urlscan.io logo urlscan.io
SecurityTrails logo

ddownr.com Open in urlscan Pro
104.21.235.176  Public Scan

Go To Rescan Add Verdict Report
URL: https://ddownr.com/
Submission: On September 19 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 38 HTTP transactions. The main IP is 104.21.235.176, located in and belongs to CLOUDFLARENET, US. The main domain is ddownr.com.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.
This is the only time ddownr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 104.21.235.176 13335 (CLOUDFLAR...)
12 139.45.197.250 9002 (RETN-AS)
1 151.101.193.229 54113 (FASTLY)
1 151.139.128.10 20446 (STACKPATH...)
3 142.250.76.110 15169 (GOOGLE)
1 142.250.204.2 15169 (GOOGLE)
1 142.250.71.72 15169 (GOOGLE)
2 139.45.197.236 9002 (RETN-AS)
2 142.250.67.2 15169 (GOOGLE)
2 139.45.195.8 9002 (RETN-AS)
38 11
13    104.21.235.176 (None, )

ASN13335 (CLOUDFLARENET, US)
ddownr.com
12    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
boustahe.com
1    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn4.buysellads.net
3    142.250.76.110 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net
www.google-analytics.com
1    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
www.googletagservices.com
1    142.250.71.72 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f8.1e100.net
www.googletagmanager.com
2    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
cdn.itskiddien.club
2    142.250.67.2 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
securepubads.g.doubleclick.net
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
13 ddownr.com
ddownr.com
251 KB
12 boustahe.com
boustahe.com — Cisco Umbrella Rank: 164744
60 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 6646
1 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
130 KB
2 itskiddien.club
cdn.itskiddien.club — Cisco Umbrella Rank: 26026
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
81 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
29 KB
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 31603
141 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
4 KB
38 10
Domain Requested by
13 ddownr.com ddownr.com
12 boustahe.com ddownr.com
boustahe.com
3 www.google-analytics.com ddownr.com
www.google-analytics.com
www.googletagmanager.com
2 my.rtmark.net cdn.itskiddien.club
ddownr.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 cdn.itskiddien.club boustahe.com
cdn.itskiddien.club
1 www.googletagmanager.com www.google-analytics.com
1 www.googletagservices.com cdn4.buysellads.net
1 cdn4.buysellads.net ddownr.com
1 cdn.jsdelivr.net ddownr.com
38 10

This site contains links to these domains. Also see Links.

Domain
loader.to
www.winxdvd.com
i.imgur.com
convertr.org
docs.ddownr.com
Subject Issuer Validity Valid
ddownr.com
GTS CA 1P5		 2023-08-06 -
2023-11-04		 3 months crt.sh
boustahe.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
cdn4.buysellads.net
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
itskiddien.club
R3		 2023-08-27 -
2023-11-25		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ddownr.com/
Frame ID: 6DBAC86A87EC7F735A8E0AC19363E04A
Requests: 34 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4105CF0C9B012BFDB48D3666C29F7D66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ddownr - Online Downloader

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

751 kB
Transfer

2773 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ddownr.com/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fac86e6350bc4bc02f0c315c4f5b7fcd12e95fb8046195bc1bef367185057e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=691200
cf-cache-status
REVALIDATED
cf-ray
809153fddede40bf-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 11:00:59 GMT
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwwxxNuO9YdzTrqB2ExhKrL1LpzGFOtBQs5CzCJgydKi%2BybMRN%2F6uIzIEIdmOuSDyQ145BDj6d7qYV7%2BAZIsxVeZukW45V7YK0yov1DiTxcYC4KCIPDNeNYGBe7p"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
vendors.bundle.css
ddownr.com/assets/css/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/css/vendors.bundle.css
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29153315d92ee23561d64dfb5cee0b8b1f8db7ae56addbd6f07a5257eb4b7962
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=35355
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-8a1b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLCBs7xzgsCDbxaS6bSgQsVIIpV7dwOo3kIzvfX8vHfHZUTHjIgTg7SM%2BF3TS4mvdajY%2F7vVZpu25FHUElNBXIpqwwb3%2F2BMdmz3RrctsLxvAghlC%2BLIGwpq8HfT"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
809154019ac140bf-SIN
style.bundle.css
ddownr.com/assets/css/ 		856 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/css/style.bundle.css
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e5eeed5d0bbdb562dc9799df1976f75621fb7b105716fbc309fd651e095e3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=882678
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-d77f6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5T7wfXDUJdGH8xMflc%2FHPo5CLSYqtJAEu%2FgKXrrJVSfQzf2TzzomT0Jia8KOsEzlI%2BKKHKwXuKlKZSwyc35IkiPxFzzijclQmx2bsE60PrnYS8WTBtPqgaDGIto"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
809154019ac540bf-SIN
main.css
ddownr.com/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/css/main.css
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d7c9129f89f5aafd63b2ffba1552eee68dc8a25c908ae89e325afd916e784a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=8405
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-20d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94ijTe%2F3ru34Uk6UZjFSsG9Aih3qI9Hbdgm912KSKNwT1KtijicLUqjtHx2Tez%2BCKFCXaXxR2Ie1QU57OhNW3y7X8fuM8LL7LYVCbU%2BTVmgRhrtI20ZxusPnr4Gs"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
809154019ac640bf-SIN
favicon-32x32.png
ddownr.com/assets/images/ 		441 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddownr.com/assets/images/favicon-32x32.png
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed4d0d91377785f74b5ffb98e319b1382aa2eeab51333d558a69179b4301e77
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:00:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
125
alt-svc
h3=":443"; ma=86400
content-length
441
x-xss-protection
1; mode=block
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
"63b9e048-1b9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2h2m0D3e3xxf3CCLXYR2JsDp9Fp42Zviz2NOT2cELq%2FYaY%2Ft8P%2FgiF5Ow1R5lknna3kffeCsIrHcOjte4NzTBwOEV0kvsguDAStJ9VmnDB1%2FeRmXVeCGxzwk6kA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
809154019aca40bf-SIN
convertr.png
ddownr.com/assets/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddownr.com/assets/images/convertr.png
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2539431293ef8def579d1606c576b1a4958ff22a8ee01c7eefcabe2e63378b4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
44484
x-xss-protection
1; mode=block
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
"63b9e048-adc4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94yeHlIqMyuD0MSWMT7ttyKf8RoxixDtPZJ6Y%2BRk8g%2BSqI0p7%2F7htJkYfoz5sLpDeHw%2B2IwSum5B7aEQR%2Fxp%2BQXE0G7%2BQH%2BvkWeFPuLCJzR27L29gahTx38HLmPR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
809154019acb40bf-SIN
deeplink.svg
ddownr.com/assets/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddownr.com/assets/images/deeplink.svg
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1d431dda63e66d695675c793eb5a13a95ba75583457a6abc060c988c1d6e25
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-1466"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8UmQH9xiuGcNPvRhbc%2FQ02kNCDliXE7sUnCXTf0cBnM0pzZsXUJOPwaPcOXhrd38omoLQD1Kg%2BtIl4q5ro5zjPsOyFgTHygiXG%2F0oaejD7Sw%2BkJeJ80%2BuqhQvA%2B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
80915401aace40bf-SIN
email-decode.min.js
ddownr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:00:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 12 Sep 2023 15:48:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"6500883e-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FcgOgnQ%2FISGYnuykuNckki90jqBxCSP8b%2F22SQAqxfOledFceRqEQ3TYJVKkkMCZYXkIk2J2x0XVAwoVF6mcwYHm7EjYqAw8nq25XEwbEaBCCFOG%2Fb6BfwoteXe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
809154019ac940bf-SIN
expires
Thu, 21 Sep 2023 11:00:59 GMT
tag.min.js
boustahe.com/pfe/current/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/pfe/current/tag.min.js?z=5081080
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e58b4c163cb14f66ced74ce6a9fe37321b148a519af57a516335fc09851b0dcd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 11:01:00 GMT
content-encoding
gzip
last-modified
Mon, 18 Sep 2023 12:11:16 GMT
server
nginx
etag
W/"65083e64-33d2"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
rocket-loader.min.js
ddownr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:00:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 12 Sep 2023 15:48:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"6500883e-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bnj9zLH%2BplA%2BU0%2BPiFUNNa%2FiAnfFfr4MqOKtpYdZ0B7qmy4wGm5RutwnGQe%2BCJ51fTAZA1c%2FKRtkALeXiUVzCWK6Ee%2BAF%2B%2Bck6kGM%2FefebM0nLsOwwTleL01%2BNGc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
80915401aacf40bf-SIN
expires
Thu, 21 Sep 2023 11:00:59 GMT
jquery.blockUI.min.js
cdn.jsdelivr.net/npm/blockui@1.0.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/blockui@1.0.0/jquery.blockUI.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f32fbc9aa52d73c74907e4d2bb0e44172c031fbb29f378d5d59b62448a1e7f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 11:01:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
3658252
x-jsd-version
1.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3662
x-served-by
cache-fra-eddf8230033-FRA, cache-bfi-kbfi7400107-BFI
x-jsd-version-type
version
etag
W/"251b-AefH0ySCDHIwLEqcQ2Y7s97uXZo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
download.min.js
ddownr.com/assets/javascript/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/javascript/download.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce323abede20c78e863445205eb3567bdef1f0d08edb946c5b35e22bdc324f8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:01 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-5220"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSsygJa4RVhNFXgIG4veDUgizvfgrTrwykJs%2Fd9OV1x4PiL5utlnkNib7kdmFRqVpUZ4yPtAtmsqXVAE%2BlTolDiKLV8yU8roYMpb%2BWwe%2FlKvGeQ7%2Bp399u2rwgXu"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
80915406f88c40bf-SIN
vendors.bundle.js
ddownr.com/assets/javascript/ 		237 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/javascript/vendors.bundle.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d5b284f7d23e72258202904333d806ca8cb7ca19d95846dc92954e9f97c858
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1293
cf-polished
origSize=242434
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-3b302"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj86FU5OoCXzoGD8uLawiSS7gvydmh0rzp4pa4dsC4zTHHyHDN9hOiZPl3DJLG0NmHDk7y%2F0oaRzi8Jlqy%2F4y70VYltzYrkvE8qHpqAQMH7mgtO%2BMWSCeg14i4GC"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
80915406f88e40bf-SIN
proxima.js
ddownr.com/assets/fonts/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/fonts/proxima.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d431c3248c964d06b932d3fe0252f29bb93c6920ccd6be927aec5c26ada39249
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6065
cf-polished
origSize=19731
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-4d13"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veXuJDPK2DxouURGiLy7EqQf3JDYtle6d75UxCMrRVu9a5WYXVD80PYTk5z3uw0Unk53EVCuPJ27Vuly2%2BkAuF1vA1O4TwXVmWgxVKYbG06cuRBE1HsOHZhY7b%2Fe"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
80915406f89240bf-SIN
zone
boustahe.com/ 		930 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/zone?pub=0&zone_id=5081080&is_mobile=false&domain=ddownr.com&var=&ymid=&var_3=&tg=0
Requested by
Host: boustahe.com
URL: https://boustahe.com/pfe/current/tag.min.js?z=5081080
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
864659486abb32cb5efafe3ce16f08acdc9a1d167d001c5e39288cad6b4fa8f5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-trace-id
7148b3e59093a75a26e8e176ae734e3d
date
Tue, 19 Sep 2023 11:01:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
930
universal.min.js
boustahe.com/pfe/current/ 		85 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/pfe/current/universal.min.js?v=3.1.460
Requested by
Host: boustahe.com
URL: https://boustahe.com/pfe/current/tag.min.js?z=5081080
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 11:01:01 GMT
content-encoding
gzip
last-modified
Mon, 18 Sep 2023 12:11:16 GMT
server
nginx
etag
W/"65083e64-155a7"
content-type
application/javascript
access-control-allow-origin
https://ddownr.com
cache-control
no-cache
access-control-allow-credentials
true
ddownr.js
cdn4.buysellads.net/pub/ 		475 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/ddownr.js?1695121200000
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
04cd7cbb3d5f4496e93f0fd3e542f592ec4cd68b90618a21a404dd8a6f9403a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:00 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 19:30:43 GMT
server
AmazonS3
x-amz-request-id
0P5065RHQJJ5GD5Q
etag
"dfc493235945d64f9eacd8d0912eee4d"
x-amz-server-side-encryption
AES256
x-hw
1695121260.cds205.si2.hn,1695121260.cds023.si2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-id-2
AtPq0+jZG613Ft+JZttqPLW4POgw7x+GOu9X7K0ZbtpDyv4RcW8KYuGiLj5YZzCxRKLp60HYdQsNk22CjeduVw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 09:07:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6816
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 19 Sep 2023 11:07:25 GMT
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/ddownr.js?1695121200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1de7e30fd4230c4754512f6b67f0e2cbbc725eca2e010ddd583a9511ba1d4429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29326
x-xss-protection
0
server
cafe
etag
305 / 19619 / 31077993 / config-hash: 6226189465364927940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 11:01:01 GMT
collect
www.google-analytics.com/j/ 		15 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2067351565&t=pageview&_s=1&dl=https%3A%2F%2Fddownr.com%2F&ul=en-us&de=UTF-8&dt=ddownr%20-%20Online%20Downloader&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=787374417&gjid=525734549&cid=215298202.1695121261&tid=UA-84927639-1&_gid=1897769766.1695121261&_r=1&_slc=1&z=1749900485
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8a263a1f85fd954f284a2df9e8f6354912b7843966e1ffc6a662840ac0990aa2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 11:01:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ddownr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZSK9M4QN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.72 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d7335457f12af84b2b5e7aab12f20949dfa1aa33439b69485bf0a8923a6f99d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82715
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 11:01:02 GMT
apu.php
cdn.itskiddien.club/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.itskiddien.club/apu.php?zoneid=5098886
Requested by
Host: boustahe.com
URL: https://boustahe.com/pfe/current/tag.min.js?z=5081080
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7e337e295266786bbbedda3b73e174c9a8f835c02939c806c03a39c3434efeec
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
cf0fcd6445a99873fd7c2dc1e4b1694a
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
boustahe.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ddownr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ddownr.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Sep 2023 11:01:01 GMT
server
nginx
custom
boustahe.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ddownr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ddownr.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Sep 2023 11:01:01 GMT
server
nginx
custom
boustahe.com/ 		39 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/custom
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
a4cd9913de6a37aae19bd001e4f7f135
date
Tue, 19 Sep 2023 11:01:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
boustahe.com/ 		39 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/custom
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
4cc773f47f5516d461519157c743e51d
date
Tue, 19 Sep 2023 11:01:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sw.js
ddownr.com/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/sw.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8129d398dc083c54a85c78e17adbbe89c416bafb931e1072749bab1aa142124c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:02 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=5236
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 07 Jan 2023 21:12:40 GMT
server
cloudflare
etag
W/"63b9e048-1474"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBqppUDG3vHZtrwpxl0mgic8gvnK2HlwEKEpgeHd%2FCU3LS893Avh5cZ%2BMedcXMD2j384wF4c5rqfcLDzfldJPCRGYxwRDUYa7eGaDnCNRNJiyYjwOte%2FD9NNuJwJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=691200
cf-ray
8091540dc80140bf-SIN
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 10:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
1452
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131810
x-xss-protection
0
server
cafe
etag
9411153894055172020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 18 Sep 2024 10:36:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		43 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ddownr.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ba00269610897a4385454e4d70c6c7cde22eef4a1c753bcc94d7ab5b64cf6c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
x-xss-protection
0
expires
Tue, 19 Sep 2023 11:01:02 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6FZSK9M4QN&gtm=45je39d0&_p=2067351565&ul=en-us&sr=1600x1200&cid=215298202.1695121261&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fddownr.com%2F&dt=ddownr%20-%20Online%20Downloader&sid=1695121262&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZSK9M4QN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 11:01:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ddownr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
boustahe.com/ 		94 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/event
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2c60dbfd1c415c2c7e8e98e849876ebfd2f6fff04488532d8ae501cee2b1754d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
5c05de3ab32b1f73716be95402226be0
date
Tue, 19 Sep 2023 11:01:02 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
94
event
boustahe.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ddownr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ddownr.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Sep 2023 11:01:02 GMT
server
nginx
gid.js
my.rtmark.net/ 		65 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: cdn.itskiddien.club
URL: https://cdn.itskiddien.club/apu.php?zoneid=5098886
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ead2d37cfbe44070d1057272ff2c089a1a75b1d062c503506dcd7335b3728417
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
gid.js
my.rtmark.net/ 		65 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=26af4c74207741fbbb660ddf26194fa1&zoneId=5081080&checkDuplicate=true&ymid=&var=
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c33d51b5ca1e0ac8d27e860613fa4c7d0f8d276184a03ac093bf476f58384282
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 11:01:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
cdn.itskiddien.club/5/5098886/ 		45 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.itskiddien.club/5/5098886/?abt_opts=1&js_build=iclick-v1.600.0&userId=210df9e08ab644f9bd2bde5c0210c6a0
Requested by
Host: cdn.itskiddien.club
URL: https://cdn.itskiddien.club/apu.php?zoneid=5098886
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0b0bd8fb329032d8aab9759a1a810be784cd873e11104485bc2f9fea57eb736b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-trace-id
d297703bc1c13005898b8170b6f3a0ad
pragma
no-cache, no-cache
date
Tue, 19 Sep 2023 11:01:03 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://ddownr.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length
45
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
defaultSkin.min.js
boustahe.com/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/pfe/current/defaultSkin.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 11:01:03 GMT
content-encoding
gzip
last-modified
Mon, 18 Sep 2023 12:11:16 GMT
server
nginx
etag
W/"65083e64-df63"
content-type
application/javascript
access-control-allow-origin
https://ddownr.com
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame 4105 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
boustahe.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ddownr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ddownr.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 19 Sep 2023 11:01:04 GMT
server
nginx
custom
boustahe.com/ 		39 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://boustahe.com/custom
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
5212fde23cfed15bee3589a9c7c89aee
date
Tue, 19 Sep 2023 11:01:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ddownr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __cfQR object| zfgformats object| Typekit object| KAppOptions function| $ function| jQuery function| Popper object| bootstrap function| wNumb object| noUiSlider function| Waypoint function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| index boolean| is_playlist function| iniatedownload function| changeURL function| insertScript function| insertRow function| checkforPlaylist function| getVideoId function| addPlaylistVideos function| loadpic function| loaddoc function| checkmedia function| openad function| clickDownload function| sendmail function| scrolldown function| removeItem function| success_copy function| roundToTwo function| download boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga object| bsagpt object| bsaheaderbid object| googletag object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| sdk boolean| installOnFly object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_tag_manager object| zfgstorage object| 95i3ybyj6hq function| onClickTrigger object| syncCallbacks boolean| zfgloadedpopup boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes

8 Cookies

Domain/Path Name / Value
.ddownr.com/ Name: _ga
Value: GA1.2.215298202.1695121261
.ddownr.com/ Name: _gid
Value: GA1.2.1897769766.1695121261
.ddownr.com/ Name: _gat
Value: 1
.ddownr.com/ Name: _ga_6FZSK9M4QN
Value: GS1.2.1695121262.1.0.1695121262.0.0.0
my.rtmark.net/ Name: ID
Value: 26af4c74207741fbbb660ddf26194fa1
cdn.itskiddien.club/ Name: OAID
Value: 210df9e08ab644f9bd2bde5c0210c6a0
cdn.itskiddien.club/ Name: oaidts
Value: 1695121263
cdn.itskiddien.club/ Name: syncedCookie
Value: true

1 Console Messages

Source Level URL
Text
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boustahe.com
cdn.itskiddien.club
cdn.jsdelivr.net
cdn4.buysellads.net
ddownr.com
my.rtmark.net
securepubads.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.21.235.176
139.45.195.8
139.45.197.236
139.45.197.250
142.250.204.2
142.250.67.2
142.250.71.72
142.250.76.110
151.101.193.229
151.139.128.10
04cd7cbb3d5f4496e93f0fd3e542f592ec4cd68b90618a21a404dd8a6f9403a8
06d7c9129f89f5aafd63b2ffba1552eee68dc8a25c908ae89e325afd916e784a
0b0bd8fb329032d8aab9759a1a810be784cd873e11104485bc2f9fea57eb736b
1b1d431dda63e66d695675c793eb5a13a95ba75583457a6abc060c988c1d6e25
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
1de7e30fd4230c4754512f6b67f0e2cbbc725eca2e010ddd583a9511ba1d4429
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29153315d92ee23561d64dfb5cee0b8b1f8db7ae56addbd6f07a5257eb4b7962
2c60dbfd1c415c2c7e8e98e849876ebfd2f6fff04488532d8ae501cee2b1754d
4ce323abede20c78e863445205eb3567bdef1f0d08edb946c5b35e22bdc324f8
5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0
65fac86e6350bc4bc02f0c315c4f5b7fcd12e95fb8046195bc1bef367185057e
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7e337e295266786bbbedda3b73e174c9a8f835c02939c806c03a39c3434efeec
8129d398dc083c54a85c78e17adbbe89c416bafb931e1072749bab1aa142124c
864659486abb32cb5efafe3ce16f08acdc9a1d167d001c5e39288cad6b4fa8f5
8a263a1f85fd954f284a2df9e8f6354912b7843966e1ffc6a662840ac0990aa2
9f32fbc9aa52d73c74907e4d2bb0e44172c031fbb29f378d5d59b62448a1e7f7
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
ba00269610897a4385454e4d70c6c7cde22eef4a1c753bcc94d7ab5b64cf6c09
c0d5b284f7d23e72258202904333d806ca8cb7ca19d95846dc92954e9f97c858
c33d51b5ca1e0ac8d27e860613fa4c7d0f8d276184a03ac093bf476f58384282
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d431c3248c964d06b932d3fe0252f29bb93c6920ccd6be927aec5c26ada39249
d7335457f12af84b2b5e7aab12f20949dfa1aa33439b69485bf0a8923a6f99d2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09e5eeed5d0bbdb562dc9799df1976f75621fb7b105716fbc309fd651e095e3
e2539431293ef8def579d1606c576b1a4958ff22a8ee01c7eefcabe2e63378b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58b4c163cb14f66ced74ce6a9fe37321b148a519af57a516335fc09851b0dcd
ead2d37cfbe44070d1057272ff2c089a1a75b1d062c503506dcd7335b3728417
fed4d0d91377785f74b5ffb98e319b1382aa2eeab51333d558a69179b4301e77
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881