlZ61n3ExlW5Ir-rZnhogio2dlEvCNw1gn2toBTFHRvfeJvzbi9ED3MUoRZAUTuREIwaCnxEt_WgqPluvmSa8p5r8vfZ18O_jP8mYD7bf-P6Q88bVgyf7zVq5PXJl1MfYXLRb2whLrIuIGMRMXfw_iKdR2VIlBHO3FF1Ra6N9SiDMu_fi5qIA24f0HwfQ_1EXH8p0KAzXLGrMUZhuldgqZBuw4ZtvcuyiS5MGxzLuTjxi0X-FelAQ_eqgszpEQdJdDlGGBhbTSsEchnjs4-lsb2fbiHq3Gq3zti_n1AsiggggX4mzN0WpobluNhS63HqMPT8mmzT7GRWbCjSQLGVS3DAkz_namf57hUGxmcXi-rj3MpeH5ccWSXqcmy1C_yy_KcQOQRRysENHcXDIUhVw5gErcdAAm67LkxJeYq1zspyTZgg95keYxRh0eSBwWA0HrH_-YgbYmMwRSF63l6pDXnlwj2C11jMnej2nAf1f9Pz-qpAdiRU8Jzm6u7xLnNUZbE874BzP6HulcxXhi_AkaIQld2qW9V4obXncINTqsFaee2D236fkSjwIgQ0FXmWTZJvjGhoaXCsNcH8QlVrqL6AUEtUt2-CTZ1cyaVRF-e9_D6I5RPb1CZdp9po2IiXYdFykzUrw4LgVtqj0fA99OwKLshGp_v-hT1TgihfAgg6jSYHu-VWkq2RixwLv6Bi9zQEQ3VCouPjwCNAT9lTI1fq0EJfxRQS6x8x_86G53GxkLQ2AzOgyO87XuE8h-_dkbE0t7yWONEkrLGcb9Dv4FqgeBeLX8Pjw0m_RNWXdbHLUdVUiwSNViDnyL68J4huR0taJzWx0AVlLIsZ7m_9H9MwCFxvX0cy9qWkaE8W2PzpjfXHTqkf480yJEyMVwQpCLXwM2umeF_2TgRdGJpLSMFgSJA5rr19_ynaUgpXHzMh51HFTmzEzOV9ENWysRXdiGgMSLWbkcMF9Wj90UvYRHWLcfgeV5Q&cid=CAQSTgAvHhf_xnJZVJG0u77FyeUV6wgIsh-rcJyZnC_Nbsyr4WCe8CqGwNAuOc0KG6Rxtr0zrRxyFO1SmSzPYdmRonnJbuJQ-b7mKr5xJTBRGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14247684673298700000&adk=1935140219&idt=81&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de1e921d5778b283af3af98be373ba4d462d7d360be829ce7a474c7a456c7e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13563
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D9E2 41 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjikhzOFAb_-lazqYhYL9zVYC2IAXr2ZFsyJ6iIHHkW-2OtVb088uPETOsHgJZvhn_ntGKFqEnruFJW4xTxi_7_NMDKO9dzFwsEo0yXtn7hvF06QtwSF2-rbwdzI1i1Xgju6rrnbv2FZ14aSplVa-oLEa9EeTIqNaihSIf9F4_xBAlUc4&cry=1&dbm_d=AKAmf-DrwCoUL4W64TpfD91hFFtpM-Q2dQwJBoWiMGgVdQ2gBf8DCddWhkTWm3dZk_sjUJM71N5D6xvYMkzwnhILboW9nYnZtAcl1DvU-11dUaIxzuO-OqKnUOPTIhiADPiOrDSWMB_XTkQd0YsIM0B-Ct7oVoO3wi0Bdxny4SiyQPIKamH7aDcNVWPduxVa5RhBPuW4F_6oKl-k2qs3mExn_kqisEKSMjYl3Qim6aMZlPtvyd-wZWwT8H6lYPBCmndMh52RmqApHf_TN2TXFMz8uTWL1NP6lyUwU-11ReoHTzP5Rv9mYBx529UWW0Ky8QZB5pMbGdG0AeUExlnaghSnHFaAIRGw_qcOzD-gYxxFJy4ic687zDfhO8uQGj_G5lQNSN4J72-66UzoZxjP2OGReUwyvvNBIa9UIVDtHRLdZNw-pYKcRHcU2SiKzSbE-EbaRzbeG0xh1zbF0awEQqatGeG83r83uF3-VZii5lBunQ1R9rrcNDrmwBpVoZ4VglT8T2C9bKnDkVJxsavcGUnyo8bljwLhhqU-e5NvaTqtTL0CeeLBlOb-a2-Sm39d1gI1UikxMWR3lOQZDvRrJCqexlg8c3XMKnAYASMuhAKAYWb9Qm8MORCYJr0oxXhBqa6zTRCz5GlMnVMc9aRdp4HvBouNifBkbWNSY0ctXnydWnijLa5D4FNdhMXhAOdPv2D5L7xWUZU8276kYQG18F-gvWayv5uIheMunMeaEpwefvsvL_1CQfLN6085ST4G-IjAsEsoMkEn6tsKBdh3FxkGaq1_VwGxC4L82Qi1idiJA06mdZdL0NtdTcxBH9gU7G6XKKdaQWBgv9LiwnblXfZDVgY0jZ8IZ4njm4DuvwwbjEV6-3y_HpfQDrbjpIlXGf1186iJ-eDb8cenjV3tm-Mh1GpT9skLoAJFKPHCb8i0HJKYNHROdCWoEk8g3qTqDe2x1vA4QaOOGzW1FZN2UgpMvDz0RonPFmRsgzz2bQ9DIEa7Gf5D2nd02D2vNpbC70kuLuV5wZ1lE9jLmP4q54q5gVQf2-F1CL2zgK6IVKRZvpWDUQ33ysz5pnJil7nLwhEYDI6EuXoeodtPZr5J418CxVidhqKCbEYFci72wMlmvbkv5KOHs-vo50omqZajEBGpYu1OyMsJ0G5Afp8HmOgXv5kj1QbAW4AnFxEVwzbqzlypyWx8nJr-ApwSKDKyN3v0csFDhVZhZ6ix_MoEBUI3cbGnU58E6lXf6dG1we_dFKjja8Itb9bHZnEsf_d-HXDyICzexl_V5lWurBUVVifJv7fuqMIhef1GB6nGPZBLBRSLFR7Mul48rSr3Ghi6E3hIJK_j7NNK56SFwjJFkftUlJAeYWX-PmL6nD11rT-lPs-uAlQ3xhI0AcNWsTn3SsdkLvtarfz0As6ZyML2D_JcGeW3IsEq4zs58bANwYT3SUHBhTEKU1vuGxRNtfTkY-7DHbOOLnlNrp1gvTeWX1FvG4f5dH73_lFB3BxvQ-dHYNBezbmWWjqXu_eiyi3zS4YNwiXkN4pWQGcjrcvQAU821VgG_LERyrSxNZpgtQBTzmLJzRp-Z4bhTVI3neBk6eo6bIQJuPLZy5vJYOqJ4QZjCl35wwXS86mw3XD_P3m28wEha5hsdATdTVR4iD8QTYgMm-_CQkH0cA1LWdyp7xA6n3SI75YZUtVRwJEI35Z-sy_Pis8xzGvLrfWjxRQey92eUyi46Vmv5pgyxGye5M3DZ1f_W5t5W2ofdesueyzE_FubXqUEdiMasCyNShXJvRdKEqINKezHwRB9TtYFHYeupf2yvS7fnNw2AewTDLKgIp1HvTDAGsu17h3bMt4O6-txmpVceQcUFXORAsG8eNlO0t8kbcqzQnJDTygAOk6pW4a1taCwpvGVsmMgb39-n2K-FHfFh31jElzUixqxZSgiDTHDvu3UA5-w5xfFtNuAwWNGrnheexb0aVspwqhlLaFVBqLEvUT2uRDqRkbKXDzSec0y-H5Yrn9o7CGjwz0TDkndoafT2f77s-wC32m1VJpOxWJQc8k2BIieZuoou5RkL7e10M3W3wFfpNE54CxHMMh1-bWIsqP5QP_u4FDfUOo_pk9GiAP-OfdvIh5OgxegloGlv-ymz27UC2nXz4tKi1ZtK0vYNI6dTrDSfmWbiNE8ffcEIMSdOygML_SCNFV6Em2je4djj4BARv6DzRoR-TZvRxGUDr-0pimQ7gZVNMf-j6nmQYEd24OCwT8pbCesW7Z5AxOKoQ1OiSjKjty0SsuBv5r4ttSPRxPtiayO87S9ZcIilRvZVqw98QtTq1K5bkszNy53PoRZtU_kbY8VoZlDtbMjiOQc3jkGZaRK2J0d9Br9hZ9EK5bL0DMk4DtxCCXwBALrxLCXhbZ8WjYhbtx1aaArBjl_9qm-mFYmc9zjvUMDcTFMQP-LSpfBcZPqEPJds2NrPSB2e_00o4zNaeSE4qsYQC-YSD5mGDi-xFTeWpx7jvwB3TVbERsYdblxLaoTKaRuM1DdwN8VyWmH250QbkAo3R6BjAyobePHiUP1pkVxXWRspATb7avTEsoAuzIG-_8ryzo193PbxqiXVg2PaXL3v4hhc8R1QaSGSn6PlZ61n3ExlW5Ir-rZnhogio2dlEvCNw1gn2toBTFHRvfeJvzbi9ED3MUoRZAUTuREIwaCnxEt_WgqPluvmSa8p5r8vfZ18O_jP8mYD7bf-P6Q88bVgyf7zVq5PXJl1MfYXLRb2whLrIuIGMRMXfw_iKdR2VIlBHO3FF1Ra6N9SiDMu_fi5qIA24f0HwfQ_1EXH8p0KAzXLGrMUZhuldgqZBuw4ZtvcuyiS5MGxzLuTjxi0X-FelAQ_eqgszpEQdJdDlGGBhbTSsEchnjs4-lsb2fbiHq3Gq3zti_n1AsiggggX4mzN0WpobluNhS63HqMPT8mmzT7GRWbCjSQLGVS3DAkz_namf57hUGxmcXi-rj3MpeH5ccWSXqcmy1C_yy_KcQOQRRysENHcXDIUhVw5gErcdAAm67LkxJeYq1zspyTZgg95keYxRh0eSBwWA0HrH_-YgbYmMwRSF63l6pDXnlwj2C11jMnej2nAf1f9Pz-qpAdiRU8Jzm6u7xLnNUZbE874BzP6HulcxXhi_AkaIQld2qW9V4obXncINTqsFaee2D236fkSjwIgQ0FXmWTZJvjGhoaXCsNcH8QlVrqL6AUEtUt2-CTZ1cyaVRF-e9_D6I5RPb1CZdp9po2IiXYdFykzUrw4LgVtqj0fA99OwKLshGp_v-hT1TgihfAgg6jSYHu-VWkq2RixwLv6Bi9zQEQ3VCouPjwCNAT9lTI1fq0EJfxRQS6x8x_86G53GxkLQ2AzOgyO87XuE8h-_dkbE0t7yWONEkrLGcb9Dv4FqgeBeLX8Pjw0m_RNWXdbHLUdVUiwSNViDnyL68J4huR0taJzWx0AVlLIsZ7m_9H9MwCFxvX0cy9qWkaE8W2PzpjfXHTqkf480yJEyMVwQpCLXwM2umeF_2TgRdGJpLSMFgSJA5rr19_ynaUgpXHzMh51HFTmzEzOV9ENWysRXdiGgMSLWbkcMF9Wj90UvYRHWLcfgeV5Q&cid=CAQSTgAvHhf_xnJZVJG0u77FyeUV6wgIsh-rcJyZnC_Nbsyr4WCe8CqGwNAuOc0KG6Rxtr0zrRxyFO1SmSzPYdmRonnJbuJQ-b7mKr5xJTBRGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.babup.com%2F&ds=l&xdt=1&iif=1&cor=14247684673298700000&adk=1935140219&idt=81&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 16:24:31 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjI2ODA0Nzk4Nzc5OQogIHNlcnZlcl9pcDogMTI2MDY3NjQwCiAgcHJvY2Vzc19pZDogNDIwMDIyMTUzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame D9E2 0
858 B 119ms
56ms Image
image/png 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjI2ODA0Nzk4Nzc5OQogIHNlcnZlcl9pcDogMTI2MDY3NjQwCiAgcHJvY2Vzc19pZDogNDIwMDIyMTUzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA0MDA0MzI1MzI0NTA3NjA2MjE5CmRlYnVnX2tleTogNjUwOTA0MTU4NzUxMjQzMjE1NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMjYiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg0NDM4NDEyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3Mzk5NDg5NjYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTUxNzA0OTE0MTAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NDEyNDMyMjUKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x3c4fbe353324c41a0000000000000000","13":"0x2ee9927a3b4fb7680000000000000000","14":"0x8b5af85e922f41150000000000000000","15":"0x6650fae346f0a17e0000000000000000"},"debug_key":"6509041587512432154","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"4004325324507606219"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/225040;7936448;201;js;DV360;DV360FY20AcrobatCTXCustomIntentNonBrandedCHDSKBAN728x90/ Frame D9E2 2 KB
1 KB 76ms
26ms Script
text/javascript 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/225040;7936448;201;js;DV360;DV360FY20AcrobatCTXCustomIntentNonBrandedCHDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.babup.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://www.babup.com/&ft_partnerimpid=ABAjH0hn-MwEkHXBwEBFlc09qiCF&pub_id=1&sup_platform=1&cachebuster=327898.763515585

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app8.frk11 /

Resource Hash

b079cf33a4ae5e1a4109fe704e6bd7045e44462b3b34d3b787b658c5fd85b1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 11:20:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app8.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 886
Expires: Fri, 26 Jan 2024 11:20:48 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BC4 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: www.file-upload.org
URL: https://www.file-upload.org/a6cq82dkwnky

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:12 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D2DF 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 68177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 16:24:31 GMT
expires: Fri, 24 Jan 2025 16:24:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame D9E2 86 KB
26 KB 93ms
27ms Script
application/javascript 18.66.147.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/225040;7936448;201;js;DV360;DV360FY20AcrobatCTXCustomIntentNonBrandedCHDSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.babup.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://www.babup.com/&ft_partnerimpid=ABAjH0hn-MwEkHXBwEBFlc09qiCF&pub_id=1&sup_platform=1&cachebuster=327898.763515585
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-29.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 14:34:38 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 74790
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26343
last-modified: Wed, 24 Jan 2024 14:32:35 GMT
server: AmazonS3
etag: W/"72851d1caa0fb39691fdc257bcee7227"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=86400
x-varnish: 84216651 83436865
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 3r8nu_cCn0FazzeP7YSOH1WT1RKSNi9J8bemCYdSEm7HRR-eYFqJKw==

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D2DF 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 10:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 10:22:57 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2BD 42 B
64 B 176ms
176ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL1LZzKL7_d6VrwTItzE4ruzyOgH0hUFrXU9fay0l4HCFRfv51mVBw9G_dR_z7uzj0llvyvSxqbHojjGr7ZRVTOlJFhIjgie_mJvVGRVfangsw8EnKtbLpxQw4wyCvh8y1S_8bJ9K4bPlvWbWh7rDXLU6l&sai=AMfl-YTH5b1JqtmD_S0kbVBelHhxWPx7Qy_sJAnkFrRoxMmO6QfmoixSQVjnhYWgdszPZNLQm44qZDnWUni82rdQoFy8kzs6sEbBm1fPhFfjpRJ1mXp2JntswGyDccAjO_7H26_P2OF839VK23nQjIbpTg&sig=Cg0ArKJSzF0NboR-uib6EAE&cid=CAQSTwAvHhf_dc8Zw1Mp3UkyIkvMmoLFD7Yg2QySULGLBDJCXZ9fXTwRp6U0dmbEse6tj6vygeSx9ahf-7zvCwAhfPPS9lbhAXK4gqeXBN7GM6AYAQ&id=lidar2&mcvt=1002&p=0,0,280,1110&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2300165494&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170626804700&rst=1706268046546&rpt=648&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D9E2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f09a21a7e56ba393e3533fcffb7ee9be73ad1bd6c1d77c807508da31d4d1a9d2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2DF 0
20 B 174ms
174ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_isIj5WzZZelPLjHjuwPiY-kyAEAAAAAOAHgBAI&bg=!gYKlgs3NAAa8BdJLnAU7ADQBe5WfON4vr1832ZrmbZK2XKdyxxLtw9F6d5w4x34tdOn03FHxEQs-T0O6ZAO5ch0B_184AgAAADpSAAAAAWgBB5kDA_LX7S8zNdzDvGzvji90f6WL5HdYcmkjT4iOZgNMEKOSvH9iheJlNSqUnvGu94fGg1FNkZx3n7VitScJsJlXL_109Vkp68jZdeXOd6XmsWtaDKAc0ULY5C721d0wf4-3lIxVxzh6sBLUJxoendFuEPdU6UdUS68fmqtq4FYDpQ6dyLnab4oeUHybb4_RPtxU1tB8xGK_zocJQI_qw-Yz-6joJYeUzzjSGeGe8a9FB1SUSQ-Ub8RhzBeOtjNEjIuHe_GHO_A7ybplr6o4yUsFn-LH1sXRiFupPy-TjcNZaV6dqUvzZdwnZoM3nm8hIwdScohqifZBbuorWkShIuj-bn4sM0Mr96pklpJ8dnEe4zqssCucu3VLKks37hcihl4wAIL6LhN0Z4C7OMlLLAMHZq0TiMtiek_N4PNpt5i2JBw9vMaP4VbUyHFggCY_bJanYjDpYimWBsK4dH0cT1HFN2aCEouv4iHxqy_cLqNd0ixdET5zd2WESuwFBCX8m4tR0IzqS1qdl-vlM0w9SAEzqNKZK_2YbFaE1cTUyue0syGCjN6czuM4t3WnMTWjBfVBW6tzuXGOSsFI1Kov2ojhwUdyOnDL2ErilS7j1aoG_6xqOXjIE8PhmXUpam-_31TYhhzvaUomc9u_BxvIZKcLdgTnIDust7sdPW2M1kFJXuCTFx-goz2mbxljBZEWhPtxJ66Yd7v3MwR9lE4S6VkyQWzQTzSxIFIe53jaJG4K1elPT3m29_V9W6WpI8Gqg8vex-joVsQasZTOyhjLEKkGwrQCZlMDnUYW93imO62_B18rYgLqqN1CmB__lH7Et_gb7tnDZCETQq5QbBxUm9H6_H-3HrYLsDBIiWEdRbB7oFDnnZ_iPZcQmHOVZiSfH1xz7m5kik0rb1itF-vxCBpi2Z1wtMFyHRYKeE2RCAyyaK75Tt6Jy5l_1SDqvUQ8yMGfE_VKctcAR4KiLz8C8UBZIPmGT5rYCo9-62t3fWBTI1eQtONjIrMtfpNL9AOq2O6nqzEfFA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3699640.json Show response
agen-assets.ftstatic.com/display/7936448/ Frame D9E2 5 KB
2 KB 298ms
219ms XHR
application/json 143.204.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7936448/3699640.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-84.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b95331fa076ce69f3a3fe0f9de95a8b5ba9e202db0da19024a8a7bd1a21e6cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:49 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Mon, 11 Dec 2023 15:26:03 GMT
server: AmazonS3
etag: W/"464341d5db23903b850b343bf5e4b3fa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 954263599
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Ezh6ZafoHUlcMWAchBrwsSOnL7Q5ou1ctRZfcDjwy9Kmofkk87AIMA==

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB3BJE7Q7JXBXZY2SR3O4PPWMNU36H6QC2ZQBY5LY6SX5DJ5ZURX7WKGLDXN3D4GV2D6BYOQL5L67BJGTBV4NMTWBUVPTHY237G7OOPZTNO77IN5UYRZEBE52RJRYQMUNRGBAIX56NNXVTSZ6HOVWAHYFI... Frame C7A9 26 B
257 B 30ms
30ms Fetch
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB3BJE7Q7JXBXZY2SR3O4PPWMNU36H6QC2ZQBY5LY6SX5DJ5ZURX7WKGLDXN3D4GV2D6BYOQL5L67BJGTBV4NMTWBUVPTHY237G7OOPZTNO77IN5UYRZEBE52RJRYQMUNRGBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NACA73CSYGCR23ORA3G6LOCVFFFQFTKEFH4QVMXQGQ54VXC3YJV5SH5OTGUBJQCOKQSUQHXYEYT2GUGXRUHVET6LSZ3CQVVU3PRTYIBAKUFBJVNITSSHFWZJS73FX5PDF4FQZJE5L52GN3YLLEGAEHZXIDXQ46DSYHWCDMKMC6Q2VEPYONDQ5V3AFSXB4JT44Q/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Fri, 26 Jan 2024 11:20:48 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB3BJE7Q7JXBXZY2SR3O4PPWMNU36H6QC2ZQBY5LY6SX5DJ5ZURX7WKGLDXN3D4GV2D6BYOQL5L67BJGTBV4NMTWBUVPTHY237G7OOPZTNO77IN5UYRZEBE52RJRYQMUNRGBAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 90ms
30ms Preflight 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/MFRPW3YR4ZCB3BJE7Q7JXBXZY2SR3O4PPWMNU36H6QC2ZQBY5LY6SX5DJ5ZURX7WKGLDXN3D4GV2D6BYOQL5L67BJGTBV4NMTWBUVPTHY237G7OOPZTNO77IN5UYRZEBE52RJRYQMUNRGBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NACA73CSYGCR23ORA3G6LOCVFFFQFTKEFH4QVMXQGQ54VXC3YJV5SH5OTGUBJQCOKQSUQHXYEYT2GUGXRUHVET6LSZ3CQVVU3PRTYIBAKUFBJVNITSSHFWZJS73FX5PDF4FQZJE5L52GN3YLLEGAEHZXIDXQ46DSYHWCDMKMC6Q2VEPYONDQ5V3AFSXB4JT44Q/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Fri, 26 Jan 2024 11:20:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7A9 42 B
64 B 175ms
175ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPagsA7huXqjRdE8BMDebb4vTBiXpxyDp91JKDLrH-MAzzqyB2lfle23o-Xzvwk29ONDF8TJBfywKS0F1V_VgmWkmlTIy7nDrKmgqYN1nsYkAw8jwXN8IT&sig=Cg0ArKJSzLpIXh_fLOvKEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2869380213&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170626804700&rst=1706268047137&rpt=249&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame D9E2 601 KB
162 KB 94ms
27ms Script
application/javascript 2600:9000:2646:1200:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1200:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5225e042d89534aef3082cd03f5464a20462b1b5e6dad3f7ebf18c0eacc5ecf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 23:50:43 GMT
Content-Encoding: br
Via: 1.1 c1e31c801257ebc563cbb890e887cb1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P5
Age: 41405
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 25 Jan 2024 23:50:43 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: quuzxUx01xpl8TetxeTwOGXB5BZ63Bl0GEHDPTNor-lCApbqcnrA_w==
Expires: Fri, 26 Jan 2024 23:50:43 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame D9E2 17 KB
6 KB 102ms
24ms Script
application/javascript 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 11:20:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=67429
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Sat, 27 Jan 2024 06:04:37 GMT

GET
H/1.1 200
OK FY22Q1_DC_AcrobatDC_AcrobatDC_de_de_SignMobility-Lifestyle_ST_728x90.jpg
cdn.flashtalking.com/116327/3699640/ Frame D9E2 44 KB
45 KB 102ms
24ms Image
image/jpeg 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/116327/3699640/FY22Q1_DC_AcrobatDC_AcrobatDC_de_de_SignMobility-Lifestyle_ST_728x90.jpg?182289649
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4610dc3335f71847b096ed75b7f38c848bb68b5bfed88ce38d707db030df127c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 11:20:48 GMT
Last-Modified: Wed, 18 Jan 2023 23:47:28 GMT
Server: Flashtalking (AKA)
ETag: W/"23cba901eca04520396536c8ce5964d8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 117366840 116978941
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1193
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45177
Expires: Fri, 26 Jan 2024 11:40:41 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame D9E2 1 KB
2 KB 101ms
23ms Image
image/png 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 11:20:48 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 511612315 382618673
Cache-Control: max-age=715305
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Sat, 03 Feb 2024 18:02:33 GMT

GET
H3 200 txt_adv. Show response
fundingchoicesmessages.google.com/f/AGSKWxW9I0qRhhRjLWUoqxZmQatMsAeTXa-CZMgCJBHgZhtAD__LCWUn2ILF1IOaPLvqUnmWlZprG7pGKNi6MBIw4Kvi9YN9guzWYEHnM6P6u8utakNFjzzhsP9JyJWcC43GNSse4iZCvdO0Ug__M-cFtLsS945s5... 54 B
110 B 38ms
38ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9I0qRhhRjLWUoqxZmQatMsAeTXa-CZMgCJBHgZhtAD__LCWUn2ILF1IOaPLvqUnmWlZprG7pGKNi6MBIw4Kvi9YN9guzWYEHnM6P6u8utakNFjzzhsP9JyJWcC43GNSse4iZCvdO0Ug__M-cFtLsS945s5GZJcI04ijtFHAuDxUYG873kuKinN1wl/_/120x600-/advertising02._blogads./youradhere468-/txt_adv.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwYguaqMDE6-xBWX4yxN0KelhKGPw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d97fc25d70d7296de23187fb00fe74feebda66fc091a3c408929e3896ba0644c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IYwKF-ZHvQMuX1B6vws3Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IYwKF-ZHvQMuX1B6vws3Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smnq8vmSSAWAOI30m-YvoGxDt8PFjehE9n5YqYznq6YDrrZSBmq5jOygfEcXXTWfOAmG_ddFbd9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCUayAZip_QZrEFA_DlzButvIC67fY61DoiFeDgmrD63lk3gxZ6m1UwApnRcXA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 22ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 10:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 11:52:22 GMT

POST
H3 204 AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 136ms
86ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8Qax87Hwu5LDa7phWgtjng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8Qax87Hwu5LDa7phWgtjng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8Lqc2vZBFY8-3ODCQDtXiDx"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 111ms
83ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0E49X-bstoZJrdd2X1xD5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0E49X-bstoZJrdd2X1xD5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8Lqc2vZBBo-PrzBBADscSC5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 45ms
35ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-83Gv2JDtB9i19WMS7BTcDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-83Gv2JDtB9i19WMS7BTcDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8Lqc2vZBDq-dh9kAgDsYyBb"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.babup.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 97ms
86ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YCcxeeOROjgGi_8HAL3idA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YCcxeeOROjgGi_8HAL3idA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8Lqc2vZBH70fr3BBADurSDl"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVv-N9jrLJ_JrCnevc5ZX5O1UKzDAzuxgyDqIorFkR8uM-XsNyiWQrJkQtaznxvAP6FBFAIvhHWCXClU3EhDTYrKgQr0IiJSqvUaiIaE1L9zxbD7h9GX1MkC3j93slBVnBOauWt0A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVv-N9jrLJ_JrCnevc5ZX5O1UKzDAzuxgyDqIorFkR8uM-XsNyiWQrJkQtaznxvAP6FBFAIvhHWCXClU3EhDTYrKgQr0IiJSqvUaiIaE1L9zxbD7h9GX1MkC3j93slBVnBOauWt0A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MjY4MDQ4LDY0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bf6e40c3199f4f925110c7ac87bb1dd2e405786d8c145f3064f840309a9f4f2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-A9yfDoH_NM0ssTQgF8hOMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.babup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-A9yfDoH_NM0ssTQgF8hOMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KIhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJp6vL5kkgFgDiN9JvmL6BsQ7fDxY3oRPZ-WKmM56umA662UgZquYzsoHxHF101nzgJhv3XRW3fXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglGsgGYqf0GaxBQPw5cwbrbyAuu32OtQ6IhXg4Jqw-t5ZNYMbmTUeYAPLsYVs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7936448;3699640;0;271;AFB6CF71-3E41-D873-058B-15F4E930AB39/ Frame D9E2 0
67 B 119ms
21ms Image
text/plain 18.192.228.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7936448;3699640;0;271;AFB6CF71-3E41-D873-058B-15F4E930AB39/?cachebuster=755435362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.228.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-228-113.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame D9E2 1 B
377 B 83ms
21ms Image
text/plain 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7936448;3699640;0-304-0-0-848925904
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 11:20:48 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 26 Jan 2024 11:20:48 GMT

POST
H3 204 AGSKWxXnhQYiUxlctZcOZSroBnJNfsJLPcIOK5asz6yOYk2FBUQk7x_j93WXgG7RWciVNQ9x470eOdo64KZl9EBcWvAUixKWObf9oQiNPVZkGjUuTqxWPHHTKfE9Ps2J87-48C-78obHCA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 35ms
34ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnhQYiUxlctZcOZSroBnJNfsJLPcIOK5asz6yOYk2FBUQk7x_j93WXgG7RWciVNQ9x470eOdo64KZl9EBcWvAUixKWObf9oQiNPVZkGjUuTqxWPHHTKfE9Ps2J87-48C-78obHCA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_zJqyRPyGl8S_yrF5rX33Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-_zJqyRPyGl8S_yrF5rX33Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8Lqc2vZBF6sOH-TCQDtISDH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 81ms
81ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKhGN3AMvNuGEF4I0hBpuapG78ulEjCK_syhwx8-rTkhkJ7kikIfa8oWWt1eIh1gKzWx9SsNqZPPPYsyjLakH4ts27pUcHKHOJ1Tx_eYkeq1ObEU929lqXbd_dU4Z-fd1ZnHVvAQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-97w4uXZB-nn9UF1ChadDTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.babup.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 11:20:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-97w4uXZB-nn9UF1ChadDTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY8Lqc2vZBF7suPGBCQDrOiDv"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.babup.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D9E2 60 B
618 B 542ms
146ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=OcAAcLwumuhImnJSlBxpCGJWJHSTNUCd-FE7fPshldVrqKDsQ03nNF0LH-E03BOs9lbVTmNQ==&pm_ct=52142eb5df72a7ac1e21dee4&pm_pl=1706268048717&pm_td=11&pid=1000941&en=1.1&callback=__pm_glbl_OPT5Qr8zkVZfuqhFYK8tMGn6._gc1&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5fbb735453afe86f22267fa8c542b7bfb3d3e00e4611f86af6140f62da71c702

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 11:20:49 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

GET
DATA 200
OK truncated
/ Frame 4C79 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D9E2 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK ce632735-f8c3-41d4-a34d-ecac23de796e
https://googleads.g.doubleclick.net/ Frame D9E2 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/ce632735-f8c3-41d4-a34d-ecac23de796e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK ddd6bf5c-075c-4caa-bc1e-5fe47f3ef9fd
https://googleads.g.doubleclick.net/ Frame D9E2 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/ddd6bf5c-075c-4caa-bc1e-5fe47f3ef9fd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame D9E2 1 B
377 B 21ms
21ms Image
text/plain 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7936448;3699640;0-306-0-0-274348096
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 11:20:48 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 26 Jan 2024 11:20:48 GMT

GET
BLOB 200
OK 928cab93-b816-4f58-bbab-c7f3bcea9735
https://googleads.g.doubleclick.net/ Frame D9E2 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/928cab93-b816-4f58-bbab-c7f3bcea9735
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame D9E2 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D9E2 42 B
64 B 174ms
174ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZNDk2gIZiU87VKEk96IKtF3h9EIl4sOEMTbUIyOGhuuRoFM_RNqmrXBNq6C0YiumZb-2o1ayILM9GnH6D_34emw8zebJChszq2HVA6N9pLKKeOcK8bzZAb5R8p0mL0dpGgs0RCDCk4s17d67PPTbiMm0C&sai=AMfl-YRv8GNT8dAhyxcVNiLCucKe0dDwtovccHeb879x7g9LyK8FI8FeSQM2j-RUcSY7ww9nrjQeB71sj7Zgz9NTm07e_wKlI28ziVEKqKAnFsef9hH7T9wPpXC3WCNipfQA-mFhsHjDZMCapGpdWmeq&sig=Cg0ArKJSzDIdiRonU7mREAE&cid=CAQSTgAvHhf_xnJZVJG0u77FyeUV6wgIsh-rcJyZnC_Nbsyr4WCe8CqGwNAuOc0KG6Rxtr0zrRxyFO1SmSzPYdmRonnJbuJQ-b7mKr5xJTBRGhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=315,889,1000,1000,1000&tos=315,574,111,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170626804800&rst=1706268047871&rpt=350&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E2 0
20 B 168ms
168ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3591573583802&version=m202309260101&ct=77&x=1&cor=14247684673298700000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 11:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D9E2 1 B
283 B 269ms
268ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=OcAAcLwumuhImnJSlBxpCGJWJHSTNUCd-FE7fPshldVrqKDsQ03nNF0LH-E03BOs9lbVTmNQ==&pm_ct=52142eb5df72a7ac1e21dee4&pm_pl=1706268048717&pm_td=558&pid=1000941&en=1.1&callback=__pm_glbl_OPT5Qr8zkVZfuqhFYK8tMGn6._gc2&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Fri, 26 Jan 2024 11:20:49 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame D9E2 6 KB
6 KB 84ms
22ms Image
image/png 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 11:20:49 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=1189
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Fri, 26 Jan 2024 11:40:38 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame D9E2 1 B
377 B 21ms
21ms Image
text/plain 23.218.208.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7936448;3699640;0-307-0-0-749224556
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 11:20:49 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 26 Jan 2024 11:20:49 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7936448;3699640;0;202;AFB6CF71-3E41-D873-058B-15F4E930AB39/ Frame D9E2 0
66 B 22ms
22ms Image
text/plain 18.192.228.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7936448;3699640;0;202;AFB6CF71-3E41-D873-058B-15F4E930AB39/?cachebuster=547170998
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.228.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-228-113.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:20:49 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame D9E2 1 B
283 B 147ms
147ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=OcAAcLwumuhImnJSlBxpCGJWJHSTNUCd-FE7fPshldVrqKDsQ03nNF0LH-E03BOs9lbVTmNQ==&pm_ct=52142eb5df72a7ac1e21dee4&pm_pl=1706268048717&pm_td=1267&pid=1000941&en=1.1&callback=__pm_glbl_OPT5Qr8zkVZfuqhFYK8tMGn6._gc3&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Fri, 26 Jan 2024 11:20:50 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d

Domain: www.file-upload.org
URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.file-upload.org/	1969-12-31 23:59:59	Name: lang Value: german
www.file-upload.org/	1969-12-31 23:59:59	Name: visited Value: visited, visited_expires=Fri Jan 26 2024 12:21:45 GMT+0100 (Central European Standard Time), path=/
.babup.com/	1970-01-21 03:33:48	Name: _ga_3T7TKCZCC9 Value: GS1.1.1706268046.1.0.1706268046.0.0.0
.babup.com/	1970-01-21 03:33:48	Name: _ga Value: GA1.2.553134796.1706268046
.babup.com/	1970-01-20 17:59:14	Name: _gid Value: GA1.2.1717291027.1706268046
.babup.com/	1970-01-20 17:57:48	Name: _gat_gtag_UA_119779859_1 Value: 1
.babup.com/	1970-01-21 03:19:24	Name: __gads Value: ID=9a758acd5afe490e:T=1706268046:RT=1706268046:S=ALNI_Mb8nXzzksAITRuCeynXZQZ8DQDVKA
.babup.com/	1970-01-21 03:19:24	Name: __gpi Value: UID=00000d49d132186a:T=1706268046:RT=1706268046:S=ALNI_MbfAUzQj6-XWfuX8YZVjNNseOqYsA
.babup.com/	1970-01-20 22:17:00	Name: __eoi Value: ID=cda03a612ff98a3c:T=1706268046:RT=1706268046:S=AA-AfjYx-EV-ChPpn6dEbFBBkOGH
.doubleclick.net/	1970-01-21 03:33:48	Name: IDE Value: AHWqTUkEtVim-wbhytBsdSQrRxaSIl2mCKlMs0hB03n9Ay38Mfs52_5FLYbP2IDuR28
.googleadservices.com/	1970-01-20 20:07:24	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:57:51	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-21 02:43:24	Name: CMID Value: ZbOVkGWfd.0MjAO4687gtgAA
.casalemedia.com/	1970-01-20 20:07:24	Name: CMPS Value: 2132
.casalemedia.com/	1970-01-20 20:07:24	Name: CMPRO Value: 2132
.doubleclick.net/	1970-01-20 18:41:00	Name: ar_debug Value: 1
.babup.com/	1970-01-21 02:43:24	Name: FCNEC Value: %5B%5B%22AKsRol84EllHMAGW2HxcxPk9n5uPHG-jyc8X2xSK_Gy6eV8u-zpryMJ0cb0P6MaI6a97eo5pRqG3LObZT4uvjVAs6QmNzCtnmBLlM5No4q6fgDByjG02X9zWBiSCBw6hj6oNyS0TsAgLx1imZKt1SzQmC3qCf5-zLA%3D%3D%22%5D%5D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.babup.com/file.php?get=a6cq82dkwnky Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/file.php?get=a6cq82dkwnky Message: Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.babup.com/file.php?get=a6cq82dkwnky Message: Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d Message: Failed to load resource: net::ERR_FAILED
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g&tid=27133&l1=225040&l2=DV360&l3=7936448&l4=3699640&l5=1&l6=1&utid=AFB6CF71-3E41-D873-058B-15F4E930AB39&creative_type=display&adid=ftdiv7936448&pub_app=&pub_domain=https://www.babup.com/&uid=&cb=91638.29077008493&pub_ts=1702308352&729359441(Line 1) Message: Failed to create WebGPU Context Provider

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-events.flashtalking.com
ad.doubleclick.net
agen-assets.ftstatic.com
ajax.googleapis.com
ajs-assets.ftstatic.com
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
cdn.flashtalking.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.dmca.com
js.ad-score.com
pagead2.googlesyndication.com
region1.google-analytics.com
secure.flashtalking.com
servedby.flashtalking.com
ssl.google-analytics.com
stat.flashtalking.com
tpc.googlesyndication.com
widgets.outbrain.com
www.babup.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zem.outbrainimg.com
certify-js.alexametrics.com
www.file-upload.org
104.18.36.155
130.211.115.4
142.250.185.134
143.204.98.84
146.75.118.132
172.217.16.194
18.192.228.113
18.66.147.29
188.114.96.3
2001:4860:4802:34::36
213.227.153.223
213.227.153.224
23.215.22.232
23.218.208.47
23.35.237.86
2400:52e0:1e00::1082:1
2600:9000:2646:1200:a:deb0:3380:93a1
2a00:1450:4001:803::2002
2a00:1450:4001:809::2008
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3120::3
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f85ef7e7b3cb06467619d23a40011bc5c93e9ca9118044aa70ef7e7ea7bdd99
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
120e1326f58f865339db5ba87f60cadd92537c6bfc684782ec6a9db8daf7bfb0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fa4fa66264d0d2c207556819a202b230886c07853685e97c33abc0301da4892
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
227d2b7da7cdcd77837fca8e4a303b55a7b8034901f64419f44cb43c413c621d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2b95af781c1c239444462c90d24af3a26d88134c88cd916b396339634883f6c8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5a84a07c849f846c92469476791d7b32ba2396fa17dd095f9b128397b0c443
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
3450a58fb25e679b239e3737aac74f993bc76f12011d35ca8df8173b667984ec
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
3ec3cfab842057579ae612676a68604d1ab9ec4f507f2fe120c068811353cd79
41a9bacab6618adedda5556118018e7934ad057d77ca2f62137426bb25f62643
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4610dc3335f71847b096ed75b7f38c848bb68b5bfed88ce38d707db030df127c
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
503974c29f83b3e1b90f10945ab1bc105185625969b4a217a229b46b6c644f59
51eeb34b16bc39881cba9146d5bf384a8991db772c506dd0f2592d489b2cdb8a
5454a32c730194b415ad7bd1ff3b5a9a22ad0cdb029be672642c0fd4c05d73fb
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5c3dd8cbdb8165b83f53b8991a6814d037378b068a2ef92f8523030e37a74435
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5fbb735453afe86f22267fa8c542b7bfb3d3e00e4611f86af6140f62da71c702
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6550423bd3f1fa2d8529c496bc47357b50e6cf1a3c17825a73978c17b28be3b8
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
7713fb56b5aa338b53d90b38fc0e121c963c29bd7781a8215311af5405e99491
7b95331fa076ce69f3a3fe0f9de95a8b5ba9e202db0da19024a8a7bd1a21e6cc
80089fcfbb306f938984d77e97815e93c72e92f0b781072aa33b70261d799276
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8b834ff16eacf4a97fb25656c46ff4e585debeefe22bf29378a268336a975bf0
8f0c8f15addf2b65d14438e35f5c815e359e20ec28bfcf504b39d0ec2bdac765
91f9e3f623d080102f963443dbfe1e1feb88463d69189510b2e5afa980f3d78d
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bf6e40c3199f4f925110c7ac87bb1dd2e405786d8c145f3064f840309a9f4f2
a47be012687bc6cf4c1d8d77cfc3aeffc6f9d3f949c372fd6532c6317b54898e
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
aa065d68d911464d327db0383a006cd6e1d8c356eafa59fe3a418b27213efa0c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
b079cf33a4ae5e1a4109fe704e6bd7045e44462b3b34d3b787b658c5fd85b1de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bce58d63ee6dc3cc766ae94965eb9bfc12bae1aea1843017e88270a8a12e97db
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5225e042d89534aef3082cd03f5464a20462b1b5e6dad3f7ebf18c0eacc5ecf
cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5d285cd77b8307ade930cbd4592f505f85763af3a15afc1a489aa63b85d346e
d7654e435149df886ebe742c65c69aa8c4a26bc2a2492e5e4bd9d64979768736
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d97fc25d70d7296de23187fb00fe74feebda66fc091a3c408929e3896ba0644c
ddeebfee7d668023c879ea2be1a356dc4fa23174d5750978acb909c639445673
de1e921d5778b283af3af98be373ba4d462d7d360be829ce7a474c7a456c7e92
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e1be2cd886243c82588acbd0f88bd90ef5ffa444e97226de899969a1177167cb
e367a2d0e62116b0a999990fdf2a3584d916ca0458269b6a43e825b7bdbcb060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaacc82ef93a8875e4de6854b47dc8c16584dfa69a397f9dd5ac5e6b3bbfd393
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09a21a7e56ba393e3533fcffb7ee9be73ad1bd6c1d77c807508da31d4d1a9d2
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
fe3758f6cba90322b8e12eebb9cd4f01fca6a2b5821e1177ce8f2ff673d45320
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

www.babup.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

90 %HTTPS

56 %IPv6

22 Domains

37 Subdomains

32 IPs

4 Countries

2340 kBTransfer

6444 kBSize

17 Cookies

31 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.babup.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

90 %
HTTPS

56 %
IPv6

22
Domains

37
Subdomains

32
IPs

4
Countries

2340 kB
Transfer

6444 kB
Size

17
Cookies

153 HTTP transactions
8 data transactions