urlscan.io logo urlscan.io
SecurityTrails logo

www.babup.com Open in urlscan Pro
2606:4700:3034::6815:37eb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://biturl.top/EbeaE3
Effective URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Submission: On July 20 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3034::6815:37eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.babup.com.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time www.babup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3032::ac43:b56c (United States)

ASN13335 (CLOUDFLARENET, US)
biturl.top
24    2606:4700:3035::6815:390e (United States)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.org
2    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net
images.dmca.com
4    2606:4700:3034::6815:37eb (United States)

ASN13335 (CLOUDFLARENET, US)
www.babup.com
8    172.67.146.80 (United States)

ASN13335 (CLOUDFLARENET, US)
www.file-upload.com
7    2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:400d:c0d::8a (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2607:f8b0:4004:c1f::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
6    2607:f8b0:400d:c04::71 (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
24 file-upload.org
www.file-upload.org — Cisco Umbrella Rank: 641767
548 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
320 KB
8 file-upload.com
www.file-upload.com
3 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 10
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
74 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 951
www.google-analytics.com — Cisco Umbrella Rank: 104
38 KB
4 babup.com
www.babup.com
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
165 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
93 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 15011
10 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
30 KB
1 biturl.top
biturl.top
7 KB
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
76 13
Domain Requested by
24 www.file-upload.org www.file-upload.org
www.babup.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
8 www.file-upload.com 8 redirects
7 pagead2.googlesyndication.com www.babup.com
pagead2.googlesyndication.com
6 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.babup.com www.file-upload.org
www.babup.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.babup.com
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 connect.facebook.net www.babup.com
2 images.dmca.com www.file-upload.org
www.babup.com
1 www.google.com tpc.googlesyndication.com
1 ssl.google-analytics.com www.babup.com
1 ajax.googleapis.com www.babup.com
1 biturl.top 1 redirects
0 certify-js.alexametrics.com Failed www.babup.com
76 16
Subject Issuer Validity Valid
file-upload.org
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh
images.dmca.com
R10		 2024-07-17 -
2024-10-15		 3 months crt.sh
babup.com
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-28 -
2024-07-27		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://www.babup.com/file.php?get=rsomxwsrpcrb
Frame ID: 7DB5FD815F91907D124C6ED9FBCFCB38
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: 11ADB60F58A27DFF4D6CC4E672368913
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721435286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~34~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~34~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_15~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285112&bpp=9&bdt=2074&idt=914&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3327420629092&frm=20&pv=2&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=940
Frame ID: 5B25E611C85562292892E12E601D85A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435286&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285190&bpp=2&bdt=2152&idt=881&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=889
Frame ID: C022465D450255A71789D2FF88A8AC7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435286&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285204&bpp=1&bdt=2166&idt=882&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=884
Frame ID: 649C945E9015B97CBA14A414ECBA02DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435286&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285206&bpp=1&bdt=2169&idt=888&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C555x280&nras=1&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=889
Frame ID: 73289A8EB617392FB60F0A6544FAEB99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00F82E868077C04DD5DAE4724DE4B63C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E6A7B0A1A98296A3750C95E82238089
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435288&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435287690&bpp=1&bdt=4652&idt=-M&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9d4e3cbd830ae18c%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYtkvKlp029-GTlyEiRleFT6tmF6g&gpic=UID%3D00000ea02393d9dd%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYoUhFJq1tlLptyShPJypAFyzLw6A&eo_id_str=ID%3D83cf77ad91cc6d89%3AT%3D1721435286%3ART%3D1721435286%3AS%3DAA-AfjbSY5Lqzy-tLRDgRVnG2GeT&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280&nras=2&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmj3j-TX0lWmewTwVE_LhhJWyKWwQoODBoSDntYXmAdzPXNW4pN3dNwdD0nlBVbHqfx9AWt2pR_zhkVUQ%2CAOrYGskog7EldZqJ0ddP265Yb36AvXQ69Hd9bbS9xSzbcUvj677tA1fqwetz4BENXo_nYb6MUpPX7zLT9Z6_JKa_dg7EhN9B&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=594
Frame ID: F37B8A9955857DC978E48D432A606526
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435288&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435287690&bpp=1&bdt=4652&idt=-M&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9d4e3cbd830ae18c%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYtkvKlp029-GTlyEiRleFT6tmF6g&gpic=UID%3D00000ea02393d9dd%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYoUhFJq1tlLptyShPJypAFyzLw6A&eo_id_str=ID%3D83cf77ad91cc6d89%3AT%3D1721435286%3ART%3D1721435286%3AS%3DAA-AfjbSY5Lqzy-tLRDgRVnG2GeT&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280%2C1110x90&nras=3&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmj3j-TX0lWmewTwVE_LhhJWyKWwQoODBoSDntYXmAdzPXNW4pN3dNwdD0nlBVbHqfx9AWt2pR_zhkVUQ%2CAOrYGskog7EldZqJ0ddP265Yb36AvXQ69Hd9bbS9xSzbcUvj677tA1fqwetz4BENXo_nYb6MUpPX7zLT9Z6_JKa_dg7EhN9B&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=596
Frame ID: A2AB299ABC044BD0F9C141139E335344
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: 1C425B3A3BC00D0790AEF441B9C17446
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: 21DB06F7EEA115FA51DB000F3337870E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: 638F033AD2F6420887DE1E194EBBDC8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Frame ID: 5EBA14CB799EE9D7BD221C8CEFB884E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

File-Upload – forex-article.store – FileUploadFile-upload

Page URL History Show full URLs

  1. https://biturl.top/EbeaE3 HTTP 307
    https://www.file-upload.org/rsomxwsrpcrb Page URL
  2. https://www.babup.com/file.php?get=rsomxwsrpcrb Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

78 %
HTTPS

87 %
IPv6

13
Domains

16
Subdomains

14
IPs

1
Countries

1292 kB
Transfer

3422 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://biturl.top/EbeaE3 HTTP 307
    https://www.file-upload.org/rsomxwsrpcrb Page URL
  2. https://www.babup.com/file.php?get=rsomxwsrpcrb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://biturl.top/EbeaE3 HTTP 307
  • https://www.file-upload.org/rsomxwsrpcrb
Request Chain 13
  • https://www.file-upload.com/mngez/css/app.css?v=1 HTTP 301
  • https://www.file-upload.org/mngez/css/app.css?v=1
Request Chain 14
  • https://www.file-upload.com/assets/images/logo_new.png HTTP 301
  • https://www.file-upload.org/assets/images/logo_new.png
Request Chain 16
  • https://www.file-upload.com/mngez/images/anti1.png HTTP 301
  • https://www.file-upload.org/mngez/images/anti1.png
Request Chain 17
  • https://www.file-upload.com/mngez/images/anti2.png HTTP 301
  • https://www.file-upload.org/mngez/images/anti2.png
Request Chain 19
  • https://www.file-upload.com/assets/images/norton.png HTTP 301
  • https://www.file-upload.org/assets/images/norton.png
Request Chain 27
  • https://www.file-upload.com/mngez/js/app.js?v=20 HTTP 301
  • https://www.file-upload.org/mngez/js/app.js?v=20
Request Chain 39
  • https://www.file-upload.com/assets/images/favicon.png HTTP 301
  • https://www.file-upload.org/assets/images/favicon.png
Request Chain 43
  • https://www.file-upload.com/assets/images/favicon.png HTTP 301
  • https://www.file-upload.org/assets/images/favicon.png

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
rsomxwsrpcrb
www.file-upload.org/
Redirect Chain
  • https://biturl.top/EbeaE3
  • https://www.file-upload.org/rsomxwsrpcrb
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e6dc2503fa1a61994e359a2df93d11bf35f589c9be5ce351c2cc157b672a74a
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a5ed42e3ef2ac66-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 20 Jul 2024 00:28:01 GMT
expires
Fri, 19 Jul 2024 00:28:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFGRndj7kcsZxaf3qeeiUQEPxHKXCB12ktaJT2%2B5P%2Fgt3bZEoaKUL6zHHARXIxRvoKUu8Z6A14Vi7BFDv2PW7b7kN6ybs763nyD2bBqu6QlxqrL7cLDIX3K6N326T0OQOmAxkSKEtYO%2FDwsdkseg1cwY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a5ed4252affa20a-YYZ
content-type
text/html; charset=utf-8
date
Sat, 20 Jul 2024 00:28:01 GMT
location
https://www.file-upload.org/rsomxwsrpcrb
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8coXIJu5vMP%2B3H5SM3TCWouP4bjTfjXA5pXaUZ3Cy%2F7dF4Kpuq2KAPmpe%2BYwD0LoIDijMnJ%2F%2BCb9DL5uyR7yQwLkFhIWLgAX8crR8ihSC0CshLKIf6Hee98Eg6yxs0e2eVRglxwaAdW1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-powered-by
Next.js
app.css
www.file-upload.org/mngez/css/ 		247 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:01 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
941279
alt-svc
h3=":443"; ma=86400
content-length
41420
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOe99UORZxeBUeaWxd0tLI7APIl%2FrEbd82hJiNZdHeSomXBatv0hb2LQkocT0Bb90VbeXcao2lk%2BZKRPwOYlcGGMT1fKGaY%2Bl2NI7q9JLagI%2FH7o%2BEUDxpUpvoZMIx%2Fov%2B310v1sCauPS20D7EtWOU45"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
8a5ed430090aac66-YYZ
expires
Wed, 10 Jul 2024 03:00:02 GMT
app.js
www.file-upload.org/mngez/js/ 		235 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5yK62Mrh6G88IPvqe5VHDiNgmb1bedO9xoThsFz9H%2F3NHNV5elJIiVDi%2BNTuYdaAS6d%2Fb2p56aVU%2FE4QChTMt3joFcVEZmgrkkqg1oDe9ADoLgtCkrd7Z0Uo%2FckP8X2c3ShW0JYvRTx4NGl563496g3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
8a5ed430090cac66-YYZ
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6333278
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vtPQ%2BT%2BGnvyhd0FS6SJjzzSrKx13N7qsBjBw65UEWTcgjRVJ4RTZAcR6Lx4QTe4YZ3MJMOAUOLTUBU%2BNZ0GfgsgbCJ4XQQ24CzZfb%2BCEDJeDbC4w%2B9cBlm8e3ZyTSlaszw7YpP%2B586sat9APJq%2F%2FgJy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed430090eac66-YYZ
expires
Tue, 14 May 2024 17:13:23 GMT
email-decode.min.js
www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6Opaq%2FCwYR7pZqUhFbXdlxgnAjO8yGTnpCeM3RsNYaOCr8BLsoJk55%2Bu1E6ciaTgTuEwVGkMQ2Z20QTRrrz2qPk9%2FLQ9iKH20cj87JW42W5mOw4P%2Fafc%2FZQkqanZqMkxgifhWAD84cEQj%2FbFbaRi1bQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a5ed4300911ac66-YYZ
expires
Mon, 22 Jul 2024 00:28:01 GMT
anti1.png
www.file-upload.org/mngez/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5756312
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2B%2Fsaco%2FEYTIm087CCQl9pZaNOKWYHraZkFtAZMP4%2FHj4%2Ff5G%2BOMCBMy48sdCbgOTyQSwGolgolPnjA1cGMXiJ%2BOd4x1hmIAYyn1RJqoEsAVRIpUASPQaOLUU2i8dyuMgHFf6%2BrivifYxvXIntWEjefj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed430a9b3ac66-YYZ
expires
Tue, 21 May 2024 09:29:30 GMT
anti2.png
www.file-upload.org/mngez/images/ 		641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6337345
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96fsgpiOBDBf0iPeQqOqlQa%2F2CXeOt16Uo83wYC3i7B5ev5oBI%2BXiztGc2I7%2FEqSWPETfuzZloccHnR%2FxSPf%2BD37nnMTN3l06f6h4IOkXO7whZxVQ45lrg7ZMhVXaQZ%2FlmMxj0IjMQAILhzt1UEnW9Bx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed431fac2ac66-YYZ
expires
Tue, 14 May 2024 16:05:37 GMT
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 / ASP.NET
Resource Hash

Request headers

Referer
https://www.file-upload.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cdn-edgestorageid
925
x-powered-by
ASP.NET
cdn-cachedat
06/03/2024 17:32:44
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-ASB1-925
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
c85acf126b077abce3921a37390509e5
accept-ranges
bytes
cdn-requestcountrycode
US
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=6215c2ff-22c6-4a51-ac3d-f4ff89588f3c>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

Referer
https://www.file-upload.org/rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6328940
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIbTbp2diGvhONyyanFVIshdph%2FwoaewzjN53C6q%2BHWR699qL5spWZijnK9YZgLjGVJzKICjN2ZRSUUzax2GqixOyc3r2eGOCi%2F1frJF8aSqVVG10fRutqOgErdptss9wxEE8AxqH50iYoZBk62eqHDT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed432ab48ac66-YYZ
expires
Tue, 14 May 2024 18:25:42 GMT
Primary Request file.php
www.babup.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/file.php?get=rsomxwsrpcrb
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:37eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
9ac0cd2a6724c0bec2fd911802c57ea3d570adc9ebe63e3d7b981776feea85a4

Request headers

Referer
https://www.file-upload.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a5ed4358a84ac5e-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 20 Jul 2024 00:28:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrPsVVVWLpa0h8UBBUdDydQmN%2BtVMp3T6CcyxFotvp9fMbCywDXpBQdkavUxCNz%2BSdCXkYw9c4pUgxWAve%2B7IZss8z8zxrpHjCH61HGmNxkkc1SMQbam9EuOjEl3w3JWUolhfj%2FUhPw31kYM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.2.34
flags.png
www.file-upload.org/mngez/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6331875
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WF54VCuzjI4z28mop6ROf7ZCc2UH7Bd7bcG9bhG2oOtzzUaKtqkIQ3keatVpQWNBPKy41r6SbTFHR8x%2BPX%2FGy%2BbjLRrd8vk60Mk6xfydYX8R6rWt%2BvT%2Fh8cAOUstyyc5NpHrOxl%2Bye6xOztxJAwXJYQw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed4336bf7ac66-YYZ
expires
Tue, 14 May 2024 17:36:47 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2392
etag
"12d68-5fe4d56c8e4d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NPdrocj0y2oJnwKJoL4Ztfd%2FooRhf0DRuUDzDJA9YbpwGAgViwPDrVSjKr4g5HKdhn8%2BD1z6FvXV9cAHadobqFLtz%2B%2B%2FH2GGQBlK0ALWpm3gQ%2BlaHuK%2BV7As8g2lKwFdh%2B%2BvXYWb7TcMg1qTTx93aXGN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a5ed4337c09ac66-YYZ
alt-svc
h3=":443"; ma=86400
content-length
77160
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6285
etag
"1ee0-5fe4d56c8f861"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrEmCLrcrZsiID45Wn%2Fm%2FE6t5jIcpX9mfGE8YOmcqHa7B5YGLmZmypv7LCLIZTnxndF634GaWE4EYeW9pYdx2LiuSvyECdFCm4Nfo%2FfmcwO51kI%2FvSumYVlIBcVDKMzE%2FDjBuMH4tgyKuZxwjeSGorcn"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a5ed4337c0aac66-YYZ
alt-svc
h3=":443"; ma=86400
content-length
7904
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.file-upload.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:02 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2392
etag
"1ecc-5fe4d56c90801"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgntGJcXLU2yt%2FjucddvOKV0IlYGSY4xzvGBgfWCMfsoep4HSQHUZSAa%2BJT0r4RfL5p58il27BeiaPtDSpf%2BpCw6nXccTDcQ4UcnInlZGcQl5JQCMjYskb2cg1VpIJYhUwKG5ZKwk8JRY%2FbeBQB8AMr1"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a5ed4337c0bac66-YYZ
alt-svc
h3=":443"; ma=86400
content-length
7884
app.css
www.file-upload.org/mngez/css/
Redirect Chain
  • https://www.file-upload.com/mngez/css/app.css?v=1
  • https://www.file-upload.org/mngez/css/app.css?v=1
247 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/css/app.css?v=1
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
941281
alt-svc
h3=":443"; ma=86400
content-length
41420
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3dcf1-5fe4d56ca6b7a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFLDcf9%2BL%2F8B54oNlF7YIhLh%2B%2FqXlLKgL1%2BcFh0%2B36xrtH3DgmFWiPamlLcgaaTIum4bsT4T9wL3%2FaCkNJLNBVFTID0S7IvZImbOykrZwNLvnPwr%2BwujdEeXpV6YeUdAFxTNJhVi0a6z8kg3ncz4OjJz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2692000
accept-ranges
bytes
cf-ray
8a5ed43b2f87abbe-YYZ
expires
Wed, 10 Jul 2024 03:00:02 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTnbBWwKNGNHvSANqBDDPMj1NgKWislyhvlwkhl%2By%2BWl2%2FHhss6aAElItlHp5ymfscmQ8gPmF5VCqgGxrfjzD2fD04iIfOk19s%2BAkzMYRBL7TdgTlSL9718lriUPxWJoJutkNE2h"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/css/app.css?v=1
cache-control
max-age=31536000
cf-ray
8a5ed438bdc6abb8-YYZ
alt-svc
h3=":443"; ma=86400
logo_new.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/logo_new.png
  • https://www.file-upload.org/assets/images/logo_new.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/logo_new.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6333280
alt-svc
h3=":443"; ma=86400
content-length
3215
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"c8f-5fe4d56f9b8f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGFLwWvrJs8l45vg3whh72bqoDr3d4ctuheUUWw5%2B0YBpUAQ94BqxQ7ib3TkXujpgOZqecAjvsNyPUcaChAyQKz%2FAh5dC1WJ0sHUseDVuBSqP17aDwnuoeAJh%2FlP%2BDhw37ReNCuyVl1zaKnGqKG81HS5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed43b2f83abbe-YYZ
expires
Tue, 14 May 2024 17:13:23 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsTs%2Fu9THD%2FlWZsNOZ7lKqKybuIwEVhNktfrC1sLMNJP1w3aQHlQu7kbk5UwGiLOh%2ByXzvZRGRIQOxLBGMwbKMFDzWLgvkYjZ8xLkggL462qZAHncIt%2BhXv6xD7%2FSGdqaEJbc5ZU"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/logo_new.png
cache-control
max-age=31536000
cf-ray
8a5ed438bdc9abb8-YYZ
alt-svc
h3=":443"; ma=86400
email-decode.min.js
www.babup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:37eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.babup.com/file.php?get=rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBbESeBDnfKVSdsWe7IDQdlblcmC3flqy37%2FhisBB%2FFduFYjGvu5NX07VPKcRaZFmSMF%2FFocTwABqeK%2Ba2qj%2BzcWVT4%2FgUeuwE8ZAIL0y%2FEIfRhyBsBKjVggFW6O5jODBGdHPyi16gkkRdrF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a5ed4373c4eac5e-YYZ
expires
Mon, 22 Jul 2024 00:28:03 GMT
anti1.png
www.file-upload.org/mngez/images/
Redirect Chain
  • https://www.file-upload.com/mngez/images/anti1.png
  • https://www.file-upload.org/mngez/images/anti1.png
19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti1.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5756313
alt-svc
h3=":443"; ma=86400
content-length
19118
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"4aae-5fe4d56c96d92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3AION%2F69Dg9sNuZTSLPytU2ktBMtJHytGZ1xdP2Rgh10prdtFMrX3yFXaAbvE5rqVFBkw%2FqyiJRwL%2FwJD9ktS4VoyanjyDvZhCg0Nayd9qBbcHniq%2F7Flj54rHX%2FbIkb2DwDBS%2FD7w2%2BGYRJdEXkTz6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed43b2f80abbe-YYZ
expires
Tue, 21 May 2024 09:29:30 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ii0fZntiuM4vIvtKymIEB7IYiBWE3Yt89%2Fs65rM9PzfQyL902DJ%2Bvc3sz7%2BLpnaXi81Tl45CdN8fYelp6cs2GYDd7k5srQxyQcsdsuSwfOXljL4vMIHGnLda0Fa5FWxI4LEIoUCH"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/images/anti1.png
cache-control
max-age=31536000
cf-ray
8a5ed438bdc8abb8-YYZ
alt-svc
h3=":443"; ma=86400
anti2.png
www.file-upload.org/mngez/images/
Redirect Chain
  • https://www.file-upload.com/mngez/images/anti2.png
  • https://www.file-upload.org/mngez/images/anti2.png
641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/anti2.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6337346
alt-svc
h3=":443"; ma=86400
content-length
641
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"281-5fe4d56c988ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rJkzjRbQLPIq2C%2B000Jtz4WhCaPFWUNAH93UegbwTK0lojJDGGH0IHUzewkQV3lF2WTNRNKzmzwxk9CmRbaAlLPKtBFYUDdNAKsNcgCC9Q5XFYaoeeCFiBmd3WyAwEFnIvRvGec3PyuhqPPyR5GHQSy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed43b2f85abbe-YYZ
expires
Tue, 14 May 2024 16:05:37 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEdR7gAMJCS1Kk0AGk6IEzqDYwC331%2FaE%2By%2BKOxeLqAVZVnJufk%2F%2BBQvC5xW8hADMu9GPdEmK7pEXzvIb%2FmMz0jhZR58Zu9MgjJK940It3D7JxA1XDU4vtTj0pEARptTY%2FHWZa4%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/images/anti2.png
cache-control
max-age=31536000
cf-ray
8a5ed438bdc7abb8-YYZ
alt-svc
h3=":443"; ma=86400
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=ff6622a1-89c3-492e-8fab-02994910b766
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cdn-edgestorageid
925
x-powered-by
ASP.NET
cdn-cachedat
06/03/2024 17:32:44
cdn-pullzone
1574055
content-length
4535
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
BunnyCDN-ASB1-925
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"0abbdbd420cc1:0"
content-type
image/png
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
7546d78a077f259aacf49cd1655cf5dc
accept-ranges
bytes
cdn-requestcountrycode
US
link
<https://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png?ID=6215c2ff-22c6-4a51-ac3d-f4ff89588f3c>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
norton.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/norton.png
  • https://www.file-upload.org/assets/images/norton.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/assets/images/norton.png
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6328941
alt-svc
h3=":443"; ma=86400
content-length
4963
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"1363-5fe4d56f95368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVf9PcbehgtpbZo4Hl%2B5lkiiX241JLkbmawGU%2BM%2BY770d40AAtH201U03zvCcci6i7fDGhDWGzAUt98UjljOG7nmWWAH9MIi09FbmNj7Ots4pcyg18eziJu71BJjJOCa8NHNf83%2BymsW%2BaaKC5GEFOWu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed43b2f86abbe-YYZ
expires
Tue, 14 May 2024 18:25:42 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
405
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2pseWEqtQTaa68nLJruYCZlDpybdKluYWcIZKcJvSlwBFqk9oM%2BN2NlAIBp09tOXDktUcbr641R%2BqesTCUP%2BHXeejM7P9odErRamBrSNUrGgMBbKiQNx4n5Zc830Yy7Xq8My1r"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/norton.png
cache-control
max-age=31536000
cf-ray
8a5ed438bdcbabb8-YYZ
alt-svc
h3=":443"; ma=86400
rocket-loader.min.js
www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:37eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.babup.com/file.php?get=rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azE%2B4%2BIFANu1mySra5c5cIyGMnoJefA0dn8feN8fZ1SL%2Bs3%2B1sxlqivB4ad0i3gfr%2F2fTu71mdw8mKEqGBZiRMa5v6W9dYHHizgeGGPrRuicVRHY9lYXX7lb6xH%2BcTRDP7DitwQS%2FPLF3dni"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a5ed43a9eb3ac5e-YYZ
expires
Mon, 22 Jul 2024 00:28:03 GMT
flags.png
www.file-upload.org/mngez/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.file-upload.org/mngez/images/flags.png?d4fb57708a39de8290622e0f24106367
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6331877
alt-svc
h3=":443"; ma=86400
content-length
15022
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"3aae-5fe4d56c9bbb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgap1eXlUgComQwaR9gagApKFf%2BGFlKWTUvcbt5r9%2BO7T2B6Fd5qKuf6ihI%2FdypP07HF%2B1fWcpl7orykeoB3z%2B2Wdmgoy0OiIy3SqH07oO3AfCdA6IA1quwXVoHlPECnPBYmDL4WRp3XyIU13fWz7bdq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed43d8a38abbe-YYZ
expires
Tue, 14 May 2024 17:36:47 GMT
fontawesome-webfont.woff2
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		0
0
poppins-v5-latin-regular.woff2
www.file-upload.org/mngez/fonts/ 		0
0
poppins-v5-latin-500.woff2
www.file-upload.org/mngez/fonts/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ad24a6025582f9c6c3aa6bc2bca15eb86353a8e27dafeaa5aeb6b2755725d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Origin
https://www.babup.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53846
x-xss-protection
0
server
cafe
etag
3431406064218662278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 20 Jul 2024 00:28:04 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 18:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Jul 2025 18:02:44 GMT
app.js
www.file-upload.org/mngez/js/
Redirect Chain
  • https://www.file-upload.com/mngez/js/app.js?v=20
  • https://www.file-upload.org/mngez/js/app.js?v=20
235 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/js/app.js?v=20
Requested by
Host: www.babup.com
URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3aa0d-5fe4d56c9e2c2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhkyM%2F%2FL3%2FsDvaLimKcc9Jecle6F3n7U%2BhvWDmCGOqS18WLtrWMSCM5DMbBOCWnUfySVj7LnevfYoAYp2VuRb7YVnKZiDqEeNHbhNvy7p7MsI978Tn6b3oJ4xG%2FShFg4zbFYUonoFabRpjF2fJt%2BYCH7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2692000, private
cf-ray
8a5ed43e7ae9abbe-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 20 Jul 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
406
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVbsammciFnXaM5%2BeTTPTUn67FF9gYTySaM0ihd%2BLeY35GvKfk9J2st0tNJTZbHUYL22kjId8vcXY3RLQK1MSntmq%2BsJJ%2F3z6Q8wCB5Ua7OP%2FcHH6dri%2BMbKU%2B3upu28yZsZdv10"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/mngez/js/app.js?v=20
cache-control
max-age=31536000
cf-ray
8a5ed43dba34abb8-YYZ
alt-svc
h3=":443"; ma=86400
atrk.js
certify-js.alexametrics.com/ 		0
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 23:53:00 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2104
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 20 Jul 2024 01:53:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c28cefc8f29a268f6d95f5547d37bd8eb24623d7c7ab321fcb15d227470ab00a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jul 2024 00:28:04 GMT
content-md5
MGWFXpm55S7XqPPPqFne9g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1392, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
PqfW0XsPBMMKbVyHa4dNyLHcIUH+juaZ4pjMUSArMyErO+GRK9h7D0QRAPxt3AqlVFmDSzWhdJMzxQE5HplSVw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8290736d4dcd028e69a0b873d2c50ffc
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8004c4e7e8e4b7482049224e853173b9"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:46:33 GMT
sdk.js
connect.facebook.net/en_US/ 		305 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
648bd990f0c58184b20be06892c829721200d6e867f666f5e0e89cba85e62296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.babup.com/
Origin
https://www.babup.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jul 2024 00:28:04 GMT
content-md5
pEKYsjUb/o6K80zC3LiUpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89055
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=13, mss=1392, tbw=2764, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
AjjOd5duU9Q9uOcULzTyaVssPc7rDT0XNq/yS1md/gVrAQsPHSWmE4XUV1+bYd9Cmrlw4vIShZSq00F12UNdZg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4e891879c0ded2dc143425bf301cc303
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"90bd992e266ac865af2e8e88a60bcc7a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 18 Jul 2025 12:31:35 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6df4d994e34da388ebd813e87ee31f53eabc41e9078d60e8177612621ac4fb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76227
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 20 Jul 2024 00:28:04 GMT
blockadblock.js
www.babup.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.babup.com/blockadblock.js
Requested by
Host: www.babup.com
URL: https://www.babup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:37eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e367a2d0e62116b0a999990fdf2a3584d916ca0458269b6a43e825b7bdbcb060

Request headers

Referer
https://www.babup.com/file.php?get=rsomxwsrpcrb
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2525
cf-polished
origSize=6947
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 10:11:48 GMT
server
cloudflare
etag
W/"1b23-6038039110a59-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDsdj1Y6HJ7ZN7Z1A%2FOL%2B6BhfNT5mdmLISDkBQJikgz3wtckWIrRVNO2ZcolVTb2%2FdMq6qjgPEKUj37ZBBQKZpdtGeJqPRY1dv09296uIJJUOJCPyaUbGqRE5o%2Bq1NAi1ounmYx3vdCNpZdp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8a5ed43db960ac5e-YYZ
poppins-v5-latin-500.woff
www.file-upload.org/mngez/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.babup.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5755844
alt-svc
h3=":443"; ma=86400
content-length
10420
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28b4-5fe4d56c94299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x21IWVi43D%2Fn9bYCOhfuDif%2BryAD%2Foz06pjNq7DSLv0wDVhNDVAa3f2SKr%2FKnX2YUCtm55rJTYyeCEwd5W49H8mSWujtMz80W%2BFq%2Fz2U2J16msRTldl9qgqQGqN6BHFgmFI8MJY1fM4rth4CXTFvdMDs"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed441dbbeac36-YYZ
poppins-v5-latin-regular.woff
www.file-upload.org/mngez/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.babup.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6335337
alt-svc
h3=":443"; ma=86400
content-length
10400
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"28a0-5fe4d56c936e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BWATfxQTQNQ5PAXKssK%2FBvcGIisSk0gbblYJCA0Yn%2FmgJbZz9b7DSDPeil3MYgeBC0iuzQwHZLbh2x0bpD73xN%2FVfSaPhuaygWB5aSEAsrLTWG17tDS29u4TfE4g3ncxW8w%2Bisabi2T4fisBqzNWu86"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed441dbbfac36-YYZ
fontawesome-webfont.woff
www.file-upload.org/mngez/fonts/vendor/font-awesome/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
Requested by
Host: www.file-upload.org
URL: https://www.file-upload.org/mngez/css/app.css?v=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://www.file-upload.org/mngez/css/app.css?v=1
Origin
https://www.babup.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6325270
alt-svc
h3=":443"; ma=86400
content-length
98024
last-modified
Sat, 17 Jun 2023 06:23:25 GMT
server
cloudflare
etag
"17ee8-5fe4d56c8f479"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=70gbDVI3pdYCndCTRzrgTPxnzMcCPALrYETfz4%2BWcQRKXcBOpL6OJ7EcZh%2B8aE1plAiY4UpTps8UHfV5P1KLHowHYk30N%2ByFGceSRYrSEVMXhBBsxq2tb57F3QtRhd6L1RNhl2Bdoel4biHtNWsN5rB9"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed441dbc0ac36-YYZ
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20bec4e4cf23cdc61ac72787a828435279169c7e1de626223ae895c7f384f617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33172
x-xss-protection
0
server
cafe
etag
13700590381405651042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:28:05 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
077feddea40f15dc9e94395942cad818128124395f633b57ffc78066467c6ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146819
x-xss-protection
0
server
cafe
etag
9642267148163725226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:28:05 GMT
favicon.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/favicon.png
  • https://www.file-upload.org/assets/images/favicon.png
2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/assets/images/favicon.png
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732d7d5bcbcd4de4a8effa90fc28b8045c38ff54345d8680826cbb2c81915449

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6325329
alt-svc
h3=":443"; ma=86400
content-length
1692
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"69c-5fe4d56f8fd78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1rYtOJSyiQnjfqgrzpboN64QU7cWHZEhZw2%2FN5LuX%2F1uyrhIytsAq4eSeYLKYImvhXGbkfQvD8YxlBcFYU4YIw%2BUyudE%2BTQ8Zwg1%2BPxadJyxmGv7Df6QsMuNeXLPMjPkgPkH4%2FGCubgcSGMjx3YOhw4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed444f94fabbe-YYZ
expires
Tue, 14 May 2024 19:25:56 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
407
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FuVpw2A19uEXur6wfCGoAJs%2B9UdgYBBlFxQqdvpbVwwVp3FziokC2ut4lSRj991MUNRVU5Mt4s3gpZiQZFLNPcw61eegbgX4dGFov12UlLcfDfdjJySRXBAxDCObn24bZmiCMUIA"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/favicon.png
cache-control
max-age=31536000
cf-ray
8a5ed44479d2abb8-YYZ
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		255 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77247d2d7596170e8c6f6f3bb240bb8ab210ccfcf4aa28525951158ce4a2ed5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91795
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Jul 2024 00:28:05 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119779859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 22:39:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6495
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 20 Jul 2024 00:39:50 GMT
td
www.googletagmanager.com/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-119779859-1&v=3&t=t&pid=547550627&dl=www.babup.com%2F&tdp=UA-119779859-1;;0;0;0&frm=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 00:28:05 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
www.file-upload.org/assets/images/
Redirect Chain
  • https://www.file-upload.com/assets/images/favicon.png
  • https://www.file-upload.org/assets/images/favicon.png
2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.file-upload.org/assets/images/favicon.png
Protocol
H3
Server
2606:4700:3035::6815:390e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732d7d5bcbcd4de4a8effa90fc28b8045c38ff54345d8680826cbb2c81915449

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6325329
alt-svc
h3=":443"; ma=86400
content-length
1692
last-modified
Sat, 17 Jun 2023 06:23:28 GMT
server
cloudflare
etag
"69c-5fe4d56f8fd78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1rYtOJSyiQnjfqgrzpboN64QU7cWHZEhZw2%2FN5LuX%2F1uyrhIytsAq4eSeYLKYImvhXGbkfQvD8YxlBcFYU4YIw%2BUyudE%2BTQ8Zwg1%2BPxadJyxmGv7Df6QsMuNeXLPMjPkgPkH4%2FGCubgcSGMjx3YOhw4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a5ed444f94fabbe-YYZ
expires
Tue, 14 May 2024 19:25:56 GMT

Redirect headers

date
Sat, 20 Jul 2024 00:28:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
407
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FuVpw2A19uEXur6wfCGoAJs%2B9UdgYBBlFxQqdvpbVwwVp3FziokC2ut4lSRj991MUNRVU5Mt4s3gpZiQZFLNPcw61eegbgX4dGFov12UlLcfDfdjJySRXBAxDCObn24bZmiCMUIA"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.file-upload.org/assets/images/favicon.png
cache-control
max-age=31536000
cf-ray
8a5ed44479d2abb8-YYZ
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3T7TKCZCC9&gtm=45je47h0v9114416819za200&_p=1721435285123&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=275547456.1721435285&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1721435285&sct=1&seg=0&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2979&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3T7TKCZCC9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 00:28:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.babup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1293838557&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babup.com%2F&dr=https%3A%2F%2Fwww.file-upload.org%2F&ul=en-ca&de=UTF-8&dt=File-Upload%20%E2%80%93%20forex-article.store%20%E2%80%93%20FileUpload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=933932946&gjid=917589400&cid=275547456.1721435285&tid=UA-119779859-1&_gid=1035661918.1721435286&_r=1&gtm=457e47h0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=748289018
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Jul 2024 00:28:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.babup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9176521898341909
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/ Frame 11AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
9085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 21:56:41 GMT
etag
2738592464165616
expires
Fri, 02 Aug 2024 21:56:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5B25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721435286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.babup.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~34~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~34~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_15~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285112&bpp=9&bdt=2074&idt=914&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3327420629092&frm=20&pv=2&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=940
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
136060
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:07 GMT
expires
Sat, 20 Jul 2024 00:28:07 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240717&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fb266afb1e6b0395a0e808c00207bfb92ad5c11b830bb51da120a10586e5413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12936
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C022 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2300165494&adf=3874372513&pi=t.ma~as.2998985278&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435286&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285190&bpp=2&bdt=2152&idt=881&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43579
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:07 GMT
expires
Sat, 20 Jul 2024 00:28:07 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 649C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2998985278&adk=2869380213&adf=2180648201&pi=t.ma~as.2998985278&w=555&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435286&rafmt=1&format=555x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285204&bpp=1&bdt=2166&idt=882&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=884
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
25166
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:06 GMT
expires
Sat, 20 Jul 2024 00:28:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7328 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9176521898341909&output=html&h=280&slotname=2926863663&adk=2239653313&adf=4063321098&pi=t.ma~as.2926863663&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435286&rafmt=1&format=1110x280&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435285206&bpp=1&bdt=2169&idt=888&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C555x280&nras=1&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12885
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:06 GMT
expires
Sat, 20 Jul 2024 00:28:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Jul 2024 00:28:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
51030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 10:17:37 GMT
expires
Sat, 19 Jul 2025 10:17:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8E6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0wfk6w3li3ck81pBvCBuiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.babup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0wfk6w3li3ck81pBvCBuiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:07 GMT
expires
Sat, 20 Jul 2024 00:28:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/ 		171 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855d574041346ec37ee26f279425e21b6c5f45b86de229cc1bcde2f0b35a3c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58850
x-xss-protection
0
server
cafe
etag
7276985089115804846
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:28:07 GMT
ca-pub-9176521898341909
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9176521898341909?href=https%3A%2F%2Fwww.babup.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a4ed766915fe252b4f82b1fde2cfa0160b4e9c39ef74373e0ea0833e1821667
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2aBOntiNUFqXtCr8krTdCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2aBOntiNUFqXtCr8krTdCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxELcHDM632xhE2g43CugpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgbmimZ2AWX2AAAFWmOzI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.WVceCakmlOU.es5.O/am=GgY/d=1/rs=AJlcJMxt3R5uPPLmmL48Wq0cBddnDyfV2A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gPKUXJk9lH7ck9qLePWM_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Jul 2024 00:28:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gPKUXJk9lH7ck9qLePWM_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzGj880WNoEPbTfeMCm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzQzM9A_P4AgMAbNosKQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX1D3lt8wDpOE6dI3PuMtPUDgA9xKYeDDTRoc-qk5WS5pqlM4Jnf9128g8SP9TL5AfYK5gHfY002-WL7NfSH41i7hmiXlil49jxBduD6j4cpd0h4dJ82Tc8FI-2UJH_JFkLz1CZbA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX1D3lt8wDpOE6dI3PuMtPUDgA9xKYeDDTRoc-qk5WS5pqlM4Jnf9128g8SP9TL5AfYK5gHfY002-WL7NfSH41i7hmiXlil49jxBduD6j4cpd0h4dJ82Tc8FI-2UJH_JFkLz1CZbA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNDM1Mjg4LDI4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIldWY2VDYWttbE9VIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.WVceCakmlOU.es5.O/am=GgY/d=1/rs=AJlcJMxt3R5uPPLmmL48Wq0cBddnDyfV2A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54cf07ca436c6e33a1706d0e7e0f202d5c3517041fc2b806798eff0b1aca93c2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HlA3S1DiC7sKq0SQXRubgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HlA3S1DiC7sKq0SQXRubgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1pBiWMy_i-nkrdtMF4H4vNMdputALPH1JZMaEDulz2ANAGKf-hmsUUDcevMc62Qg_vz4HOtvIE76d561AIiXRFxkPZB4kfXg44usJ4HYUOESqz0QC_FwzOh8s4VN4MXX9mWMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYG5oZmegZm8QUGAGoyQug"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F37B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2316120902&adf=3609186151&pi=t.aa~a.1000136111~rp.4&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435288&rafmt=1&to=qs&pwprc=6385710038&format=1110x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435287690&bpp=1&bdt=4652&idt=-M&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9d4e3cbd830ae18c%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYtkvKlp029-GTlyEiRleFT6tmF6g&gpic=UID%3D00000ea02393d9dd%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYoUhFJq1tlLptyShPJypAFyzLw6A&eo_id_str=ID%3D83cf77ad91cc6d89%3AT%3D1721435286%3ART%3D1721435286%3AS%3DAA-AfjbSY5Lqzy-tLRDgRVnG2GeT&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280&nras=2&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmj3j-TX0lWmewTwVE_LhhJWyKWwQoODBoSDntYXmAdzPXNW4pN3dNwdD0nlBVbHqfx9AWt2pR_zhkVUQ%2CAOrYGskog7EldZqJ0ddP265Yb36AvXQ69Hd9bbS9xSzbcUvj677tA1fqwetz4BENXo_nYb6MUpPX7zLT9Z6_JKa_dg7EhN9B&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=594
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
44524
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A2AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9176521898341909&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.357680634~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1721435288&rafmt=1&to=qs&pwprc=6385710038&format=1200x90&url=https%3A%2F%2Fwww.babup.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721435287690&bpp=1&bdt=4652&idt=-M&shv=r20240717&mjsv=m202407150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9d4e3cbd830ae18c%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYtkvKlp029-GTlyEiRleFT6tmF6g&gpic=UID%3D00000ea02393d9dd%3AT%3D1721435286%3ART%3D1721435286%3AS%3DALNI_MYoUhFJq1tlLptyShPJypAFyzLw6A&eo_id_str=ID%3D83cf77ad91cc6d89%3AT%3D1721435286%3ART%3D1721435286%3AS%3DAA-AfjbSY5Lqzy-tLRDgRVnG2GeT&prev_fmts=0x0%2C1110x280%2C555x280%2C1110x280%2C1110x90&nras=3&correlator=3327420629092&frm=20&pv=1&ga_vid=275547456.1721435285&ga_sid=1721435286&ga_hid=1293838557&ga_fc=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95334525%2C95334829%2C95337027%2C95337870%2C95338248%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&psts=AOrYGsmj3j-TX0lWmewTwVE_LhhJWyKWwQoODBoSDntYXmAdzPXNW4pN3dNwdD0nlBVbHqfx9AWt2pR_zhkVUQ%2CAOrYGskog7EldZqJ0ddP265Yb36AvXQ69Hd9bbS9xSzbcUvj677tA1fqwetz4BENXo_nYb6MUpPX7zLT9Z6_JKa_dg7EhN9B&pvsid=3486787644623300&tmod=812568159&uas=0&nvt=1&ref=https%3A%2F%2Fwww.file-upload.org%2F&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=596
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
27825
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jul 2024 00:28:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/ Frame 1C42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
9085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 21:56:41 GMT
etag
2738592464165616
expires
Fri, 02 Aug 2024 21:56:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/ Frame 21DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
9085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 21:56:41 GMT
etag
2738592464165616
expires
Fri, 02 Aug 2024 21:56:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/ Frame 638F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
9085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 21:56:41 GMT
etag
2738592464165616
expires
Fri, 02 Aug 2024 21:56:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/ Frame 5EBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240717/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
9085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 21:56:41 GMT
etag
2738592464165616
expires
Fri, 02 Aug 2024 21:56:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
AGSKWxXiF2L25R9yEbP7a_LX8cJgvsJzcNHdB4iBhoG9AqQCBSXf4l2eFOkRob61lhf10l77MCVOKv1D3qm2sXAyX3TpQsFqU4h_7wC_g8Xc8pYota-CfmVVVnDy0b5S1qiVezypmAA3mQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXiF2L25R9yEbP7a_LX8cJgvsJzcNHdB4iBhoG9AqQCBSXf4l2eFOkRob61lhf10l77MCVOKv1D3qm2sXAyX3TpQsFqU4h_7wC_g8Xc8pYota-CfmVVVnDy0b5S1qiVezypmAA3mQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNDM1Mjg4LDQ4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJhYnVwLmNvbS8iLG51bGwsW1s4LCJXVmNlQ2FrbWxPVSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.WVceCakmlOU.es5.O/am=GgY/d=1/rs=AJlcJMxt3R5uPPLmmL48Wq0cBddnDyfV2A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00c2f15931b744f126df76fe76307f66b467d494305b078572e18a7f81fa09e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QIr4wrYE-YwuV-3JjgT45Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-QIr4wrYE-YwuV-3JjgT45Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HDM632xhE5jw4fsUJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3NDMz0Ds_gCAwC22Dxf"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
RivistaOpenX._adskin_
fundingchoicesmessages.google.com/f/AGSKWxUJ20KBPv-9W-oNQdAxmQ1HYoImDOS5gwsxYaPt9Clk-cwvEeBFsqknMqQrq4ovVVS5RP_ANPKuPPrswwTBr8i1iNS_dl_aVpUJ-YrDM7zHnW4ZM_z7f44T57PI5w1C8jYPV7gah28OjIdfS54M2ae3KSlkk... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUJ20KBPv-9W-oNQdAxmQ1HYoImDOS5gwsxYaPt9Clk-cwvEeBFsqknMqQrq4ovVVS5RP_ANPKuPPrswwTBr8i1iNS_dl_aVpUJ-YrDM7zHnW4ZM_z7f44T57PI5w1C8jYPV7gah28OjIdfS54M2ae3KSlkke-Mv00RHRFA-C6lYiJdBeT6S9JpSQUR/_/reklama5./700x90./spacedesc=/RivistaOpenX._adskin_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.WVceCakmlOU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyzq-0Q3S8KncxfC-OaUQd4WXL9WA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4947c8c092e4dc4f880eda3a3d70133f717bc104192e53e4e95f86d0ea8bb1c9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-luxvuG8Vei5-bur6Tzv_7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 00:28:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-luxvuG8Vei5-bur6Tzv_7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HDM732xhE9hxftsxRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA3NDMz0Ds_gCAwC2AzxY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.WVceCakmlOU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyzq-0Q3S8KncxfC-OaUQd4WXL9WA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c60dc225f87f758bcfa0659c5ee06c5ccc40b43e693f8a8976f768aff8cd650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 23:40:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
server
cafe
etag
965654746716675454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:40:55 GMT
AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.WVceCakmlOU.es5.O/am=GgY/d=1/rs=AJlcJMxt3R5uPPLmmL48Wq0cBddnDyfV2A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sJsrw5e3Rkjii1_gihWbOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.babup.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Jul 2024 00:28:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sJsrw5e3Rkjii1_gihWbOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEwzGz880WNoELH-9tYVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmhmZ6BubxBQYAdGgsQg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babup.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxWw49zewCxx1B7HfvgtoYrP1wMv_QsCaHU707W-gvh7pQM9p3em5PRwlYNL5o8DWEdnoWGMTCvwiKwtHbVk-Hu_T7VKEnMLmzZjChYJOeYU0JdCqj7nLBXUT7CWcL4KEk1DJOccFQ==
fundingchoicesmessages.google.com/f/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Domain
www.file-upload.org
URL
https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240717&jk=3486787644623300&bg=!NjWlNXrNAAakBOpbhAQ7ADQBe5WfOGRrvQZn14NishimyvZFcBCw553daAbZzRxlay-Y9dVSGvKZwJPS80UlHJCq0AlyAgAAAEdSAAAABGgBB34ANpj9QsisN5kb0vBPlptm_7Yi52LYKzhjMeXGgIZlNx1AEDP9HL3PgxAoIzhEcYlPseRJp-3DgpkCrosZbU2g_xDFZTijWMH8idxxEZ6hvGXBOPUaofYRMVLNBvChHA-yFRJbl1oioE3jiZ72H99ICmFnOansqc44310Fk29NeYN4QG5LSTwjuHVYPGICcwFLCxCkEvyzrWHMN5SJIagi-5jVdkWVO0LC9GVFP8NL2ZBiVWFnbPm6HRucq_GYK2EliZSQiSQmllhAMYhmjtytU-Yx_BLMqlkXF7ROx80dBNDtdG7uEtv9Nto8LuYGitwdhzOO2-RKfqIcQjysR-6c2kzH1_1C2-fTpEcIpsp-U0jk3WDhbSa_pz7MUAx_IKL5peOWC9rENi4ztV746ibQhnTVnZ6BxZrM93MmMyMywN8yScM3tAjY4CnNYgPcj3T-V5AsDIVrjmjwirBFX0BhxoajToryTGJXgHi9D3--s141G6ChGX9k8QeyNl-9i79i3-sysgj63HlcR0UyOMd3jab3gUVTfT32WXbUEgw3FCrglW3ZJEhs5bPsW2cqrDUB064sa9nphDTnjY97AjvSKrOco8nFqb8k5WNedqbamKA4PycolT9o9jTk0SOXNJ6YsDe4v68BPlJIeM-jiRJdDueoWBEStg_vs9HmqXH0u-DXo_78dhstVCElPeTJmi4GsOEgBCpYnOTur6pzoKknWv7e6egg-Sr3tQHo-XA7qyhc3C_zHVjFLMhbRCqBSUNk3aJc81bDSD4rB47KSnSI0BtA3qDjetCoKXJRR61KbSQE9dUCRLC6mFvd7i7QiAzFozRuig5xAXgOuau-yJBPPjLUbVDyU7kbS0TXcsy-YZSgwiL5OgwLrN-ufIAD6e561uLVA4cmOsORlZH5VbZX8A6f-aAmyxapYY5Y72BAJkRq4-i4fq5bHkw6wain8HOS43CqdAA6iqI1HFQCk0PirXVyMtXnrvZB
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuubLgSgYKXvlooUt7c9dybpZQJd0TLOMdg7nwdAP3kgeZx-jZ7Ne0nnYxqAYjt9zc__UY776Epp4HAZhHNIsxNUIga3Rd5_DWe5cd1aHGQF7bYYbGFWOZGp_HBEP0MfMj3l0jTQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/f/AGSKWxWw49zewCxx1B7HfvgtoYrP1wMv_QsCaHU707W-gvh7pQM9p3em5PRwlYNL5o8DWEdnoWGMTCvwiKwtHbVk-Hu_T7VKEnMLmzZjChYJOeYU0JdCqj7nLBXUT7CWcL4KEk1DJOccFQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNDM1Mjg5LDQ5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYmFidXAuY29tLyIsbnVsbCxbWzgsIldWY2VDYWttbE9VIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| __cfQR object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| BlockAdBlock object| blockAdBlock function| gtag object| dataLayer string| google_user_agent_client_hint object| google_tag_manager object| FB string| GoogleAnalyticsObject function| ga object| _gat object| _gaq object| html5 object| Modernizr function| yepnope object| jQuery1124008918206561785547 function| CBPFWTabs function| $ function| jQuery function| setPagination function| WOW function| eve function| mina function| Snap function| adBlockDetected function| adBlockNotDetected boolean| __cfRLUnblockHandlers object| gaGlobal object| gaplugins object| gaData function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| googletag object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NWEzZjc4M2M4ODZjYzg3M2xvYWRlcl9qcw== string| NWEzZjc4M2M4ODZjYzg3M2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 180d3304-1a19-4c54-a872-fe8712ef88c9

26 Cookies

Domain/Path Name / Value
.file-upload.org/ Name: aff
Value: 61263
.file-upload.org/ Name: lang
Value: english
www.file-upload.org/ Name: visited
Value: visited, visited_expires=Fri Jul 19 2024 17:29:02 GMT-0700 (Pacific Daylight Time), path=/
.babup.com/ Name: _ga_3T7TKCZCC9
Value: GS1.1.1721435285.1.0.1721435285.0.0.0
.babup.com/ Name: _ga
Value: GA1.2.275547456.1721435285
.babup.com/ Name: _gid
Value: GA1.2.1035661918.1721435286
.babup.com/ Name: _gat_gtag_UA_119779859_1
Value: 1
.babup.com/ Name: __gads
Value: ID=9d4e3cbd830ae18c:T=1721435286:RT=1721435286:S=ALNI_MYtkvKlp029-GTlyEiRleFT6tmF6g
.babup.com/ Name: __gpi
Value: UID=00000ea02393d9dd:T=1721435286:RT=1721435286:S=ALNI_MYoUhFJq1tlLptyShPJypAFyzLw6A
.babup.com/ Name: __eoi
Value: ID=83cf77ad91cc6d89:T=1721435286:RT=1721435286:S=AA-AfjbSY5Lqzy-tLRDgRVnG2GeT
.doubleclick.net/ Name: IDE
Value: AHWqTUnh0eMtAZvCuKu-2Tw09iGwmX2SiaxC_3DaqxxLcb5JyLvkIAx4b5zXX6QSmWk
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.mediago.io/ Name: __mguid_
Value: d091f8326827a2672og9qr00lyte4gvh
.googleadservices.com/ Name: ar_debug
Value: 1
gtrace.mediago.io/ Name: cst_70
Value: ts=1721435288
measurement-api.criteo.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mediago.io/ Name: dv0qai26lg6v2y6kl7yyc36brextdbft1dfydisk
Value: wu93jhe25w8
.mediago.io/ Name: dv0qai26lg6v2y6kl7yyc36brextdsu576dmk99
Value: 1emo8ri7vv9
.mediago.io/ Name: dv0qai26lg6v2y6kl7yyc36brextdd31tllas648
Value: a7t4my617le
.casalemedia.com/ Name: CMPRO
Value: 472
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMPS
Value: 472
.casalemedia.com/ Name: CMID
Value: ZpsEmEt3uZAAACbbAD3GGwAA
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1

16 Console Messages

Source Level URL
Text
intervention info URL: https://www.file-upload.org/rsomxwsrpcrb
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
intervention info URL: https://www.file-upload.org/rsomxwsrpcrb
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
intervention info URL: https://www.file-upload.org/rsomxwsrpcrb
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
intervention info URL: https://www.babup.com/file.php?get=rsomxwsrpcrb(Line 413)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
intervention info URL: https://www.babup.com/file.php?get=rsomxwsrpcrb(Line 413)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
intervention info URL: https://www.babup.com/file.php?get=rsomxwsrpcrb(Line 413)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
intervention info URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff?0261e08bd22d9f91c1d277cd4874ec95
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-500.woff2?08609a017d830988630ee1b38a7ef71a
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
intervention info URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff?1fce830e6112511a77108832e13172fd
network error URL: https://www.file-upload.org/mngez/fonts/poppins-v5-latin-regular.woff2?ce0c9ae08840a0b43bccb9f5a86e155d
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Message:
Access to font at 'https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e' from origin 'https://www.babup.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
intervention info URL: https://www.babup.com/file.php?get=rsomxwsrpcrb
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad
network error URL: https://www.file-upload.org/mngez/fonts/vendor/font-awesome/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
biturl.top
certify-js.alexametrics.com
connect.facebook.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.dmca.com
pagead2.googlesyndication.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.babup.com
www.file-upload.com
www.file-upload.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
certify-js.alexametrics.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
www.file-upload.org
172.67.146.80
2606:4700:3032::ac43:b56c
2606:4700:3034::6815:37eb
2606:4700:3035::6815:390e
2607:f8b0:4004:c06::93
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c07::84
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1d::61
2607:f8b0:4004:c1f::9d
2607:f8b0:400d:c04::71
2607:f8b0:400d:c0d::8a
2a03:2880:f003:100:face:b00c:0:3
37.19.207.34
00c2f15931b744f126df76fe76307f66b467d494305b078572e18a7f81fa09e5
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
077feddea40f15dc9e94395942cad818128124395f633b57ffc78066467c6ee8
0fba3d50b8fc647da65e359018f7b951e285d9ee192c600d39bad93bc3002983
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
20bec4e4cf23cdc61ac72787a828435279169c7e1de626223ae895c7f384f617
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2fb266afb1e6b0395a0e808c00207bfb92ad5c11b830bb51da120a10586e5413
3e4dc309817221417205c20dceff2dc39d90c460fbfae740a4bd99cd27194ae9
4947c8c092e4dc4f880eda3a3d70133f717bc104192e53e4e95f86d0ea8bb1c9
4ad24a6025582f9c6c3aa6bc2bca15eb86353a8e27dafeaa5aeb6b2755725d9b
54cf07ca436c6e33a1706d0e7e0f202d5c3517041fc2b806798eff0b1aca93c2
5673d5c33ae061335d136a7c0a95fabaff555eb5946e71758837bf735d06ae1b
5e6dc2503fa1a61994e359a2df93d11bf35f589c9be5ce351c2cc157b672a74a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648bd990f0c58184b20be06892c829721200d6e867f666f5e0e89cba85e62296
6a4ed766915fe252b4f82b1fde2cfa0160b4e9c39ef74373e0ea0833e1821667
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df4d994e34da388ebd813e87ee31f53eabc41e9078d60e8177612621ac4fb96
732d7d5bcbcd4de4a8effa90fc28b8045c38ff54345d8680826cbb2c81915449
769ee939d30b52b87188279843d794f4d5c5d6f21686214094bc682c23d99b2c
77247d2d7596170e8c6f6f3bb240bb8ab210ccfcf4aa28525951158ce4a2ed5b
855d574041346ec37ee26f279425e21b6c5f45b86de229cc1bcde2f0b35a3c67
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8c60dc225f87f758bcfa0659c5ee06c5ccc40b43e693f8a8976f768aff8cd650
9ac0cd2a6724c0bec2fd911802c57ea3d570adc9ebe63e3d7b981776feea85a4
a89893d166d647ef4b835f100216d84d7e0fc9b6ba57d90716019ffd866a0c13
ab3b4928cd56c0165c0492340c2bd5e77405f7a485107039c765e4a9f587a205
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c28cefc8f29a268f6d95f5547d37bd8eb24623d7c7ab321fcb15d227470ab00a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6817ba7388f16634ae85e82e367e6a17180d67540dfd650918180c5d5bd856
e367a2d0e62116b0a999990fdf2a3584d916ca0458269b6a43e825b7bdbcb060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f