www.ba-bamail.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ba-bamail.com/
Submission Tags: falconsandbox
Submission: On November 03 via api (November 3rd 2024, 9:55:07 pm UTC) from US — Scanned from NL

Summary HTTP 84 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 28 domains to perform 84 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.ba-bamail.com.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.

This is the only time www.ba-bamail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
3	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	104.22.74.216 104.22.74.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	172.67.190.143 172.67.190.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.251.168.154 142.251.168.154	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	142.250.185.179 142.250.185.179	15169 (GOOGLE) (GOOGLE)
1	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.239.50.73 18.239.50.73	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	34.199.234.25 34.199.234.25	14618 (AMAZON-AES) (AMAZON-AES)
2	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
1	13.32.121.84 13.32.121.84	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	79.127.227.46 79.127.227.46	60068 (CDN77 _) (CDN77 _)
1	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1	15.204.46.116 15.204.46.116	16276 (OVH) (OVH)
1	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.1.4 178.250.1.4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.173.156.139 69.173.156.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	216.239.32.53 216.239.32.53	15169 (GOOGLE) (GOOGLE)
3	142.132.240.97 142.132.240.97	24940 (HETZNER-AS) (HETZNER-AS)
84	35

12 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.ba-bamail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.190.143 (United States)

ASN13335 (CLOUDFLARENET, US)

en.bcdn.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.168.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.179 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f19.1e100.net

stag-core.tfla.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-73.ams58.r.cloudfront.net

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f97.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.234.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-234-25.compute-1.amazonaws.com

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-84.fra60.r.cloudfront.net

cdn.qwtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.127.227.46 (Amsterdam, Netherlands)

ASN60068 (CDN77 _, GB)
PTR: unn-79-127-227-46.datapacket.com

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.204.46.116 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: ns1022841.ip-15-204-46.us

pbs.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.156.139 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.53 (United States)

ASN15169 (GOOGLE, US)

custom-fluentd-eyzeqmfaaa-uk.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.132.240.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.97.240.132.142.clients.your-server.de

endpoint-qwrap.prebidmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	bcdn.biz en.bcdn.biz — Cisco Umbrella Rank: 796754	323 KB
12	ba-bamail.com www.ba-bamail.com	239 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 region1.analytics.google.com — Cisco Umbrella Rank: 4401	127 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 ad.doubleclick.net — Cisco Umbrella Rank: 150	183 KB
3	prebidmanager.com endpoint-qwrap.prebidmanager.com — Cisco Umbrella Rank: 127868	331 B
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 13640 flint.defybrick.com — Cisco Umbrella Rank: 13193	20 KB
3	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 14947 log.outbrainimg.com — Cisco Umbrella Rank: 4443	2 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 883 api.btloader.com — Cisco Umbrella Rank: 1013	21 KB
3	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2166 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4861	94 KB
2	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1613	538 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 904	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	203 KB
1	run.app custom-fluentd-eyzeqmfaaa-uk.a.run.app — Cisco Umbrella Rank: 71625	160 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 556	295 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 492	2 KB
1	criteo.com grid-bidder.criteo.com — Cisco Umbrella Rank: 2844	224 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 267	965 B
1	nextmillmedia.com pbs.nextmillmedia.com — Cisco Umbrella Rank: 2993	6 KB
1	adform.net adx.adform.net — Cisco Umbrella Rank: 6462	534 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	1 KB
1	qwtag.com cdn.qwtag.com — Cisco Umbrella Rank: 51283	138 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	6 KB
1	tfla.xyz stag-core.tfla.xyz — Cisco Umbrella Rank: 55192	9 KB
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 5087	63 B
84	28

	Domain	Requested by
22	en.bcdn.biz	www.ba-bamail.com
12	www.ba-bamail.com	www.ba-bamail.com
4	fundingchoicesmessages.google.com	www.ba-bamail.com
3	endpoint-qwrap.prebidmanager.com	cdn.qwtag.com
2	id.a-mx.com	cdn.qwtag.com
2	log.outbrainimg.com	widgets.outbrain.com
2	www.facebook.com	www.ba-bamail.com
2	flint.defybrick.com	rock.defybrick.com www.ba-bamail.com
2	api.btloader.com	btloader.com
2	ad-delivery.net	www.ba-bamail.com
2	connect.facebook.net	www.ba-bamail.com connect.facebook.net
2	region1.analytics.google.com	www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.ba-bamail.com securepubads.g.doubleclick.net
2	widgets.outbrain.com	www.ba-bamail.com widgets.outbrain.com
2	www.googletagmanager.com	www.ba-bamail.com
1	custom-fluentd-eyzeqmfaaa-uk.a.run.app	stag-core.tfla.xyz
1	rtb.openx.net	cdn.qwtag.com
1	fastlane.rubiconproject.com	cdn.qwtag.com
1	grid-bidder.criteo.com	cdn.qwtag.com
1	ib.adnxs.com	cdn.qwtag.com
1	pbs.nextmillmedia.com	cdn.qwtag.com
1	adx.adform.net	cdn.qwtag.com
1	cdn.jsdelivr.net	cdn.qwtag.com
1	cdn.qwtag.com	stag-core.tfla.xyz
1	fonts.gstatic.com	www.ba-bamail.com
1	lh3.googleusercontent.com	www.ba-bamail.com
1	fonts.googleapis.com
1	rock.defybrick.com	widgets.outbrain.com
1	ad.doubleclick.net	www.ba-bamail.com
1	widget-pixels.outbrain.com	www.ba-bamail.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	stag-core.tfla.xyz	www.ba-bamail.com
1	www.google.co.uk	www.ba-bamail.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	btloader.com	www.ba-bamail.com
84	36

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
ba-bamail.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
btloader.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
bcdn.biz WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.co.uk WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
stag-core.tfla.xyz WR3	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-13` - `2024-11-11`	3 months	crt.sh
ad-delivery.net WE1	`2024-09-12` - `2024-12-11`	3 months	crt.sh
api.btloader.com WR3	`2024-10-01` - `2024-12-30`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M03	`2024-03-10` - `2025-04-08`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2024-10-21` - `2025-01-19`	3 months	crt.sh
cdn.qwtag.com Amazon RSA 2048 M02	`2024-02-01` - `2025-03-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.nextmillmedia.com R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.a.run.app WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.prebidmanager.com R11	`2024-10-02` - `2024-12-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.ba-bamail.com/
Frame ID: 45A8A06C75085DFA46CB27F59AA50A54
Requests: 82 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-M98CTHEBGV&gacid=2123819530.1730670902&gtm=45je4au0v898231427za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=7269686
Frame ID: 4A0DC47A9B029505436BFA466DB88FD1
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.ba-bamail.com
Frame ID: 28772D056F90BA99615A512FA1F25371
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Health, Tips, DIY, Quizzes, Riddles, Guides, Jokes - BabaMail

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

84
Requests

100 %
HTTPS

0 %
IPv6

28
Domains

36
Subdomains

35
IPs

6
Countries

1511 kB
Transfer

4183 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pinterest.com/Babamail/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/babamailcom

Search URL Search Domain Scan URL

URL: https://twitter.com/babamail_

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.ba-bamail.com/ 174 KB
32 KB 496ms
460ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97797466949fe6f86e5d588d7eec02687c760da5be225f11b6fb5e66b32e8852

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8dcf9b2cebb50bde-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 03 Nov 2024 21:55:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtaUEGWJQkdi7uUYkhdQBah9KDeM92V0QM%2B3BD91%2FGp2ZS6sG7LNd%2Fj5lKWnowSu20sJWUFYXVmUQe3j9ilRqknGA6hbJhph1gPQlJ53FjS8ZcP4MmB7m6bu8Jtu%2BZnVRrMgBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=12914&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4181&recv_bytes=4489&delivery_rate=736&cwnd=12000&unsent_bytes=0&cid=932181d7d5720760&ts=470&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 404 KB
131 KB 103ms
39ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M98CTHEBGV

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1cfd468db5bd505d074d0cb3b4e19f2b88a39a6301ad5e80dfd846f3f26aaaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 03 Nov 2024 21:55:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 133097
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 257 KB
94 KB 161ms
63ms Script
application/x-javascript 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

2d44c318194a9e4c744b2afdeeda9b8dcd08535b2ed06c8f30d3294a41edf18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
etag: "4d-mnLdBzS3b6/D8cb3Nsvs2yaSqns"
access-control-allow-methods: GET,POST
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: application/x-javascript
last-modified: Thu, 31 Oct 2024 14:04:46 GMT
vary: Accept-Encoding
x-traceid: dfd46e4bb15f012cc0e79f5a7597f681
strict-transport-security: max-age=31536000; includeSubDomains; preload
edge-cache-tag: widget-cheetah
cache-control: max-age=14500
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD
access-control-allow-credentials: false
access-control-allow-origin: *
content-length: 95521

GET
H3 200 site.min.css
www.ba-bamail.com/css/ 211 KB
50 KB 44ms
43ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c352522e3617247ec4c71eea5a3e640cc3e08176674f6e532013fd29c5fd04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "f99ff450e48db1:0"
age: 543686
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lV7Y%2BYGZdKhIVQnwJQ9Ldd3kDII6SpOIZ6zDDMoSNJMmtCAfgL7dBnW6XxLJivDF3N7xY%2FnRYAo5XxLUiZf5k5JqoUts09o%2FWnH39N21OUs5zi6UQ654xUEhFSukwwJKSJDjGg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 31 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23946&sent=26&recv=18&lost=0&retrans=0&sent_bytes=20382&recv_bytes=5821&delivery_rate=337896&cwnd=24000&unsent_bytes=0&cid=932181d7d5720760&ts=521&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: text/css
last-modified: Tue, 17 Sep 2024 09:31:04 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b2ffec90bde-AMS
accept-ranges: bytes
content-length: 50775
server: cloudflare

GET
H3 200 static.ashx Show response
www.ba-bamail.com/handlers/ 143 KB
63 KB 160ms
159ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/handlers/static.ashx?t=js&f=vendor.min,utils.min,babagpt.min,enq_sessions.min,recentlyviewed.min&v=2.3.0.3
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a621718e9d97fb39ba9ffdaad67f0a5d2dc7df9be3060b5ba10e06de835fe974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5t1ANmhfW1N5fKCHMQ78NmekQ9mcOAgxEPNUIOUvzugDNslH8m38roX3qvbu%2F6A2ZZwERnlxu5S3co2sKuCAizZPXIQfphUm1FklqUWeXCZY%2FsiI%2BOATVGzCAze4HKiN02bRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dcf9b2ffecb0bde-AMS
expires: Mon, 03 Nov 2025 21:48:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15226&sent=91&recv=53&lost=0&retrans=0&sent_bytes=92981&recv_bytes=7644&delivery_rate=1596173&cwnd=34800&unsent_bytes=0&cid=932181d7d5720760&ts=638&x=1", cfHdrFlush;dur=0
content-length: 63538
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 78ms
36ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c5fd9b6db6771a66d58e548d21ce4d2026257a0336f3bbbe6c0d12a01504da3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: br
etag: 390 / 20030 / 31088603 / config-hash: 10257544082128673461
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 21:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33843
x-xss-protection: 0
server: cafe

GET
H2 200 tag Show response
btloader.com/ 61 KB
21 KB 66ms
28ms Script
application/javascript 104.22.74.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5119785225420800&upapi=true
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d1e8bb03baa3fdb7a19b144a06a33abce47406e730455c2e4adfa7be174b6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "3c40844b0bab13ad5ec2cfb139ec2397"
age: 2860
via: 1.1 google
cf-ray: 8dcf9b317a8f6650-AMS
accept-ranges: bytes
content-length: 20760
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/javascript
last-modified: Sun, 03 Nov 2024 21:04:31 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 logo_en.png
www.ba-bamail.com/css/img/ 2 KB
3 KB 44ms
43ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ba-bamail.com/css/img/logo_en.png
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48995028a0d6405724d71b57ea45bc0161d33c33a4ab0d555d4be4053a4e1a2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "a6f72b61ac9d41:0"
age: 20326860
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXVAuXmBsdygoDRGE46LMWB4fNx4wZgJDptsYP%2FQWyahfdw%2BjHhd3tuFRJJv2q%2FmDWqf60%2F6%2FGnqR05nk%2BXL3VYf%2F8qC1h6%2FUNHtQslyxcGQ2NQWqcsiCFd8uDYWTIrGALNmNg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 31 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23946&sent=23&recv=18&lost=0&retrans=0&sent_bytes=17292&recv_bytes=5821&delivery_rate=337896&cwnd=24000&unsent_bytes=0&cid=932181d7d5720760&ts=521&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/png
last-modified: Wed, 20 Feb 2019 10:52:31 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b2ffecc0bde-AMS
accept-ranges: bytes
content-length: 2362
server: cloudflare

GET
H3 200 30d6df1e-66ce-407e-9152-f83cf14fcc57.jpg
en.bcdn.biz/images/emails/320x192/ 10 KB
11 KB 76ms
42ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/30d6df1e-66ce-407e-9152-f83cf14fcc57.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6053947b6d599dbc1535174adabc3f12f3b495354ea50d93906cdfd8f3dad73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "d8147ab8d4f4d71:0"
age: 71241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tktEhKiWfXBJYDQTOKLNfwT80hw%2F9AfD07SV61jkk%2BLWE36hJak1XHRXOG%2F4oGzF%2F0okUOx2Yanx7HWfw%2B9KpaZKAd47yGwKfBN68wH9zmZ5lICAjB1JoEjnzhqGA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13007&sent=22&recv=10&lost=0&retrans=0&sent_bytes=16170&recv_bytes=4817&delivery_rate=48229&cwnd=12000&unsent_bytes=0&cid=8920d289910e1adf&ts=34&x=1", cfExtPri, cfHdrFlush;dur=12
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Sun, 19 Dec 2021 12:34:09 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b301f439fe2-AMS
accept-ranges: bytes
content-length: 10189
server: cloudflare

GET
H3 200 9573088b-c9ec-497a-bf93-9bc15c23c4f8.jpg
en.bcdn.biz/images/emails/320x192/ 18 KB
19 KB 61ms
27ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/9573088b-c9ec-497a-bf93-9bc15c23c4f8.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebeb450fd8408572a0fc02b165ac3663ceab95bf56a19b8ba8f33510537c40e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "42bf664e786d71:0"
age: 114735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1khOX%2BxFWIDp6AnsMQOmVzsospSl6PmgIx7WsslBsU5tVeLp6PxIYCgs92iOm4eivwb8%2F%2FfYCbvcN0YJElLmpB6ZSAmcguWHQsYaw6HpEoUshsD%2BGaQDuaWlvh3Fcw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13007&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4198&recv_bytes=4817&delivery_rate=48229&cwnd=12000&unsent_bytes=0&cid=8920d289910e1adf&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Sun, 01 Aug 2021 15:08:00 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b301f449fe2-AMS
accept-ranges: bytes
content-length: 18491
server: cloudflare

GET
H3 200 9269238d-8a3f-45d0-a36b-74bea412df5f.jpg
en.bcdn.biz/images/emails/320x192/ 9 KB
9 KB 26ms
26ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/9269238d-8a3f-45d0-a36b-74bea412df5f.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5d0cbad4a165d4980855aa0b72b6dd2d05e589c0901d4d57f176feb28a7b220

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "a231558b0add51:0"
age: 71241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xuqnOAzhbQi%2FeuxJa2bJOhcel2K96cYIRkDm6EU2aQJRpO7LMbL3lfp1JXJK7W0C5cbfZN301ZzB6pBaYa0vIbUiND1SFoHLZCgOhdCUMVpSiJOpj%2Fqh8w2iu%2BqgA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13345&sent=41&recv=26&lost=0&retrans=0&sent_bytes=34996&recv_bytes=6177&delivery_rate=1425446&cwnd=22800&unsent_bytes=0&cid=8920d289910e1adf&ts=74&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2019 10:12:44 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b305fa39fe2-AMS
accept-ranges: bytes
content-length: 9027
server: cloudflare

GET
H3 200 3fa4747d-a2c1-454f-8da3-3cd6ab99cd00.jpg
en.bcdn.biz/images/emails/320x192/ 8 KB
9 KB 31ms
30ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/3fa4747d-a2c1-454f-8da3-3cd6ab99cd00.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f84d3f24faeda8f19e501e6f23dcebe02b90fc3e40eb5af1a836d9ce831fcc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "af224aaaafadd51:0"
age: 89185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpaCuOaUqJYPLGIxfC9VQiEPf2%2B3Puu5qR4Yu04hSHFczbP11nwpSu6u8wHU8AwPkbZNYTO%2BPWsjM5A7iNpy%2FXCYO5vIUwerlEPVsPKxSlCWiSYTr50p8XZsl1nNFg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13345&sent=50&recv=26&lost=0&retrans=0&sent_bytes=44923&recv_bytes=6177&delivery_rate=1425446&cwnd=22800&unsent_bytes=0&cid=8920d289910e1adf&ts=83&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2019 10:10:06 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b305faf9fe2-AMS
accept-ranges: bytes
content-length: 8116
server: cloudflare

GET
H3 200 37643c47-033f-44ba-b9b1-a0c1029bda07.jpg
en.bcdn.biz/images/emails/320x192/ 12 KB
12 KB 26ms
26ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/37643c47-033f-44ba-b9b1-a0c1029bda07.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d1eaa3e10618751b5fb45de1c74011772d4cc5961f6f9489dff42804cf93bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "d3ccc4a0afadd51:0"
age: 89185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPaRtNnKRw7nl5n9y4hJl8QI64N6aG%2BYnZBlf1NzQQwOn3Y6I7ZL5ubBEVZGpm1Fn%2F1%2B2Av5oBEL09%2FTQFpCQAZJToA7GMqGRQ3%2BcvyLPlOU9Rnj2Q%2BQiKjbN%2FeGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14072&sent=59&recv=35&lost=0&retrans=0&sent_bytes=53942&recv_bytes=6906&delivery_rate=806994&cwnd=22800&unsent_bytes=0&cid=8920d289910e1adf&ts=103&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2019 10:09:50 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b308fd99fe2-AMS
accept-ranges: bytes
content-length: 11945
server: cloudflare

GET
H3 200 520ac38c-adfb-4cca-9571-696025596719.jpg
en.bcdn.biz/images/emails/320x192/ 17 KB
18 KB 33ms
30ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/520ac38c-adfb-4cca-9571-696025596719.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b69c2f87db35ee2c76259790d7d5f32c1f5587d4cb2bfbf237ea8f6b6b6a434

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "b7767cd7cda2d61:0"
age: 100083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVGarbHAYDRqOo6JwOVi3D%2FEepIJoBvdOu3z9qtoxosaX2ExliYC64ZrNtZtYCudUZgbR48dX3GnAwohOP84215Lvq9m3pp16ZOzkNI2ShWx7iog1SLdSVgP9lArpg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14152&sent=88&recv=43&lost=0&retrans=0&sent_bytes=86895&recv_bytes=7905&delivery_rate=901098&cwnd=22800&unsent_bytes=0&cid=8920d289910e1adf&ts=230&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Thu, 15 Oct 2020 08:33:22 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3148b19fe2-AMS
accept-ranges: bytes
content-length: 17348
server: cloudflare

GET
H3 200 d6cfecbd-b7eb-4ae3-b043-71af770750a2.jpg
en.bcdn.biz/images/emails/320x192/ 18 KB
19 KB 32ms
29ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/d6cfecbd-b7eb-4ae3-b043-71af770750a2.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f9cbf1f71537a48e00bbd65d6f1ad60e0a75474828dd169c83c6be26b89fc17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "e0a6d055b0add51:0"
age: 100083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qrRFtkN8emHIsV1tpnLmRX3HshdlhCr5Fxg%2BBA4BiDMiKKpEAIRS73v6BPvmRHXjLf6QB3LocBXQRk46uczuWmMAUfIJi0e3xTewtl%2FDCemy1q%2B7eneD6WewV85jw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14152&sent=71&recv=43&lost=0&retrans=0&sent_bytes=66869&recv_bytes=7905&delivery_rate=901098&cwnd=22800&unsent_bytes=0&cid=8920d289910e1adf&ts=227&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2019 10:14:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3148b59fe2-AMS
accept-ranges: bytes
content-length: 18925
server: cloudflare

GET
H3 200 static.ashx Show response
www.ba-bamail.com/handlers/ 22 KB
9 KB 124ms
124ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/handlers/static.ashx?t=js&f=all.min&v=2.3.0.3
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e3d8e18a199d6b6dd06ad4d73dc5cb19203fece0fca5e3d4228a90b65d2475

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VptKRy3LM2TDk0K91Fnqe%2BLYPLivxA39mFgJySBwO817QyW9GzOpJixLhwbEOgY6HI3DqdjLWBBP8Yhu6vOZp1409TY1ii4gTRrY5LzS6k3MzTpkVJK4Bp%2Bj05k4XMB9ZdppA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dcf9b309f710bde-AMS
expires: Mon, 03 Nov 2025 21:48:43 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13682&sent=146&recv=65&lost=0&retrans=0&sent_bytes=158575&recv_bytes=8174&delivery_rate=867784&cwnd=63600&unsent_bytes=0&cid=932181d7d5720760&ts=715&x=1", cfHdrFlush;dur=0
content-length: 8901
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pub-4574809233304445 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 110ms
48ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-4574809233304445?ers=1

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

2df2b033e767c924efa8168430b74f2945396d6a0113f805bd5e84bd094191de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l2gYS8O6sa1GGfHK2spWYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg5tj2av5NN4EbrVzEljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDYwM9A4P4AgMAT-0_tQ"
content-security-policy: script-src 'report-sample' 'nonce-l2gYS8O6sa1GGfHK2spWYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 65ms
19ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M98CTHEBGV&gtm=45je4au0v898231427za200&_p=1730670901742&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=2123819530.1730670902&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730670901&sct=1&seg=0&dl=https%3A%2F%2Fwww.ba-bamail.com%2F&dt=Health%2C%20Tips%2C%20DIY%2C%20Quizzes%2C%20Riddles%2C%20Guides%2C%20Jokes%20-%20BabaMail&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=705
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M98CTHEBGV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ba-bamail.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 70ms
18ms Ping
text/plain 142.251.168.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M98CTHEBGV&cid=2123819530.1730670902&gtm=45je4au0v898231427za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M98CTHEBGV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.168.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wh-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ba-bamail.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4A0D 0
0 96ms
35ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-M98CTHEBGV&gacid=2123819530.1730670902&gtm=45je4au0v898231427za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=7269686

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M98CTHEBGV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ba-bamail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Nov 2024 21:55:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 82ms
45ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M98CTHEBGV&cid=2123819530.1730670902&gtm=45je4au0v898231427za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=1704755308

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 03 Nov 2024 21:55:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 pre_onetag Show response
stag-core.tfla.xyz/ 32 KB
9 KB 656ms
579ms Script
text/javascript 142.250.185.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stag-core.tfla.xyz/pre_onetag?pub_id=20&domain=www.ba-bamail.com&rand=1&min_ugl=0&es5=0
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.179 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f19.1e100.net
Software: Google Frontend / Express
Resource Hash: 18b12cd16350d540ebe2d54460bd4f5429d06c09909fa935a08b26da295b0b56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: private
content-encoding: gzip
content-length: 8592
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/javascript
vary: Accept-Encoding
server: Google Frontend
x-cloud-trace-context: 6d831cd6348c76bf239bb60f43015387
x-powered-by: Express

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
72 KB 38ms
36ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDBMCDF7

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a2cbca9ce87f77f097162c64d9606cce3ac1ec1fea881928c88d54adbaa329fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 03 Nov 2024 21:55:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 73834
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 open-sans-v27-latin-700.woff2
www.ba-bamail.com/fonts/ 16 KB
17 KB 28ms
25ms Font
application/font-woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/fonts/open-sans-v27-latin-700.woff2
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ba-bamail.com
Referer: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3

Response headers

cf-cache-status: HIT
etag: "7ec38d003d81:0"
age: 1802380
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGZJ2Y3gNmzsrwVkiMPpBw%2F3if4hNBN6a7GzCeTMCKklprjhpAWhlWW1MU2RLpFqjqzAigV8fGyPG4WxiFyD1ft155%2FX6m1ILElRXPXO1LlJLmfUDGFHw9d%2FvBm2P6Kxjen4NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Mar 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13920&sent=156&recv=69&lost=0&retrans=0&sent_bytes=168354&recv_bytes=9536&delivery_rate=625814&cwnd=63600&unsent_bytes=0&cid=932181d7d5720760&ts=790&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/font-woff2
last-modified: Thu, 06 Jan 2022 13:25:03 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31a8d20bde-AMS
accept-ranges: bytes
content-length: 16408
server: cloudflare

GET
H3 200 baba.woff2
www.ba-bamail.com/fonts/ 42 KB
43 KB 30ms
28ms Font
application/font-woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/fonts/baba.woff2?62991677
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea04bd79107228d9f85ec621a7059db287f98864aa8766df2a4711da1f9f7e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ba-bamail.com
Referer: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3

Response headers

cf-cache-status: HIT
etag: "268f6c969180d81:0"
age: 20322458
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmtpUo50uHtLp9xwqtyb7hS9p7D%2F1a1iWO%2F8SsVcfXEi8j4Vr3%2BS%2FaXOXa9I%2BM3olWxrjkV7vAxZ9uIZDJ91MI1zV3L4pdNrV1eh9cWYPafMCRSh74Ev%2BDCpumCacaDoTFfPNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Mar 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13920&sent=171&recv=69&lost=0&retrans=0&sent_bytes=185794&recv_bytes=9536&delivery_rate=625814&cwnd=63600&unsent_bytes=0&cid=932181d7d5720760&ts=792&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/font-woff2
last-modified: Wed, 15 Jun 2022 08:26:18 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31a8d40bde-AMS
accept-ranges: bytes
content-length: 43208
server: cloudflare

GET
H3 200 open-sans-v27-latin-regular.woff2
www.ba-bamail.com/fonts/ 16 KB
17 KB 32ms
30ms Font
application/font-woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/fonts/open-sans-v27-latin-regular.woff2
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ba-bamail.com
Referer: https://www.ba-bamail.com/css/site.min.css?v=2.3.0.3

Response headers

cf-cache-status: HIT
etag: "5ed42d003d81:0"
age: 10676918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Gfdmn8OVT7OGword8GurudMFsAtcHFzxNf8DYAvNvub7VcV6ISprR2ld6mMD7JDfAnmSeliIk%2B907YlYg%2B5eb8F5UQzk%2BX%2B5r8YYFYSGUlHXaB2WszhB5EQOPmnyIa3UdCQtg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Mar 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13920&sent=209&recv=69&lost=0&retrans=0&sent_bytes=230639&recv_bytes=9536&delivery_rate=625814&cwnd=63600&unsent_bytes=0&cid=932181d7d5720760&ts=794&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/font-woff2
last-modified: Thu, 06 Jan 2022 13:25:03 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31a8d60bde-AMS
accept-ranges: bytes
content-length: 16692
server: cloudflare

GET
H3 200 815b571a-2d0d-42b9-8571-bdfa0e710220.jpg
en.bcdn.biz/images/emails/320x192/ 15 KB
16 KB 28ms
27ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/815b571a-2d0d-42b9-8571-bdfa0e710220.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75482db159a6512f79f87bf618c24ffaff387cfec993c167d6d4681b9ef86ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: W/"b55e6b44b01fdb1:0"
age: 1598551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXdrYHI88IFyfSOuYsWcpY3FteNWWoh8AsVUEHvf9r1t%2FLazUV6HGa%2BXRvJIR3phDNR5v8PVbo2yadIeGxYhhAfmjtNo6G%2BD24lmgBtYbqgoutBLMpQN4zgbta%2Fw1A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=107&recv=75&lost=0&retrans=0&sent_bytes=105394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=279&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Wed, 16 Oct 2024 09:46:26 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199159fe2-AMS
accept-ranges: bytes
content-length: 15308
server: cloudflare

GET
H3 200 086ee954-26a9-4306-8fbc-e84d1f23b700.jpg
en.bcdn.biz/images/emails/320x192/ 13 KB
14 KB 32ms
29ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/086ee954-26a9-4306-8fbc-e84d1f23b700.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c6f315b58a08d9bc14912627a9538d358e4ea9be1b63774885d6f2ea71df032

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "beba63c51229db1:0"
age: 565987
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4SEhqI4l5Mzgag8%2BnGMyNbyvzydJgLhfQxjeDsirGWhXehPw3J7lgclh8m3mJj6qW5q0W6B3qxwSJ6imTzNtjoQfShalpGcEIX8%2FxzgvEVa%2FTW9wpA7xVBF7NDtakg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=121&recv=75&lost=0&retrans=0&sent_bytes=121729&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=284&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 08:24:13 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31991d9fe2-AMS
accept-ranges: bytes
content-length: 13663
server: cloudflare

GET
H3 200 ed75ee29-b0e9-4140-861e-2eda60ffe422.jpg
en.bcdn.biz/images/emails/320x192/ 20 KB
20 KB 42ms
38ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/ed75ee29-b0e9-4140-861e-2eda60ffe422.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4d0f522d5e0ddd182308929e7c309de37b36394b0096ba14b17814dcb7b1a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "e785a9226124db1:0"
age: 1061298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ik20U687Sc%2BzS8CezRKSiRD3FAP7TngKpfzsvxHhDRic%2BvjPRkThm%2FaMCEclkUHdk1mw1LQ1oTTTJ472CT2TUd6DWDixuaIn3kKRCHMICDPZD0UpCIosaT7iywDnvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=136&recv=75&lost=0&retrans=0&sent_bytes=138793&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=285&x=1", cfExtPri, cfHdrFlush;dur=10
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2024 09:02:34 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31991f9fe2-AMS
accept-ranges: bytes
content-length: 20217
server: cloudflare

GET
H3 200 0d6e7d49-a6eb-409e-b2c4-c2ae34e7e42b.jpg
en.bcdn.biz/images/emails/320x192/ 17 KB
17 KB 42ms
38ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/0d6e7d49-a6eb-409e-b2c4-c2ae34e7e42b.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f785a20a1eae68f872996012c88130a0964e77551e512f04ddc8137a584e97f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "e34ac7f3919d81:0"
age: 128613
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dhZkpW126GcYdAxRSm8Y4O6T%2BDzwyAoVeqSdCwmOoVSnGT9Ud7dCnvxMNYr4r4rcq7rM337wbMNBI9B14Ih4Ly%2BzIf770FeCzwku1xRxACvCYxVSKKwFirHA4MmCg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=285&x=1", cfExtPri, cfHdrFlush;dur=10
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Thu, 03 Feb 2022 20:06:15 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199219fe2-AMS
accept-ranges: bytes
content-length: 16914
server: cloudflare

GET
H3 200 98fcea62-7c18-4602-ab67-07a23862227e.jpg
en.bcdn.biz/images/emails/320x192/ 11 KB
12 KB 43ms
39ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/98fcea62-7c18-4602-ab67-07a23862227e.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25917dcbac3f52140b5f02a7610fd13de0b9113ffe37c2900c8451db2d8cdfc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "aa8dbcf2c1cd81:0"
age: 128613
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0MIB1VfVLXcNP%2FHnfv1bh%2FNjDUx0t2b%2BZOmTv85cw8U82jj6Gk6Sr3X8FnAw2icqeVqBmQKOzM26g4ab5sX%2BUGfqi667U9HtO5a2u4%2FCALqnxLCj4zHB9ULgiy58g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=286&x=1", cfExtPri, cfHdrFlush;dur=10
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Mon, 07 Feb 2022 14:12:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199229fe2-AMS
accept-ranges: bytes
content-length: 11700
server: cloudflare

GET
H3 200 d0708858-a68f-4cb9-b579-32700bbb8ddc.jpg
en.bcdn.biz/images/emails/320x192/ 18 KB
19 KB 290ms
286ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/d0708858-a68f-4cb9-b579-32700bbb8ddc.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1786fa9c1ab61fa3e82f4cc855e6781b19f348e025754c278187228d5505b89a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: MISS
etag: "c6a4b3bf101ad81:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=quEvuKC18jjbRBNCIP6XMzd53DkG4x3H3lDkij19%2BzccTI%2BJbaT0cHOAnXNnngDWU3o4G0H7dyjpggvuvKl%2BY0CzcKAsevf4B178kL62SBrQ6JS6ZKYhDN8tV9K0Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14392&sent=303&recv=97&lost=0&retrans=0&sent_bytes=322681&recv_bytes=15205&delivery_rate=6762102&cwnd=160800&unsent_bytes=0&cid=8920d289910e1adf&ts=543&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Fri, 04 Feb 2022 21:47:04 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199249fe2-AMS
accept-ranges: bytes
content-length: 18763
server: cloudflare

GET
H3 200 ff7427bb-c8ae-4cb9-b2be-adae4c991ec6.jpg
en.bcdn.biz/images/emails/320x192/ 15 KB
16 KB 31ms
27ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/ff7427bb-c8ae-4cb9-b2be-adae4c991ec6.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711bbd8ae58a821b859b7a952c299032ffbb3a7979cd52cbf563282804c4fe47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "6fdc435e513db1:0"
age: 147580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4DVT2Nff98qyBdwuZPyybZHeFtD8x13ZaPU2UuDpT0YR%2F012lTUbhr5N7Ls6XMMDBLwKXmAWhxQ%2B7rG0tFoaVDjtHQhJhJHZM%2FwzMi33EOTeBgWzGlj35sWcBVikYg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=131&recv=75&lost=0&retrans=0&sent_bytes=133729&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=284&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Tue, 01 Oct 2024 09:35:10 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199259fe2-AMS
accept-ranges: bytes
content-length: 15448
server: cloudflare

GET
H3 200 afbb7b15-80b8-4514-badf-842c1fca0c1f.jpg
en.bcdn.biz/images/emails/320x192/ 11 KB
12 KB 44ms
40ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/afbb7b15-80b8-4514-badf-842c1fca0c1f.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77ac91e2c722abfc751849d30774280c94b0cbd848735f3b93486d18eeff7b65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "9b65b8ec1a25db1:0"
age: 907371
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EcuDdLxAseS0VuGo%2F6YiXXwGM1%2BVLiC3gMzEVj%2BviOYWgkdd65dpSHrjxMUewevZjH3nLtS5L76Tee2uRJ1aJOR5Kg2aSWcxnModjjiYk8gZmOsbhZcntnuZpWct%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=285&x=1", cfExtPri, cfHdrFlush;dur=12
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Wed, 23 Oct 2024 07:12:30 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199269fe2-AMS
accept-ranges: bytes
content-length: 11177
server: cloudflare

GET
H3 200 ba1d0502-a3f1-4292-b63a-3d4fcac9d6a3.jpg
en.bcdn.biz/images/emails/320x192/ 12 KB
13 KB 44ms
40ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/ba1d0502-a3f1-4292-b63a-3d4fcac9d6a3.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4facfcfdca7c93e0f440544d4e39fd960b4ad3e81887e0911e0ddc0ca0b40658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "266b1d22bc22db1:0"
age: 1226893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgC53GaouG0svaXqk5N%2B%2BCy%2Fz8iYJs6RMuv02kbaLhsVYHL6SuXPHF93c3%2BbWD56HrHwwppcr8dVDvGrGqjhp87jxor1TgdFjTuI4VPNFw7lN2s0JxgdcvKgrPzmQA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=285&x=1", cfExtPri, cfHdrFlush;dur=12
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Sun, 20 Oct 2024 06:48:55 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199289fe2-AMS
accept-ranges: bytes
content-length: 12671
server: cloudflare

GET
H3 200 43203091-cd26-4402-895a-faf763c5e9ef.jpg
en.bcdn.biz/images/emails/320x192/ 16 KB
17 KB 43ms
41ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/43203091-cd26-4402-895a-faf763c5e9ef.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950746f70875744b18a517b170de64e1aad4cebd174c295a62f66a108b430066

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "e323b1354912db1:0"
age: 606885
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKtSDIASfEK9YOA%2Bpm%2FWacbuHhbqfGO23GJqsV72CNlBY4IZUWmoCDmUz%2BUoOSumz3wqgYGLidAbMOUc49y67yx%2FqIxYb9yvqluhLr7dYI%2Fseg%2Fyi1seClORoeJqDg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=291&x=1", cfExtPri, cfHdrFlush;dur=7
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Sun, 29 Sep 2024 08:25:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199299fe2-AMS
accept-ranges: bytes
content-length: 16575
server: cloudflare

GET
H3 200 6b228b3d-bf93-44d5-916d-66a36e2b4afa.jpg
en.bcdn.biz/images/emails/320x192/ 19 KB
20 KB 43ms
41ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/6b228b3d-bf93-44d5-916d-66a36e2b4afa.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f2ff90d491ec27e1e150e2037b10c0f2905a61303f099b2dd2f8bd11cb47f1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "ccb1b595772bdb1:0"
age: 303468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N3mjRIQE2DHXPTQlT%2BxYRfSVwsDEW0jlI8%2B8F0%2FbKmT1RvvnTUtu9OJpbKjm681JKVAsZ%2BxVUODTMv3sTtTTtvzFStl6JLsrkl6AKC3tCIMsjGVZxmAoe26fm44feQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=285&x=1", cfExtPri, cfHdrFlush;dur=13
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Thu, 31 Oct 2024 09:30:55 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31992c9fe2-AMS
accept-ranges: bytes
content-length: 19579
server: cloudflare

GET
H3 200 4171f9bb-7773-412e-a530-fae86fe5b2c3.jpg
en.bcdn.biz/images/emails/320x192/ 14 KB
15 KB 48ms
45ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/4171f9bb-7773-412e-a530-fae86fe5b2c3.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b05b5df1c6675ba5130d368d5388337092b6feaf1c4224034808a5bc84aa4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "72b771e98d14db1:0"
age: 84264
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCgvArsjFDgOJHnoGQc79qMcQwoB7BNxuisSqeT0eu1L5cJCCD8NDzCmZh8sZSLjWbudjM4t2qlGdS6b3aJIxmiHh7ttQRPMlChao7viFKG3vZaAHKnnFbcI6eJAJg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=287&x=1", cfExtPri, cfHdrFlush;dur=16
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Wed, 02 Oct 2024 05:42:47 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31992d9fe2-AMS
accept-ranges: bytes
content-length: 14404
server: cloudflare

GET
H3 200 bb7ebacc-d657-4193-8483-99c1f31a613b.jpg
en.bcdn.biz/images/emails/320x192/ 11 KB
12 KB 57ms
54ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/bb7ebacc-d657-4193-8483-99c1f31a613b.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84660e695c0ad7e1a8680b9bfa7a3c26481eb0466a9e1a5e24855e0931bae85a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: W/"d54770223928db1:0"
age: 660149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeAyVqDIThdj6ppUvaF4%2BxSsxz%2FePc%2BSVmwqHcIPmte%2F8x6TMWizR3v5ebMD7Zslo4YRxjGmvOMA07Qt50h9EFjSdhpHWoU0jIKvcr8ygLbHUvHXPOx%2B2QIs2mbv5A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=287&x=1", cfExtPri, cfHdrFlush;dur=21
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Sun, 27 Oct 2024 06:26:19 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b31992f9fe2-AMS
accept-ranges: bytes
content-length: 11572
server: cloudflare

GET
H3 200 19fe400d-5b53-4a92-8730-4c4f7484989d.jpg
en.bcdn.biz/images/emails/320x192/ 8 KB
9 KB 56ms
54ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/19fe400d-5b53-4a92-8730-4c4f7484989d.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30028a7f9d98de1919c4475a9e62020ad82f7a44748c05362ab1509d59d177e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "69af7281bc22db1:0"
age: 907355
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LoHkPERUcsgOFGtyIrCycG6KNRKtfRqDX5EN07yH4IeuW3KjecyWEddkLvfJvCTG%2B%2Bt8swkVS6uhChY7U6oQC4SPNMovVr%2BOivHLfUys%2FaoHfaNWzmM4FConoI%2BKPg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=291&x=1", cfExtPri, cfHdrFlush;dur=17
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Sun, 20 Oct 2024 06:51:35 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199329fe2-AMS
accept-ranges: bytes
content-length: 8615
server: cloudflare

GET
H3 200 035b8a84-d373-4d4c-820f-ca3040f87413.jpg
en.bcdn.biz/images/emails/320x192/ 15 KB
15 KB 56ms
53ms Image
image/jpeg 172.67.190.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.bcdn.biz/images/emails/320x192/035b8a84-d373-4d4c-820f-ca3040f87413.jpg
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.190.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a7741579d3f434e4ccb19fa8d180cee8cd58d9a11d3da705478dfb745bd852

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: W/"d841d5e5728db1:0"
age: 647163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53YUWAWdAt1Ukrm0fEr34KiiB05G9KS0bY6wW%2BUQQ2C33Rh4F6ZKxYyBfgv8y1dLBocbLcEUdm%2BHmLrqFI0jumZLwPA5Pp81%2Fz5zyiCAISXrElfBHdDyZypZ2WHlfw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 20 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13723&sent=144&recv=75&lost=0&retrans=0&sent_bytes=147394&recv_bytes=14213&delivery_rate=717007&cwnd=42000&unsent_bytes=0&cid=8920d289910e1adf&ts=291&x=1", cfExtPri, cfHdrFlush;dur=17
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/jpeg
last-modified: Sun, 27 Oct 2024 10:02:44 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3199339fe2-AMS
accept-ranges: bytes
content-length: 14957
server: cloudflare

GET
H2 200 topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame 2877 0
0 106ms
40ms Document
text/html 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.ba-bamail.com
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.ba-bamail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=14400
content-length: 667
content-type: text/html
date: Sun, 03 Nov 2024 21:55:02 GMT
etag: "a52151dbf5b2ca563e40ccca1ab8228c:1730385306.84843"
expires: Mon, 04 Nov 2024 01:55:02 GMT
last-modified: Thu, 31 Oct 2024 14:04:20 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK d3d3LmJhLWJhbWFpbC5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
535 B 155ms
39ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/d3d3LmJhLWJhbWFpbC5jb20=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-25-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Access-Control-Max-Age: 43200
Cache-Control: max-age=40590
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Connection: keep-alive
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Expires: Mon, 04 Nov 2024 09:11:32 GMT
Access-Control-Allow-Origin: *
Content-Length: 15
Date: Sun, 03 Nov 2024 21:55:02 GMT
Content-Type: application/json; charset=utf-8
x-traceid: 3ead51a9e40911611df4721421cd2bee

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
396 B 82ms
43ms Image
image/gif 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: max-age=2592000
timing-allow-origin: *, *
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-request-headers: X-OB-STG,X-OB-PRD
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
expires: Tue, 03 Dec 2024 21:55:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
akamai-loopback-request: 8096267
content-length: 43
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/gif
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage

POST
H3 200 general.ashx Show response
www.ba-bamail.com/handlers/ 0
679 B 108ms
107ms XHR
text/x-json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/handlers/general.ashx
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/handlers/static.ashx?t=js&f=vendor.min,utils.min,babagpt.min,enq_sessions.min,recentlyviewed.min&v=2.3.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ba-bamail.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag: noindex
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gDxnbsXyukqRt%2Bv4jpa02Ri6z6bwizNVxaHpGr%2F5UrgMID5iD59i5qqlrUzwDJQIjL2KmHHn8Rd3DjlfH0CZPr1mdnJE88CGwzpWoWljxVLsUjum%2FA%2BZxI%2BrEBRyVinboYSfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dcf9b3249750bde-AMS
expires: Mon, 01 Jan 0001 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13897&sent=227&recv=79&lost=0&retrans=0&sent_bytes=248437&recv_bytes=10444&delivery_rate=3189799&cwnd=75600&unsent_bytes=0&cid=932181d7d5720760&ts=977&x=1", cfHdrFlush;dur=0
content-length: 0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/x-json
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 44ms
20ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-SKsLr9ln' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SKsLr9ln' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4445, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: hDD35JCxAZ/XHXlP1HexFiAivJjanNCWCmhDMjAY3qods/vfAQc8qMw7q+Xbe+ZwTKddLOfGOl3zvVldo+8p2w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 px.gif
ad-delivery.net/ 43 B
1 KB 89ms
48ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 960068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0J%2FV8HFCKZzR50a2zaWYJpZztgVhWpp8cwtxZRW8V240nEM%2B8WR5Wh4Wysw3MxjvWqWpoWPfKpb0hWPLyP4%2F6ElL5QT%2FFvYSa2PUHMAwTbBEK7JrInlJ6pX%2F1v5FqhtSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 23 Oct 2024 20:01:11 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=13075&sent=7&recv=14&lost=0&retrans=0&sent_bytes=4016&recv_bytes=2397&delivery_rate=282373&cwnd=254&unsent_bytes=0&cid=5667b3b7dd9ef6e1&ts=55&x=0"
x-goog-stored-content-length: 43
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3JfBB68Xd1MysALTX_WLp4SZ-lQ2Q7riWXQf86XCfj3W3UM2lqUFLgxHV1Mg_Z2Jbrnj-HONvZkg
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8dcf9b32a8a67748-AMS
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 50ms
19ms Image
image/x-icon 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
age: 11844
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 18:37:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 18:37:38 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
463 B 90ms
50ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5470996812277178
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 960068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eo8TWySGs%2BbJS0mTN82%2FGfTE%2BzrOU8%2F5X7YCg1L9pjTAgrIKi00Qj6wweIOVSncg3TaJIb0CsamzNujLVNKnX%2BBNLZwK7KhQi%2BnMKGPYdw6SkGeBqClLiIVjXTIO1gXX4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 23 Oct 2024 20:01:11 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=13075&sent=9&recv=14&lost=0&retrans=0&sent_bytes=5136&recv_bytes=2397&delivery_rate=282373&cwnd=254&unsent_bytes=0&cid=5667b3b7dd9ef6e1&ts=58&x=0"
x-goog-stored-content-length: 43
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3JfBB68Xd1MysALTX_WLp4SZ-lQ2Q7riWXQf86XCfj3W3UM2lqUFLgxHV1Mg_Z2Jbrnj-HONvZkg
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8dcf9b32a8a07748-AMS
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/ 483 KB
150 KB 21ms
21ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d630051aa81b7895bed44adcca3d35bbf6c0aa68eb99446712e43cf0d34386d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: br
etag: 16074489216520974051
age: 66726
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 03:22:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 03 Nov 2024 03:22:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153218
x-xss-protection: 0
server: cafe

GET
H2 200 AGSKWxUVcS2lnODu-mYcBaKBx5iWNwjCCknADaYMdYqL522NZAQnH4nEWeBvJfVqifsRcX1RIMXmg6ubAVWXlmG5F1kJNzwsdw5FZOmVlZEptxIo0-q_VRUNYNofXMuUlX4tRoHATeYG-A== Show response
fundingchoicesmessages.google.com/f/ 399 KB
62 KB 102ms
101ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUVcS2lnODu-mYcBaKBx5iWNwjCCknADaYMdYqL522NZAQnH4nEWeBvJfVqifsRcX1RIMXmg6ubAVWXlmG5F1kJNzwsdw5FZOmVlZEptxIo0-q_VRUNYNofXMuUlX4tRoHATeYG-A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNjcwOTAyLDIwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmEtYmFtYWlsLmNvbS8iLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJubCJdLFsxOSwiMSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwHS5gumyWCBGDtMv3W-BPxhANbEQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e367e2dd5890d7f90534710706a46286fe08ef4cf9ac7f62269dc95c7201ca44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O0gFkgDdisV-B3D-W2XnAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OLY9mr-TTWDG8lc9jEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgbGBnoGBvEFBgCxDUUP"
content-security-policy: script-src 'report-sample' 'nonce-O0gFkgDdisV-B3D-W2XnAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 708593779272528 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 154ms
154ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/708593779272528?v=2.9.176&r=stable&domain=www.ba-bamail.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

315c26200713724f6ea44b08932ac1ed46d6a291be30324c57c1fb2123027b00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-vDiBfKDO' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vDiBfKDO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=77, mss=1232, tbw=70844, tp=67, tpl=0, uplat=133, ullat=0
pragma: public
x-fb-debug: 0o410gm+IZI5Ap3Rj79hqN44mAMYOwo1QVJa8uKmC+g+MIhaINmh56nksTT+zyQ9ZhHVkOj+HJv/floW80h/pA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 152ms
115ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5119785225420800
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5119785225420800&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6f11c57367491b5eb5066b3fec56454ba83d9b311253dab9de0cceb1a2e9c972

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/json
vary: Origin

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
19 KB 52ms
15ms Script
text/javascript 18.239.50.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0&page_url=https://www.ba-bamail.com/
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-73.ams58.r.cloudfront.net
Software: Caddy /
Resource Hash: 60f87e8ae619d78847cc5916e227cab58ea5a66c44a2e525844d19d9b91140c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "c0ea-7XSDulBxDx+thb7e4rPS58P3/EA"
age: 11952
via: 1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront)
expires: Mon, 04 Nov 2024 06:35:50 GMT
x-cache: Hit from cloudfront
content-length: 18610
x-amz-cf-id: 7W95MKJh9gkF2lYVoPo5_XqTYJcBcIIlFr-G0xayr0UV8bf9WRBX2A==
date: Sun, 03 Nov 2024 18:35:50 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: AMS58-P3

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 113ms
113ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=wgUxRvpM7i&w=5684960806567936&o=5119785225420800&cv=2.1.62&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.ba-bamail.com%2F&sid=GfXQq9XliT&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5119785225420800&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 121ms
48ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwAXSTD_wM6HSkRiet9VZMVj5IjVA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

3379b46641b48791c136b410e325c4e10f1b08be254fec82c726ec26089f6467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 21:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 03 Nov 2024 21:55:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 1L-g6wJx9G_SLFkOEG9z8HGbqaeNR_TQIbJ7FUisF2djsGVjS2KqvExMBhc_A_0vn1l5KS5MeiD3JbNHcFUp97dWECon6s48_uBuz3YALm1IgeK_pN_j=h60
lh3.googleusercontent.com/ 8 KB
8 KB 93ms
30ms Image
image/jpeg 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/1L-g6wJx9G_SLFkOEG9z8HGbqaeNR_TQIbJ7FUisF2djsGVjS2KqvExMBhc_A_0vn1l5KS5MeiD3JbNHcFUp97dWECon6s48_uBuz3YALm1IgeK_pN_j=h60

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f97.1e100.net

Software

fife /

Resource Hash

474efb37daea7908084b28f9889cf6331808015c5700167975749a6d01c4e955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 0
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 21:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7700
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 52ms
21ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ba-bamail.com
Referer: https://www.ba-bamail.com/

Response headers

age: 518139
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 show_pla Show response
flint.defybrick.com/ 2 KB
1 KB 450ms
138ms Script
text/javascript 34.199.234.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.ba-bamail.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=23866521706208670290022066616760637906476080029425819012907214282095&nc=0&tsf=0&tsfmi=&pv=0&cb=1730670902443&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=4155436659&at=&bid=e30%3D&di=W1siZWYiLDY2MjBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE4NzM2%0D%0ANzc1NTIsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjYsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwSXNnSUlqU1Er%0D%0AOGlLZ3FJMG9zSUFpcEZFRVFSSWtVZ2RFUVFwVW9KU0F0Q0FxU0g5R3l5N1pXWitlci9kK2U5MmJ3%0D%0Ac0NTRC8xZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZp%0D%0AZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwi%0D%0AaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywi%0D%0ALSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpb%0D%0AXCJkZXNjcmlwdGlvblwiLFwia2V5d29yZHNcIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlv%0D%0AblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowfSJdLFstMTUsIi0i%0D%0AXSxbLTE2LCIwIl0sWy0xNywiMTIiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMTE3MCwxNTcw%0D%0ALDExNzAsMTU3MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4%0D%0ANSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIyMTIzODE5NTMwLjE3MzA2%0D%0ANzA5MDIiXSxbLTIxLCJsRmJxa1RXaSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0s%0D%0AWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjI1OTYyNjcwLFwidWpoc1wiOjIw%0D%0AMDQ1Mjc4LFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0yNywiWzUwLDEwLDAsXCI0Z1wiLG51bGxd%0D%0AIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMCwwLDIsMCwy%0D%0ALDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwi%0D%0ALSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MzA2NzA5MDI0MjAsLTFdIl0sWy0zNiwi%0D%0AW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDAs%0D%0AMCwxLDAsMTAsMjYsNTQyLDMzNiwwLDgxMi4yLDgxMi4yLDExOTcsMTE5OCJdLFstMzksIltcIjIw%0D%0AMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0%0D%0AcnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMz%0D%0AIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAx%0D%0AMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV1cm9w%0D%0AZS9BbXN0ZXJkYW0sbmwsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5j%0D%0AaCIsNTNdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A5439%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=U9SahE2BWq&sdd=%7B%7D&pto=1221
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0&page_url=https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 34.199.234.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-234-25.compute-1.amazonaws.com
Software: /
Resource Hash: 010984c05899e76761051457b7ef57c8083835fc9ebd29c3b1af86f0aa0d8d95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1386
date: Sun, 03 Nov 2024 21:55:02 GMT
pragma: no-cache
content-type: text/javascript

POST
H3 204 AGSKWxX5ZggneapKT93EHWt_F6pR_KUiG_WYQxuDUbOTWy613ZJTqTo0VZ6skzUpNAs8ADEag39pNEAWQtLZzOCxzBx5SXOZnWtmz2eUPVL3Dy2Y1Ab4Y_LvO8QmzCdy41nzhHhtXDWOJQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 69ms
38ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX5ZggneapKT93EHWt_F6pR_KUiG_WYQxuDUbOTWy613ZJTqTo0VZ6skzUpNAs8ADEag39pNEAWQtLZzOCxzBx5SXOZnWtmz2eUPVL3Dy2Y1Ab4Y_LvO8QmzCdy41nzhHhtXDWOJQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YoeNw-o276NdRjW6T4Me5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uHY9mj-TjaBjvX7PzEquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAESXKQs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YoeNw-o276NdRjW6T4Me5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.ba-bamail.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX5ZggneapKT93EHWt_F6pR_KUiG_WYQxuDUbOTWy613ZJTqTo0VZ6skzUpNAs8ADEag39pNEAWQtLZzOCxzBx5SXOZnWtmz2eUPVL3Dy2Y1Ab4Y_LvO8QmzCdy41nzhHhtXDWOJQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-urKa-tPISa9EwqkUPwj7GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uHY9mj-TjaBA80dHxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgbGhnoF5fIEBADSIKNY"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-urKa-tPISa9EwqkUPwj7GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.ba-bamail.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 stats.ashx Show response
www.ba-bamail.com/handlers/ 1 B
633 B 109ms
109ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/handlers/stats.ashx?t=hp&view=1
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/handlers/static.ashx?t=js&f=vendor.min,utils.min,babagpt.min,enq_sessions.min,recentlyviewed.min&v=2.3.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://www.ba-bamail.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

x-robots-tag: noindex
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cphCsfcoqSVYFYWBMAUWDsaPbCYYIR7%2B9%2Fe11piCTwzDBVsbjMx%2BqWh4OO%2F0efSEzSVPZSmiZavTxitcx45leUXrsALEwxE3N95sKzBDkZS3BYSqhTqmJ6QtT3pxl2Nvq2uGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dcf9b346bbe0bde-AMS
expires: Mon, 01 Jan 0001 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14170&sent=229&recv=81&lost=0&retrans=0&sent_bytes=249164&recv_bytes=10924&delivery_rate=6410&cwnd=75600&unsent_bytes=0&cid=932181d7d5720760&ts=1316&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 68ms
20ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=708593779272528&ev=PageView&dl=https%3A%2F%2Fwww.ba-bamail.com%2F&rl=&if=false&ts=1730670902476&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730670902475.242355004373798743&ler=empty&cdl=API_unavailable&it=1730670902232&coo=false&rqm=GET

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1288, tbw=2948, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 218ms
170ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=708593779272528&ev=PageView&dl=https%3A%2F%2Fwww.ba-bamail.com%2F&rl=&if=false&ts=1730670902476&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730670902475.242355004373798743&ler=empty&cdl=API_unavailable&it=1730670902232&coo=false&rqm=FGET

Requested by

Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433174924417728946"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 75aiZTaiqhKdKqRvzk37u+sKXFJFTrKr+bTqT6VCWJXuKQ9ah6jd+IIe1S/QOqSLM+SNmoHd1biIJLGS1K0vWQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433174924417728946", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1288, tbw=3266, tp=-1, tpl=-1, uplat=148, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 qw.js Show response
cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/ 568 KB
138 KB 153ms
22ms Script
text/javascript 13.32.121.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Requested by: Host: stag-core.tfla.xyz
URL: https://stag-core.tfla.xyz/pre_onetag?pub_id=20&domain=www.ba-bamail.com&rand=1&min_ugl=0&es5=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-84.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1acaf46c1bcad7458c0fe3bc82c61bc99d1b44f16eecd518127d03663f35841

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: max-age=1800
content-encoding: gzip
x-amz-version-id: bWhreVTYoCPnUYyfYW2NM.fHX0IhlLeD
etag: "ec597652b7dbc2c701e3e7051e22c8a6"
age: 1635
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 140960
x-amz-cf-id: I4swEKAA46L-FOvAQEA2QS9R0OSDdIwz9SRbIHeceIF5x5Gdv6qYMQ==
date: Sun, 03 Nov 2024 21:30:33 GMT
content-type: text/javascript
last-modified: Sun, 03 Nov 2024 07:16:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
513 B 367ms
88ms XHR
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1730670902785&sessionId=e377e11b-f407-04ca-e5d8-9eff1b7e0652&url=www.ba-bamail.com&cheqSource=1&cheqEvent=0&exitReason=3

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
pragma: no-cache
access-control-allow-methods: GET,POST
expires: 0
access-control-allow-origin: *
content-length: 8
date: Sun, 03 Nov 2024 21:55:03 GMT
content-type: application/json; charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-traceid: 08c653b0033f208cc8d0f6a816ac9156

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 50ms
13ms Fetch
application/json 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241103

Requested by

Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8288365dce84d21822393d591c27b2feeaa9a08b25a93c05a6a3919edb106ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"640-wmizrOU1JEMRH5rHOboioftnOcQ"
age: 21253
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230103-FRA, cache-ams21060-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 838
x-jsd-version: 1.0.2229

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
269 B 53ms
14ms Fetch
application/json 79.127.227.46
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.ba-bamail.com/&tl=https://www.ba-bamail.com/&nf=0&rt=true&v=9.14.0&av=2.0&vg=pbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.127.227.46 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-79-127-227-46.datapacket.com
Software: /
Resource Hash: f07750431edc961873e9253ebb34a91ac3cb8bfc7ddcef0de4174cf611476713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-allow-origin: https://www.ba-bamail.com
content-length: 66
date: Sun, 3 Nov 2024 21:55:02 GMT
content-type: application/json
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
269 B 67ms
14ms Fetch
application/json 79.127.227.46
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.ba-bamail.com/&tl=https://www.ba-bamail.com/&nf=0&rt=true&v=9.14.0&av=2.0&vg=pbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.127.227.46 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-79-127-227-46.datapacket.com
Software: /
Resource Hash: 9066788c835c2925c15c5e0dd22276d938d7937585ad74ce3d8723542267ea83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-allow-origin: https://www.ba-bamail.com
content-length: 66
date: Sun, 3 Nov 2024 21:55:02 GMT
content-type: application/json
access-control-allow-credentials: true

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
513 B 262ms
89ms XHR
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1730670902923&sessionId=e377e11b-f407-04ca-e5d8-9eff1b7e0652&url=www.ba-bamail.com&cheqSource=1&cheqEvent=2&responseTime=639

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
pragma: no-cache
access-control-allow-methods: GET,POST
expires: 0
access-control-allow-origin: *
content-length: 8
date: Sun, 03 Nov 2024 21:55:03 GMT
content-type: application/json; charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-traceid: 96762f075f560a5a05a228ee7c9552e7

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 100ms
99ms Image
image/gif 34.199.234.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001269eec132ea4e8a9f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163044775a9fd11c6cf56ca8efc4ff5f0afe1ccde66ebd7f9e79ce42f85a6af77159a80b431a2cdb5146a7deb7e41bb623a84ecc5bfb481e75bdce27087b3a05d002dccf62a9402afd90b63c4e7c32cefd5644f6fc400e761d2a521bd0db7f3b221eb489113bd3f6a03191e35b6c1d32abb8a584fb26e88c9c03f4539f5f2061cbfa86a7b461d1cee879933b0c80a89a2f4944f56568a9911032bcddf37c8e55ff12b7d01bc54ec8cb7bd62427d3dc7e8c779ac09c8aec9e91655f8232b1bcf8295836e8866b97e211e216170586085fd086d79296a6de63ce7d8199b5c836ae6b6b3ac4206b8181840227d3a773a80ee49843da76a2720f0b1a8c30b84d8494e03fa8803bd611ebcf848829ce494a2da567471d31182496e232e4119a9dd67febd136acc06295d6bbad33dce2b50d3430dbbb0c168af95a0850a6baac67a43a9aed40eee02eb074bc309553d715cba93cc7192089b280352d35727d56194005f8f3866dce10f2145c4928e4a60c8ada5e59bccb80ffe2289bb3b3ee8cbcedb41e532eb80794bc5923&cb=1730670902923&cri=U9SahE2BWq
Requested by: Host: www.ba-bamail.com
URL: https://www.ba-bamail.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 34.199.234.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-234-25.compute-1.amazonaws.com
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Sun, 03 Nov 2024 21:55:02 GMT
pragma: no-cache
content-type: image/gif

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
534 B 112ms
30ms Fetch 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
expires: -1
access-control-allow-origin: https://www.ba-bamail.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Sun, 03 Nov 2024 21:55:03 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 200 auction Show response
pbs.nextmillmedia.com/openrtb2/ 5 KB
6 KB 946ms
555ms Fetch
application/json 15.204.46.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pbs.nextmillmedia.com/openrtb2/auction
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.46.116 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: ns1022841.ip-15-204-46.us
Software: /
Resource Hash: 7d54c7e56fd781c304c06e968abd3fadc3642638bab19ca7705308e0cbe1f6cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
accept-ch: Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
x-trace-id: 18ae5cfb-cc02-4cbc-ae27-2a010fdfa70b
expires: 0
access-control-allow-origin: https://www.ba-bamail.com
date: Sun, 03 Nov 2024 21:55:03 GMT
x-prebid: pbs-go/43.36.1
content-type: application/json
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 581 B
965 B 87ms
45ms Fetch
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0205fe4083d3aec8b88d149d7c81f588d0cdf293756b8a8911dac51c83ca8f8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 176.67.80.79; 176.67.80.79; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://www.ba-bamail.com
an-x-request-uuid: 9004575a-2fb2-4fa0-9869-2cf326af2887
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 03 Nov 2024 21:55:03 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
224 B 71ms
16ms Fetch 178.250.1.4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.14.0&cb=41755602668&lsavail=1&networkId=4902

Requested by

Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://www.ba-bamail.com
date: Sun, 03 Nov 2024 21:55:02 GMT
vary: Origin
server: Kestrel

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1011 B
2 KB 382ms
337ms Fetch
application/json 69.173.156.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11734&site_id=554576&zone_id=3473898%3B3473894%3B3473894%3B3473894%3B3473896%3B3473902&size_id=15%3B2%3B2%3B2%3B2%3B15&alt_size_ids=16%3B39%2C40%2C55%2C57%3B39%2C40%2C55%2C57%3B39%2C40%2C55%2C57%3B39%2C40%2C41%3B9%2C8%2C10%2C16%2C17%2C54%2C229&rp_schain=1.0,1!yieldbird.com,35227,1,,,!rubiconproject.com,11734,1,,,&rf=https%3A%2F%2Fwww.ba-bamail.com%2F&kw=animals%2Clandscape%2Cbeautifulnature%2Ctravel%2Cwild%2Cfunny%2Cvideos%2Csmartphone%2Ccutepuppies%2Ccutekittens%2Cbeautifulphotos%2Cdesign%2Cart%2Cstage%2Cmusic%2Cacrobat%2Cmagic%2Ccreative%2Cdecor%2Ccrazy%2Cyoga%2Chealth%2Clifestyle%2Ccancer%2Ctherapy%2Cfood%2Cfamily%2Crecipe%2Cinspiration%2Cquotes%2Cgreetingcards%2Ctips%2CDIY%2Chowto%2Cscience%2Ctechnology%2Ccar%2Ccomputer%2Capps%2Cinternet%2Cspace%2Cfunny%2Cjokes%2Ctrickyriddles%2Cquizzes%2Ctrivia%2Ctests%2Csports%2Cforkids%2Cviral%2Chistory%2Cfacts%2Ccars&tg_i.domain=ba-bamail.com&tg_i.page=https%3A%2F%2Fwww.ba-bamail.com%2F&tg_i.pbadslot=%2F21801698676%2Finterstitials-en-desktop%23gpt_unit_%2F21801698676%2FInterstitials-En-desktop_0%3B%2F21801698676%2Fatf%23lg-atf-970-250%3B%2F21801698676%2Fatf%23lg-atf-728-90%3B%2F21801698676%2Fatf%23lg-atf-300-250%3B%2F21801698676%2Fbtf%23lg-btf-728-90%3B%2F21801698676%2Fbottom%23lg-bottom-300-250&tk_flint=pbjs_lite_v9.14.0&x_source.tid=605a06d9-cbeb-47d8-844c-d4a1dbd51b1f&l_pb_bid_id=274a4b363b5e99d%3B28525d8e1c6afa%3B290c6dfa28f69c2%3B3014045c94680f7%3B31eb348be6ba42d%3B3248076b6e6f877&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e5eef25a-da0a-476f-a9c9-40a1f041fac7%3B4f91dbca-6cfa-47fd-9ab4-3b1fb7aaa40f%3B3a9477aa-9937-487f-abba-cc47665f27a7%3B23f85a4a-dab8-4a1c-9cb1-6415d22f8eca%3B48ea6f9a-cf9a-4bd8-8bcd-a30cd5bf7631%3B9b0a7005-9d72-445a-b567-a89561f65fe2&rp_maxbids=1&p_gpid=%2F21801698676%2Finterstitials-en-desktop%23gpt_unit_%2F21801698676%2FInterstitials-En-desktop_0%3B%2F21801698676%2Fatf%23lg-atf-970-250%3B%2F21801698676%2Fatf%23lg-atf-728-90%3B%2F21801698676%2Fatf%23lg-atf-300-250%3B%2F21801698676%2Fbtf%23lg-btf-728-90%3B%2F21801698676%2Fbottom%23lg-bottom-300-250&m_ch_mobile=%3F0&slots=6&rand=0.31649122835393184
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.139 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 32dba16abdd4f2e7d552990afea8746d47c8e6e236f54e0462d1c0f011191021

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.ba-bamail.com
content-length: 414
date: Sun, 03 Nov 2024 21:55:03 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.6

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
295 B 72ms
18ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ced7f313f871daf310d481bc4df7cd370fcf533583c9a41027861eca6021d875

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

content-encoding: gzip
x-forwarded-for: 176.67.80.79
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.ba-bamail.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Sun, 03 Nov 2024 21:55:02 GMT
content-type: text/plain
vary: Origin

GET
H3 200 favicon.ico
www.ba-bamail.com/ 1 KB
1 KB 31ms
31ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33f9d5855b2d701aca253b08b06f1bd39a2ca42d36db61fcecac39ec900bf336

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"1c819654ac9d41:0"
age: 1364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1DnLcoV0gF1Kdi1EEiiSWi3Qu9fvErKuRigEEd6kN3JFE%2B62OBhC4ZnzrdyKO59fx6dzpAv6Od%2FzeRQQEf86ishQVfklGgf4W5oaxv1Y88i5i3t0ZWBhsQHCXkZ0cp%2BwAeznA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dcf9b37ff270bde-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14456&sent=231&recv=83&lost=0&retrans=0&sent_bytes=249845&recv_bytes=11449&delivery_rate=6016&cwnd=75600&unsent_bytes=0&cid=932181d7d5720760&ts=1810&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:03 GMT
content-type: image/x-icon
last-modified: Wed, 20 Feb 2019 10:52:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 57x57.jpg
www.ba-bamail.com/css/img/logo/ 2 KB
3 KB 30ms
30ms Other
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ba-bamail.com/css/img/logo/57x57.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff154f3a505722b3f1830563875cf7d9f06fdccda3ac342cd72091201ae66394

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cf-cache-status: HIT
etag: "c556c3ca4a5d81:0"
age: 20312935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20nn1e%2FsOTwuTkdAQpz%2BHzEV4FmP2hz91jDyCle48MzmzEZZ%2FMsPxLAcBCL0rdPTi4D%2FcNOb2DZ9A0gqeCSsVwbjGpysfHOMKIiICtZrYf%2F3gDYbBoBbAn7qJ%2BUKEEGD5ejtCg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 31 Jul 2040 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14675&sent=234&recv=85&lost=0&retrans=0&sent_bytes=251416&recv_bytes=11982&delivery_rate=47954&cwnd=75600&unsent_bytes=0&cid=932181d7d5720760&ts=1842&x=1", cfHdrFlush;dur=0
date: Sun, 03 Nov 2024 21:55:03 GMT
content-type: image/jpeg
last-modified: Sun, 09 Jan 2022 11:19:39 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dcf9b383f530bde-AMS
accept-ranges: bytes
content-length: 2261
server: cloudflare

POST
H2 200 bq-all Show response
custom-fluentd-eyzeqmfaaa-uk.a.run.app/ 0
160 B 156ms
109ms XHR
text/plain 216.239.32.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://custom-fluentd-eyzeqmfaaa-uk.a.run.app/bq-all
Requested by: Host: stag-core.tfla.xyz
URL: https://stag-core.tfla.xyz/pre_onetag?pub_id=20&domain=www.ba-bamail.com&rand=1&min_ugl=0&es5=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.53 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary02DacpzOi2cpWAk8
Referer: https://www.ba-bamail.com/

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 03 Nov 2024 21:55:03 GMT
content-type: text/plain
x-cloud-trace-context: ab6abff81f1780ac962be12773777867
server: Google Frontend

POST
H2 200 endpoint Show response
endpoint-qwrap.prebidmanager.com/ 0
111 B 147ms
36ms Fetch 142.132.240.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://endpoint-qwrap.prebidmanager.com/endpoint
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.240.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.97.240.132.142.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-allow-origin: https://www.ba-bamail.com
content-length: 0
date: Sun, 03 Nov 2024 21:55:03 GMT
access-control-allow-credentials: true

POST
H2 200 endpoint Show response
endpoint-qwrap.prebidmanager.com/ 0
110 B 31ms
30ms Fetch 142.132.240.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://endpoint-qwrap.prebidmanager.com/endpoint
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.240.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.97.240.132.142.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-allow-origin: https://www.ba-bamail.com
content-length: 0
date: Sun, 03 Nov 2024 21:55:03 GMT
access-control-allow-credentials: true

POST
H2 200 endpoint Show response
endpoint-qwrap.prebidmanager.com/ 0
110 B 30ms
28ms Fetch 142.132.240.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://endpoint-qwrap.prebidmanager.com/endpoint
Requested by: Host: cdn.qwtag.com
URL: https://cdn.qwtag.com/15297c01-13de-49af-a20b-48f9f0622daf/qw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.240.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.97.240.132.142.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.ba-bamail.com/

Response headers

access-control-allow-origin: https://www.ba-bamail.com
content-length: 0
date: Sun, 03 Nov 2024 21:55:04 GMT
access-control-allow-credentials: true

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 19ms
18ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M98CTHEBGV&gtm=45je4au0v898231427za200&_p=1730670901742&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=2123819530.1730670902&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730670901&sct=1&seg=0&dl=https%3A%2F%2Fwww.ba-bamail.com%2F&dt=Health%2C%20Tips%2C%20DIY%2C%20Quizzes%2C%20Riddles%2C%20Guides%2C%20Jokes%20-%20BabaMail&en=scroll&epn.percent_scrolled=90&_et=20&tfd=5726
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M98CTHEBGV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ba-bamail.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ba-bamail.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 21:55:06 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pbs.nextmillmedia.com/openrtb2	1970-01-21 00:45:57	Name: nmm-ss-cps-usr Value: 1
pbs.nextmillmedia.com/openrtb2	1970-01-21 00:45:57	Name: nmm-ss-cps-usr-exp Value: "2024-11-04 21:55:03"
www.ba-bamail.com/	1969-12-31 23:59:59	Name: SessionId Value: gqmdr0qi5mq0ovwhadaclobi
.ba-bamail.com/	1970-01-21 10:20:30	Name: _ga Value: GA1.1.2123819530.1730670902
.ba-bamail.com/	1970-01-21 10:20:30	Name: _ga_M98CTHEBGV Value: GS1.1.1730670901.1.0.1730670901.60.0.0
.doubleclick.net/	1970-01-21 00:44:31	Name: test_cookie Value: CheckForPermission
.ba-bamail.com/	1970-01-21 10:20:30	Name: vp Value: lg
.ba-bamail.com/	1970-01-21 02:54:06	Name: _fbp Value: fb.1.1730670902475.242355004373798743
.adnxs.com/	1970-01-21 10:20:30	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 09:30:06	Name: khaos Value: M324RRB7-14-LXXK
.rubiconproject.com/	1970-01-21 09:30:06	Name: audit Value: 1\|naVuGyos1qoqhL1dTGQ9Ml4QNo3mG94Rv4bTCGpcTlwNdt4SAtvHIOOSuNUh2R8ldAqs3siw6OrgcRgjl6EitWEJ+eytfK7FvsVAPbIH/+G+xUA9sgf/4b7FQD2yB//h

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
adx.adform.net
api.btloader.com
btloader.com
cdn.jsdelivr.net
cdn.qwtag.com
connect.facebook.net
custom-fluentd-eyzeqmfaaa-uk.a.run.app
en.bcdn.biz
endpoint-qwrap.prebidmanager.com
fastlane.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
grid-bidder.criteo.com
ib.adnxs.com
id.a-mx.com
lh3.googleusercontent.com
log.outbrainimg.com
pbs.nextmillmedia.com
region1.analytics.google.com
rock.defybrick.com
rtb.openx.net
securepubads.g.doubleclick.net
stag-core.tfla.xyz
stats.g.doubleclick.net
tcheck.outbrainimg.com
td.doubleclick.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.ba-bamail.com
www.facebook.com
www.google.co.uk
www.googletagmanager.com
104.22.74.216
104.26.2.70
13.32.121.84
130.211.23.194
142.132.240.97
142.250.184.198
142.250.185.162
142.250.185.179
142.250.185.194
142.250.185.195
142.250.185.227
142.250.186.138
142.250.186.142
142.250.74.200
142.251.168.154
15.204.46.116
151.101.129.229
157.240.251.35
157.240.253.1
172.217.18.97
172.67.190.143
178.250.1.4
18.239.50.73
184.30.25.193
185.89.210.244
188.114.97.3
216.239.32.53
216.239.34.36
23.213.165.149
34.199.234.25
35.186.253.211
37.157.5.141
69.173.156.139
70.42.32.159
79.127.227.46
010984c05899e76761051457b7ef57c8083835fc9ebd29c3b1af86f0aa0d8d95
01d1eaa3e10618751b5fb45de1c74011772d4cc5961f6f9489dff42804cf93bb
0205fe4083d3aec8b88d149d7c81f588d0cdf293756b8a8911dac51c83ca8f8e
06d1e8bb03baa3fdb7a19b144a06a33abce47406e730455c2e4adfa7be174b6c
0c4d0f522d5e0ddd182308929e7c309de37b36394b0096ba14b17814dcb7b1a4
1786fa9c1ab61fa3e82f4cc855e6781b19f348e025754c278187228d5505b89a
18b12cd16350d540ebe2d54460bd4f5429d06c09909fa935a08b26da295b0b56
1cfd468db5bd505d074d0cb3b4e19f2b88a39a6301ad5e80dfd846f3f26aaaa6
25917dcbac3f52140b5f02a7610fd13de0b9113ffe37c2900c8451db2d8cdfc4
2d44c318194a9e4c744b2afdeeda9b8dcd08535b2ed06c8f30d3294a41edf18c
2df2b033e767c924efa8168430b74f2945396d6a0113f805bd5e84bd094191de
2f9cbf1f71537a48e00bbd65d6f1ad60e0a75474828dd169c83c6be26b89fc17
30028a7f9d98de1919c4475a9e62020ad82f7a44748c05362ab1509d59d177e6
315c26200713724f6ea44b08932ac1ed46d6a291be30324c57c1fb2123027b00
32dba16abdd4f2e7d552990afea8746d47c8e6e236f54e0462d1c0f011191021
3379b46641b48791c136b410e325c4e10f1b08be254fec82c726ec26089f6467
33f9d5855b2d701aca253b08b06f1bd39a2ca42d36db61fcecac39ec900bf336
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f785a20a1eae68f872996012c88130a0964e77551e512f04ddc8137a584e97f
3f84d3f24faeda8f19e501e6f23dcebe02b90fc3e40eb5af1a836d9ce831fcc0
46e3d8e18a199d6b6dd06ad4d73dc5cb19203fece0fca5e3d4228a90b65d2475
474efb37daea7908084b28f9889cf6331808015c5700167975749a6d01c4e955
48995028a0d6405724d71b57ea45bc0161d33c33a4ab0d555d4be4053a4e1a2c
4b05b5df1c6675ba5130d368d5388337092b6feaf1c4224034808a5bc84aa4bc
4facfcfdca7c93e0f440544d4e39fd960b4ad3e81887e0911e0ddc0ca0b40658
5b69c2f87db35ee2c76259790d7d5f32c1f5587d4cb2bfbf237ea8f6b6b6a434
60f87e8ae619d78847cc5916e227cab58ea5a66c44a2e525844d19d9b91140c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6f315b58a08d9bc14912627a9538d358e4ea9be1b63774885d6f2ea71df032
6f11c57367491b5eb5066b3fec56454ba83d9b311253dab9de0cceb1a2e9c972
711bbd8ae58a821b859b7a952c299032ffbb3a7979cd52cbf563282804c4fe47
76c352522e3617247ec4c71eea5a3e640cc3e08176674f6e532013fd29c5fd04
77ac91e2c722abfc751849d30774280c94b0cbd848735f3b93486d18eeff7b65
7d54c7e56fd781c304c06e968abd3fadc3642638bab19ca7705308e0cbe1f6cd
8288365dce84d21822393d591c27b2feeaa9a08b25a93c05a6a3919edb106ba7
84660e695c0ad7e1a8680b9bfa7a3c26481eb0466a9e1a5e24855e0931bae85a
8f2ff90d491ec27e1e150e2037b10c0f2905a61303f099b2dd2f8bd11cb47f1c
9066788c835c2925c15c5e0dd22276d938d7937585ad74ce3d8723542267ea83
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
950746f70875744b18a517b170de64e1aad4cebd174c295a62f66a108b430066
97797466949fe6f86e5d588d7eec02687c760da5be225f11b6fb5e66b32e8852
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a2cbca9ce87f77f097162c64d9606cce3ac1ec1fea881928c88d54adbaa329fc
a6053947b6d599dbc1535174adabc3f12f3b495354ea50d93906cdfd8f3dad73
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
a621718e9d97fb39ba9ffdaad67f0a5d2dc7df9be3060b5ba10e06de835fe974
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c1a7741579d3f434e4ccb19fa8d180cee8cd58d9a11d3da705478dfb745bd852
c1acaf46c1bcad7458c0fe3bc82c61bc99d1b44f16eecd518127d03663f35841
c5fd9b6db6771a66d58e548d21ce4d2026257a0336f3bbbe6c0d12a01504da3f
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ced7f313f871daf310d481bc4df7cd370fcf533583c9a41027861eca6021d875
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5d0cbad4a165d4980855aa0b72b6dd2d05e589c0901d4d57f176feb28a7b220
d630051aa81b7895bed44adcca3d35bbf6c0aa68eb99446712e43cf0d34386d9
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dea04bd79107228d9f85ec621a7059db287f98864aa8766df2a4711da1f9f7e7
e367e2dd5890d7f90534710706a46286fe08ef4cf9ac7f62269dc95c7201ca44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeb450fd8408572a0fc02b165ac3663ceab95bf56a19b8ba8f33510537c40e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07750431edc961873e9253ebb34a91ac3cb8bfc7ddcef0de4174cf611476713
f75482db159a6512f79f87bf618c24ffaff387cfec993c167d6d4681b9ef86ea
ff154f3a505722b3f1830563875cf7d9f06fdccda3ac342cd72091201ae66394

www.ba-bamail.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

0 %IPv6

28 Domains

36 Subdomains

35 IPs

6 Countries

1511 kBTransfer

4183 kBSize

11 Cookies

3 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ba-bamail.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

0 %
IPv6

28
Domains

36
Subdomains

35
IPs

6
Countries

1511 kB
Transfer

4183 kB
Size

11
Cookies

84 HTTP transactions
0 data transactions