www.dredown.com Open in urlscan Pro
104.21.94.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dredown.com/
Submission: On June 16 via manual (June 16th 2024, 11:21:44 am UTC) from MX — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 18 domains to perform 77 HTTP transactions. The main IP is 104.21.94.29, located in and belongs to CLOUDFLARENET, US. The main domain is www.dredown.com.
TLS certificate: Issued by E1 on May 28th 2024. Valid for: 3 months.

This is the only time www.dredown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	104.21.94.29 104.21.94.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	172.64.152.191 172.64.152.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.197.235 139.45.197.235	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	172.67.193.52 172.67.193.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:20ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	103.224.212.215 103.224.212.215	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
77	22

27 104.21.94.29 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dredown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

pushsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.152.191 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.235 (United Kingdom)

ASN9002 (RETN-AS, GB)

native.propellerclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:20ac (United States)

ASN13335 (CLOUDFLARENET, US)

offerimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.212.215 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-215.above.com

dainaith.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	dredown.com www.dredown.com	940 KB
12	pushsar.com pushsar.com	51 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 tpc.googlesyndication.com — Cisco Umbrella Rank: 172	214 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
3	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 78428 c.adskeeper.co.uk — Cisco Umbrella Rank: 58208	109 KB
3	inpagepush.com inpagepush.com — Cisco Umbrella Rank: 673034	33 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	10 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 8881	1 KB
1	dainaith.net dainaith.net Failed
1	offerimage.com offerimage.com — Cisco Umbrella Rank: 29265	79 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 16913	485 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	90 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	346 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 17969	8 KB
1	propellerclick.com native.propellerclick.com
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	933 B
0	ptogheeb.net Failed ptogheeb.net Failed
77	18

	Domain	Requested by
27	www.dredown.com	www.dredown.com
12	pushsar.com	www.dredown.com pushsar.com
5	pagead2.googlesyndication.com	www.dredown.com pagead2.googlesyndication.com
3	inpagepush.com	www.dredown.com inpagepush.com
3	www.youtube.com	www.dredown.com www.youtube.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	my.rtmark.net	inpagepush.com www.dredown.com
2	www.google-analytics.com	www.dredown.com www.google-analytics.com
2	jsc.adskeeper.co.uk	www.dredown.com jsc.adskeeper.co.uk
1	dainaith.net	www.dredown.com
1	region1.google-analytics.com	www.googletagmanager.com
1	offerimage.com	www.dredown.com
1	fleraprt.com	tzegilo.com
1	c.adskeeper.co.uk	www.dredown.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	tzegilo.com	inpagepush.com
1	native.propellerclick.com	www.dredown.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.dredown.com
0	ptogheeb.net Failed	www.dredown.com
77	21

This site contains no links.

Subject Issuer	Validity	Valid
dredown.com E1	`2024-05-28` - `2024-08-26`	3 months	crt.sh
pushsar.com R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
inpagepush.com R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
adskeeper.co.uk GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
propellerclick.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
rtmark.net R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2024-05-28` - `2024-08-26`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
offerimage.com GTS CA 1P5	`2024-06-03` - `2024-09-01`	3 months	crt.sh
piaa1.org R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.dredown.com/
Frame ID: F666AC39B1A68D970454A9A154941C5D
Requests: 69 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: A410D202CB3BDE5A94126E8E769992B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2025640675312019&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1718536897&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.dredown.com%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_5~27_9~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718536896876&bpp=5&bdt=487&idt=196&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7959888915536&frm=20&pv=2&ga_vid=2090659368.1718536897&ga_sid=1718536897&ga_hid=1975464680&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95331696%2C95334510%2C95334526%2C95334572%2C95334053%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=54960980236565&tmod=1235131332&uas=0&nvt=1&fsapi=1&fc=1920&brdim=610%2C610%2C610%2C610%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: 6849C8E48D48A4DC659E29041FC953F5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oF83Xt-W1k4?autoplay=1&controls=1&showinfo=0&modestbranding=1&loop=1&fs=0&cc_load_policy=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2Fwww.dredown.com&widgetid=1
Frame ID: A2132E7A30925062B965ECAED4924934
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F6736EC3D05132A8B3A36322D4326CD
Requests: 1 HTTP requests in this frame

Frame: https://dainaith.net/static.html
Frame ID: E34EEE6E34A65BF812E8639FEED92AAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

90 %
HTTPS

48 %
IPv6

18
Domains

21
Subdomains

22
IPs

6
Countries

1597 kB
Transfer

3294 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.dredown.com/ 231 KB
50 KB 1057ms
839ms Document
text/html 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 75e00146526a8e164593f7802be77a801a67898adce99fdf29ce1acc398d5757

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894a6acd4bda3a3d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 11:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wo0nkT6ON6qd4sw0mwWhK8gcY%2FaTVvdE6rXr7jUq6pLd4D473BkITFPpF%2Fi7nlWys9VX6a4fMRobvTHrkKOh94%2BoTastPF7yBxh4mxHVcR%2BVjiF3h3%2Bs4qV%2FRQOAqy58%2FmY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 tag.min.js Show response
pushsar.com/pfe/current/ 14 KB
6 KB 295ms
53ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 502808387cdbf99fd572044c70bd12afa075edb4fad281d6df7f36394dd537f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 14:56:04 GMT
server: nginx
etag: W/"666c5a04-39e3"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 css
fonts.googleapis.com/ 2 KB
933 B 273ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1f2eb8776e447647d85c1e228106e849be0cef78f94e2f9f6d0ae48a317c802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 11:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 11:21:36 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
51 KB 171ms
83ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

986e080b3daa228dd1a56fec04800039c0fd02e0006284b0cb018445e49585c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51980
x-xss-protection: 0
server: cafe
etag: 8765579182795442118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 16 Jun 2024 11:21:36 GMT

GET
H3 200 jquery.js Show response
www.dredown.com/js/ 112 KB
40 KB 71ms
70ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 793a15e0a769a20cf294c35302ddd4ac39c74417962fa4fe539ed0e696ee2678

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xV3%2FGDkwpnJ%2BEC53awLgbn4STPOH6qP%2FcYVlSfjLzb6GV8K0bdqG6B9omGgK9MI6KlAqYULsFl%2BNwqD0OjlgAIU3%2BVyz8XcwoFB87cx5mYq8gjJZaXwCOk1GckW1nNZfUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad41d733a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 grid.js Show response
www.dredown.com/js/ 24 KB
8 KB 52ms
52ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/grid.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:38:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7H21ejfv5Yhz6JlIfwr4fNyO0%2FcjhbuzDrHGUut%2FrMNw06%2BH8c%2FxPV4Shu3mj7uFHszVuY91nvJZCqubCrZYotxoWSj7I1cC89Mn4Vg2SGd7fSY1eiFyo463XTN5h42NKFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad41d753a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.ui.widget.js Show response
www.dredown.com/js/vendor/ 16 KB
5 KB 54ms
52ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/vendor/jquery.ui.widget.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgB4IORj%2BDb61GywjbnUXjCfQAy593v9QGEs6Ifs8J0q6Jt3z4sElxQzSC5O4dlrJ5Taqn79eKu1B7HV4%2B4FXAfMDhd9Ad86aQsfY4rMhFsAvKzWAtb20fBwDOIr7ZXg5Jc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad42d763a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.iframe-transport.js Show response
www.dredown.com/js/ 11 KB
3 KB 96ms
94ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.iframe-transport.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Os07QKs6n74LEcTPVKo4v1t6vUB%2BUuz5qPjcM2YVYEzpKpm%2Bx5PEQYKzMvAHRGb6RywQFGW6BSLZRXfgwZqhy%2FWPdaaEaaDkRcDZyv9bKCHoRoH9TKs5T5T0tSBmTbK2kJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad42d793a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.fileupload.js Show response
www.dredown.com/js/ 62 KB
14 KB 54ms
52ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.fileupload.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ddae60f2d6d708b6251b9e9ade4c8bb7d4e0af905a8e2f95dfea2dd8588c36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FK0nO%2Fs0AY5dt6ixCg5cnJKhVcdXHnjfzyHEWOk81neFirTE9PlnIM2eVJsAK5Fn%2F0jYuLAGATcQrvRxgrRKK4ASKmuvLI%2FOdWca7TbHEFqj69t0U%2BVvPifQKUTfTt00T%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad42d7b3a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fastclick.js Show response
www.dredown.com/js/ 25 KB
8 KB 140ms
138ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/fastclick.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6ebd0f9726b9f0d5a566d8b3967e7d5223782fd274ac2da7c674d1ea2b69b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:38:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2B5P3FFM9rxyFuM7meMhGDmFV6od8C46nraUITfzkidrn8SPSjzsmizHZVYxXsnPJOh1hFlTixDCa0F0AlvAyDGBSkEqXk%2BzkDTWzWxuF8FH1dc88o3J%2BRBsyX8gPrcO8F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad42d7c3a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.waitforimages.js Show response
www.dredown.com/js/ 8 KB
3 KB 52ms
51ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.waitforimages.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b69c824d886b6b700fa65c52e1dc22ebfd4e5bfdf469ac3df59be4de09d7ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 970
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNqw8Db8yjt8LEQceKPA6Z4IsD63yxDxRJ7EXgOqTyvga0V75Mi%2FfuecjLLzZYn5pgC1t%2F4RqtMPa7dUHTWs7IEV%2B05uNWSZ2gw%2F9YA0D1Asr4yktq69VrKdBHWN%2FfeCsXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad42d7f3a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 javascript.js Show response
www.dredown.com/js/ 7 KB
3 KB 593ms
592ms Script
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/javascript.js?x=1718536896
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690f3a5ee35be38480240f153b98cd4e7b510cbb079c572cd053dccd6040fc68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Aug 2018 02:45:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i1RH3j8qTLgInoMOKikkpbseMWrmYjEKdd4EOj%2Fc0qU6agI8FeudVdxvgcqBJlqn6r5Y8tgX0CjJIkyfl8ol8WnuDi6auItWd1XL1HIACqjEXiwZSp4WiMA6nfahcULeEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad42d803a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 160ms
59ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99f0c91286bc72d46a0e900ada363a9c06578f8077fff4ddeaac63f89bf802b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 16 Jun 2024 11:21:36 GMT

GET
H2 200 3114621 Show response
inpagepush.com/400/ 81 KB
31 KB 204ms
94ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3114621

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3aa6f1e25bb0c2e4376853b5bbd6604124b1dd34c454537d5eb20976739f4243

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: e58b26d6b8a04a083035d78847608246
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 dredown.com.824166.js Show response
jsc.adskeeper.co.uk/d/r/ 6 KB
3 KB 407ms
331ms Script
text/javascript 172.64.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.824166.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.152.191 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 433865de9994cebc0c329d68eb1c954ef744f31f246275dd8679e5f67f998a9c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: gzip
x-amz-version-id: VgGw7EOtyAuffFEdjAMhkQAWD37lhEcS
cf-cache-status: MISS
x-amz-request-id: 0GY1YYXQVY3YB5QV
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 2266
x-amz-id-2: cA6qMGtPpYedeooMsyh7lLANIUgTHwjy88oUITssJmFZENi6uQJwYK4RbOh7862NC9YHd5r7Qbw=
last-modified: Mon, 20 May 2024 12:39:46 GMT
server: cloudflare
etag: "0cfe2398b132072f7418776a98826699"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 894a6ad4a9efbbd0-WAW
expires: Sun, 16 Jun 2024 15:21:37 GMT

GET
H2 200 tag.min.js Show response
pushsar.com/pfe/current/ 14 KB
6 KB 64ms
63ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/tag.min.js?z=3085930
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 502808387cdbf99fd572044c70bd12afa075edb4fad281d6df7f36394dd537f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 14:56:04 GMT
server: nginx
etag: W/"666c5a04-39e3"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 dredown_instagram_videos_cat.jpg
www.dredown.com/images/ 436 KB
437 KB 79ms
79ms Image
image/jpeg 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/dredown_instagram_videos_cat.jpg
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a99e2f59098c89caeca7e7821c14d911f5af34c3207253420258908a007ac8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269793
alt-svc: h3=":443"; ma=86400
content-length: 446416
last-modified: Sun, 16 Feb 2020 05:26:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXoy5ZGn1agO0tYHNRMYcivOa1%2BHXoVkuNwM3tFff6425reiVsrg6GpugtU%2Fg%2FO090%2Bh%2BExnWkIBike43sJZUnz5h2wsGp5xrPY0oF2woTnnpYnYUPMpC1ohIFnzWuMHcHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6ad45dd33a3d-FRA
expires: Thu, 20 Jun 2024 08:25:03 GMT

GET
H3 200 dredown.png
www.dredown.com/images/ 12 KB
12 KB 386ms
385ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/dredown.png?x=
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9412522fc0ac1e8015cd03248533f7d4e779c283bfd0bfcf7a3d46bab805197d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jun 2017 18:14:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O86r7T0V%2FT5WuFv3jW8w8%2BMnwBfl3nFgipXRpfNHExq%2BrlYaRacAiF7nHatN%2BsxZbkxg02eoBYlf3Z6hRppYxpiuqDjgg0cym59OFtoht1NJLYzgUzW7C3QwVQ1MeF8Dpxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6ad45dd43a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11897
expires: Sun, 23 Jun 2024 11:21:36 GMT

GET
H3 200 fontawesome-webfont.woff2
www.dredown.com/fonts/ 75 KB
76 KB 403ms
402ms Font
font/woff2 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306657
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Thu, 08 Jun 2017 04:32:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIDOWI3BRk%2Bl13Nspq%2FOeqkoSYJJiGC%2F%2BY70F9AZPyKk2TbgmonFrnIoIGSYCoStoW9TpknH5gAlrsV2mzGDS%2Bx78iQzJmrPmRh5x8tdY3c3z45nQTtyWimLvJdF778Mjzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6ad45de63a3d-FRA
expires: Wed, 19 Jun 2024 22:10:39 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 136ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.dredown.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 00:53:24 GMT
x-content-type-options: nosniff
age: 296892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 00:53:24 GMT

GET
H2 200 universal.min.js Show response
pushsar.com/3bT/27mJf/ 88 KB
34 KB 138ms
51ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/3bT/27mJf/universal.min.js?v=3.1.523
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b4c622dd9ab53b505e6f9b0164557f6d64f6cecb547df209909ee326b8cb1fb4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 14:56:04 GMT
server: nginx
etag: W/"666c5a04-15ffc"
content-type: application/javascript
access-control-allow-origin: https://www.dredown.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
pushsar.com/ 881 B
1 KB 46ms
45ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/zone?pub=0&zone_id=3085928&is_mobile=false&domain=www.dredown.com&var=&ymid=&var_3=&tg=0&sw=3.1.523&drf=&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguNjEifSx7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYuMC42NDc4LjYxIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

35c8593906152606fa01307cf74d8ce7d0cab541fe000807740e12c77e789511

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 881

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 426 KB
144 KB 97ms
96ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025640675312019&plah=www.dredown.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a5f5f0a0d88b18f1821c83b61f8bad8bab9492b4c8cf74ebfaa823a28542b1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147281
x-xss-protection: 0
server: cafe
etag: 3680943131265135851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 11:21:36 GMT

GET
H2 404 1
native.propellerclick.com/ 0
0 242ms
53ms Script
text/plain 139.45.197.235
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/1?z=3085965
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: f95f2e4f3cd30b385d14d13fe6f709b9
date: Sun, 16 Jun 2024 11:21:37 GMT
x-sc: 4KdnrdofxFOHMlcU
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers: X-Sc
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 7

OPTIONS
H2 200 custom
pushsar.com/ Frame 0
0 43ms
42ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.dredown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.dredown.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 16 Jun 2024 11:21:36 GMT
server: nginx

POST
H2 200 custom Show response
pushsar.com/ 39 B
408 B 47ms
46ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/custom

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H3 200 swfairtag.js Show response
www.dredown.com/ 3 KB
2 KB 378ms
378ms Fetch
text/javascript 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/swfairtag.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a328aff445c55f5bca7c446df8b611042c0ec223e18828178f17c5d37fc22f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 15 Feb 2020 21:56:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwdYAXLMENl%2Fa%2ByWEXAYRvC%2ByddtS%2FM%2FIhHjboUE5VyxE8NZEFaF%2FoEjPVBfBgH4Ypv%2BhnygvFy5XVnzTsR2MQtXUkELwDan%2FRm2guCaXut7bKN9hm5T9NFXm6xgT7lT5Z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad5f8063a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame A410 0
0 115ms
43ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025640675312019&plah=www.dredown.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.dredown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 55366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Jun 2024 19:58:51 GMT
etag: 16861080603521627538
expires: Sat, 29 Jun 2024 19:58:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 6849 0
0 155ms
94ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2025640675312019&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1718536897&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.dredown.com%2F&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_5~27_9~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718536896876&bpp=5&bdt=487&idt=196&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7959888915536&frm=20&pv=2&ga_vid=2090659368.1718536897&ga_sid=1718536897&ga_hid=1975464680&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95331696%2C95334510%2C95334526%2C95334572%2C95334053%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=54960980236565&tmod=1235131332&uas=0&nvt=1&fsapi=1&fc=1920&brdim=610%2C610%2C610%2C610%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.dredown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 11:21:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
37ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/js/javascript.js?x=1718536896

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 10:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3149
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 12:29:08 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/74204f6c/www-widgetapi.vflset/ 24 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/74204f6c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4349329d9810a0dd03edc1841097097667cacc80e4fd9319754b2e4a14a81b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 10:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 04:23:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Jun 2025 10:46:08 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 153ms
45ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3114621

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cecbe2e9ad5a6e2d56df0cee9604597c4f0b5cd24d3f7845c0d2494470e3f7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 dredown.com.824166.es6.js Show response
jsc.adskeeper.co.uk/d/r/ 350 KB
106 KB 122ms
76ms Script
text/javascript 172.64.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.824166.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.824166.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.152.191 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2abb90bbb67877c9a452142d22b3f431e2c14f3a8fdd533af721b7f3e67c5456

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: gzip
x-amz-version-id: Du9w0IgUSthfcW8MJW02K7895kRFibAn
cf-cache-status: HIT
x-amz-request-id: JE9XBTDW8KYNDHDK
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 108493
x-amz-id-2: wvBggOLopS6g71exjsugFTTkiTY97FTGshw0iMNXxCc1IT4kxEFJQuW/gwPzR0+bxEwRX3GKgt8=
last-modified: Mon, 20 May 2024 12:39:46 GMT
server: cloudflare
etag: "88cdefaceee4a77bbfcb7260cf14e922"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 894a6ad8abfe6a74-TXL
expires: Sun, 16 Jun 2024 15:21:37 GMT

GET
H2 200 universal.min.js Show response
pushsar.com/3bT/27mJf/ 88 KB
182 B 46ms
44ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/3bT/27mJf/universal.min.js?v=3.1.523
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085930
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b4c622dd9ab53b505e6f9b0164557f6d64f6cecb547df209909ee326b8cb1fb4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 14:56:04 GMT
server: nginx
etag: W/"666c5a04-15ffc"
content-type: application/javascript
access-control-allow-origin: https://www.dredown.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 universal.min.js Show response
pushsar.com/3bT/27mJf/ 88 KB
182 B 93ms
44ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/3bT/27mJf/universal.min.js?v=3.1.523
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b4c622dd9ab53b505e6f9b0164557f6d64f6cecb547df209909ee326b8cb1fb4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 14:56:04 GMT
server: nginx
etag: W/"666c5a04-15ffc"
content-type: application/javascript
access-control-allow-origin: https://www.dredown.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
pushsar.com/ 905 B
1 KB 46ms
44ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/zone?pub=0&zone_id=3085930&is_mobile=false&domain=www.dredown.com&var=&ymid=&var_3=&tg=0&sw=3.1.523&drf=&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguNjEifSx7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYuMC42NDc4LjYxIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085930

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ac1a631534113ecee7eb3929cd8630100b9df4a841c4e0c94aac4a2e79dad440

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 905

GET
H2 200 zone Show response
pushsar.com/ 881 B
1 KB 55ms
53ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

35c8593906152606fa01307cf74d8ce7d0cab541fe000807740e12c77e789511

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 881

GET jquery-ui.css
ptogheeb.net/ 0
0

GET
H2 200 oF83Xt-W1k4
www.youtube.com/embed/ Frame A213 0
0 181ms
85ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/oF83Xt-W1k4?autoplay=1&controls=1&showinfo=0&modestbranding=1&loop=1&fs=0&cc_load_policy=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2Fwww.dredown.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/74204f6c/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.dredown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 11:21:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 custom Show response
pushsar.com/ 39 B
408 B 44ms
44ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/custom

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 49ms
47ms XHR
text/plain 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1975464680&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dredown.com%2F&ul=de-de&de=UTF-8&dt=DreDown%20%7C%20All%20Video%20Downloader%20%7C%20Download%20Instagram%20%7C%20Download%20Instagram%20Videos%20%7C%20Download%20Videos%20%7C%20Music%20%7C%20George%20Lamberis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1676603712&gjid=266068998&cid=2090659368.1718536897&tid=UA-56660370-5&_gid=1621156333.1718536897&_r=1&_slc=1&z=1079521658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

42c3a02b7e2aa7c37845390a6c4d1a099448386479989259b21edc46b4f98768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dredown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 143ms
79ms Script
application/javascript 172.67.193.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3114621
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b267db45ca3e86031685aaad2b03b8f39c4e0bd97959da2c7a88a0b326059b7b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 07:36:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3089
etag: W/"664ef203-4b1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9uALz1V4445cPuQPHuxG6RwzBjobp6uh5BNCjtYrEhHcuYUPVeeUx66vQV9UZXPyJLRUEmNl5IHWCWL%2BguZ8RBdd14Mg2LigeqLMPF4o%2FogExDmiH%2BZv2VEAr3Mtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 894a6ad9bdd62c5f-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 153ms
48ms XHR
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56660370-5&cid=2090659368.1718536897&jid=1676603712&gjid=266068998&_gid=1621156333.1718536897&_u=IAhAAEAAAAAAACAAI~&z=963371690

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jun 2024 11:21:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dredown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
90 KB 161ms
70ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FPS8228SQY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcbf9b7e1e613f98479dc17efe9affc88e2f2c15db998e4ae19b965066491f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92017
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 11:21:37 GMT

GET
H2 200 3114621 Show response
inpagepush.com/500/ 2 KB
1 KB 133ms
133ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3114621?excludes=&oaid=08007d5c9499493cf1bd1288ae71d1ef&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=610&wy=610&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fwww.dredown.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.61&js_build=8&sw_version=v1.348.0

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3114621

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e95b54e2485964069501dc7f430b25b20d5cc4b8ce3327ef278255250a7f2593

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 057cf1c17d2a675dd9983f640bc2e66b
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://www.dredown.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3114621
inpagepush.com/500/ Frame 0
0 135ms
45ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.dredown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.dredown.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sun, 16 Jun 2024 11:21:37 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3 200 mainpage.php Show response
www.dredown.com/ 3 KB
1 KB 318ms
317ms XHR
text/html 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/mainpage.php?page=
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/js/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 2fa3c219e40268b978bae425d3f5e7c8f7589cf50f2b9ea48138e8f0606e3130

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://www.dredown.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIcwGqPy51OUFy3bj7WBDMF2g5bC5lOpzonHjpMyEILUE45i%2FqEj5FgzO%2FNlTRnBy0TFFx1NANWbyN6yA0JKm7PoCvWl9JB1%2FSjIGkTgoFFBJYgPrApCDRGAQJKIjaMHRgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ad9dd993a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 4e7d1ffd-577c-4eb7-be7d-60b9a66d277e
https://www.dredown.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dredown.com/4e7d1ffd-577c-4eb7-be7d-60b9a66d277e
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK e1264602-e257-420d-a1a6-30612678fe6b
https://www.dredown.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dredown.com/e1264602-e257-420d-a1a6-30612678fe6b
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 206
Partial Content 3e2888cc-adf0-4ef3-b6f4-2530209484b7
https://www.dredown.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.dredown.com/3e2888cc-adf0-4ef3-b6f4-2530209484b7
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 /
c.adskeeper.co.uk/pv/ 43 B
188 B 123ms
112ms Image
image/gif 172.64.152.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.co.uk/pv/?lu=https%3A%2F%2Fwww.dredown.com%2F&cbuster=1718536897592596020972&pvid=19020c804388689e9fa&implVersion=11&cxurl=https%3A%2F%2Fwww.dredown.com%2F&site=536645&i=1&scua=%22x86%22&scub=%2264%22&scu=%22Google%20Chrome%22%3Bv%3D%22126%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22126%22&scufvl=%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%20%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22&scum=%3F0&scup=%22Win32%22&scupv=%2210.0.0%22&scufv=%22126.0.6478.61%22&scuw=%3F0

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.152.191 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 894a6ada2cd1bbd0-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
485 B 161ms
46ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f60f98bf-e431-4398-99c5-ba9a5502c822
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 16 Jun 2024 11:21:37 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 e44ff0400c2a861495ae0a35d50d585b.png
offerimage.com/www/images/ 79 KB
79 KB 175ms
60ms Image
image/png 2606:4700:10::6816:20ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/e44ff0400c2a861495ae0a35d50d585b.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:20ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:37 GMT
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 12:02:27 GMT
server: cloudflare
age: 15606
etag: "664352d3-13afe"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 894a6adc5b65918e-FRA
content-length: 80638
expires: Mon, 17 Jun 2024 07:01:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 155ms
47ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FPS8228SQY&gtm=45je46c0v9109136300za200&_p=1718536897477&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=2090659368.1718536897&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.dredown.com%2F&dt=DreDown%20%7C%20All%20Video%20Downloader%20%7C%20Download%20Instagram%20%7C%20Download%20Instagram%20Videos%20%7C%20Download%20Videos%20%7C%20Music%20%7C%20George%20Lamberis&sid=1718536897&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2566&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPS8228SQY&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 11:21:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dredown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 youtube.png
www.dredown.com/images/ 6 KB
6 KB 597ms
589ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/youtube.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74edfc12bedd8370ac28e4f064105d8516149d249f0e7e76e4c9d13f2a0c82b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:22:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oh3Sxz1BtnCeFdW4BAmGLJgP89UXxbCcHpUCy2rad4zF4GM9AM6AQ0eHTsmniC4lfeZhSDTRtcMSlWipxopXDNbA7r3fFGWY%2FerNedR4imJbZ%2FgvQouqtJAI8rPQcUnepdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc096d3a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6125
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 facebook.png
www.dredown.com/images/ 11 KB
12 KB 612ms
602ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/facebook.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccdac91bbbd4f5813bf15edac814bb724d8754de70d0a9fd6633f7ef98f07b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:22:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WIGietHaWjbkmPWglSViwaTkCFs0XPa4AzQvOqcNB%2B8RRPN4vAMpXbSAvZVz%2F99UFCO8tMvV6skbr5p9YRhx7KGGzDEXxvWrkpqY9toYEpoefGYj1re0KVzhWHlGW83sYYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc09763a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11761
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 instagram.png
www.dredown.com/images/ 41 KB
41 KB 570ms
560ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/instagram.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fadbb4fa539f8891f10c11b01a9c02f1137999b5f9870fba90c68cf1fe1ec00

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:44:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlfrcrytKMJh3rrsAEvad9GxFGZxoy5kXgCr9Bq5WA72aOr08JebMAj6036iAHglXhwqH10nI9jsdQCY4oyVO6P%2BXWsDqKIhcr6wibwqssnV8f6KM3ogq3vgF%2BTH7v8%2BGjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc09783a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41827
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 keek.png
www.dredown.com/images/ 40 KB
41 KB 861ms
856ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/keek.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f38d7a13dd18e62078029a649d40b4e5622cbb905f032055249dbf5b3bee8b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrRFA8FjPyYqDT8lCh5xigRRDb841c9wYXQkmABbyR5xy9KjTNLXl3nngwrwkDqUpFoUmZdrhpm71h7Lmy2ZWSmHvtqU4gcpOg7%2Bwvsiosrrvj1Va%2BFG%2FYWtv4idYnutcbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc097a3a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41371
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 twitter.png
www.dredown.com/images/ 6 KB
6 KB 387ms
382ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/twitter.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7713ba1215becc7ef2a899bbfa5c206ab52153025de3c6921474ab5fc0d8e95

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:22:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuCf64oTd2tkckgDyBageckFXMXkkenQT5icUkeV7KCa1tXKyvxEW95UI8NlFkGZipdATkIHfIF9MnMkVIVEIvaznpvGHojMmJsSgXO9bYQ9%2BfKwv%2Bnl17s5mbkcVb%2FAGxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc097c3a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6114
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 twitch.png
www.dredown.com/images/ 9 KB
9 KB 379ms
375ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/twitch.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5864af70c5f9e85fee6127d11b387b134e061ef6af037bd33130db9a66e0d2f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2B4oyyoYrn%2BFuuDUig58AzBkoK%2BQOdaW5S%2FKwyrOjwMZ4zpozvqXn1gtQiPs%2FYG7xdB%2BMFTjGOkN22fi%2BNt6dmcguIsnu4%2B0NY6DPYA4kA6axqeIoRTyQh5PTXsyWHPZWZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc097d3a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8764
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 vine.png
www.dredown.com/images/ 29 KB
30 KB 900ms
896ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vine.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278b2f1fb819f64a3c3be5852b966375969ba076fdd08f8ca60f3a53cc8996e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:44:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eOZCR11oFOGwZxsdrDUlD0A6at%2FrDuLg86%2Bt7hcicEsBGNl4KWGR%2ByT6EaznNjOCy0yFYUehSrgjzO2XdfymkTQi5QcM9dNT%2FRs6JlrHQu0V5IKxMPqN6C3HK5cPxYLCQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc097f3a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30114
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 vimeo.png
www.dredown.com/images/ 16 KB
16 KB 862ms
857ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vimeo.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4746dea37a5eff44f4202ecdbd782933f67f9fa5c53784603faffdcdf0c554

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Buv134ieQDmvDd6a4jfqR%2FJIhXwPn%2FsH4B7zWf1E7oE0cumJq5uvcyFI%2FFV3VeZb2XkDI5XuF%2FzFuv8BemcpWediMWadp22edSM%2FVQmRxpc3l%2F6OZw314qIrpzV78U9LhgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc09803a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16080
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 metacafe.png
www.dredown.com/images/ 15 KB
15 KB 901ms
897ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/metacafe.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b497821ac41826d2f0921ea5a4ae715fe4a8ed2cfaa21bd6739990fefcce15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUpv3GXXQnSRvG3Sw983yO3qNckSZn7D%2FRvAjf%2BPRDubJIfl%2F%2FT%2B89Q0mp2vSI0TsjcNQZ8DHwscx0u%2BKqRHAkm9JB72GEVt2VkVhSvxHRIx%2BTCmhdjhuzu6qjarrjYFoJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc19843a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14906
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 vevo.png
www.dredown.com/images/ 4 KB
4 KB 606ms
602ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vevo.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a816b23df67434a719dc923548a94d50777d433e7c26f3d587cdc2b3ed433db5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKuWdkdZy25o1sVnf41PCvBVgsz5ptttrLZBhlp6zwEo%2FKA2x3lZ5R1LNhW4gdlaSgwdIKXZLF6T7S4mlFxIyaaPQjucqKPzsyzDwX%2BusSkAh8tRXblIfN0Sf7GUCXqvj5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc19853a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4054
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 vk.png
www.dredown.com/images/ 29 KB
29 KB 902ms
897ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vk.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f78bb2edd2e90afe6f7dd648069916796ba4e317fee181c9f31ca95521ad7005

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:46:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SuDbVMm%2BIFlqFnZ0F4tsrFdKcnJKXCXPSXENXSh%2BU4wuCdIFJ9%2FT4vyW0iCsqjGPIErBuzLen3tIHl6PRsPXSm1xLAV8hZoBw2qF3PavVLw0Xhzp8N77o85ZvqFLC62RbxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc19863a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29521
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET
H3 200 tumblr.png
www.dredown.com/images/ 18 KB
18 KB 938ms
934ms Image
image/png 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/tumblr.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47424b23ab35819eb0f7badbdee6bb48addca9876803f442c2ab84d66211fa42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 23:47:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7i%2F4Gm%2B03TPaOQoqKvYGQs6m28tR1kW2HYK40%2F46fWQfayiL0zgXKhNeRDzmVNK8vxZioxb4XMkhEQwMGwOTuNcIWtdX64GT3I5UtNm%2F2K7ZNTqf520vQ9Fn9pYMuhHaUJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 894a6adc19873a3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18072
expires: Sun, 23 Jun 2024 11:21:38 GMT

GET icon.png
dainaith.net/ 0
0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 45ms
44ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=3b057c0bc82a450fb79ee58b73c240ef&zoneId=3085928&checkDuplicate=true&ymid=&var=&source=pusher

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cecbe2e9ad5a6e2d56df0cee9604597c4f0b5cd24d3f7845c0d2494470e3f7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

OPTIONS
H/1.0 403
Forbidden articles.json
dainaith.net/ Frame 0
0 547ms
179ms Preflight
text/html 103.224.212.215
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://dainaith.net/articles.json
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.212.215 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-215.above.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: token
Access-Control-Request-Method: GET
Origin: https://www.dredown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-type: text/html

GET articles.json
dainaith.net/ 0
0

POST
H2 200 custom Show response
pushsar.com/ 39 B
408 B 45ms
43ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/custom

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Jun 2024 11:21:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dredown.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 165ms
87ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

66d45d987719102ecfd1205758ca37830e95e37e77d7cbd1a276ce0706115fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12828
x-xss-protection: 0

GET
H3 200 favicon.ico
www.dredown.com/ 231 KB
50 KB 62ms
61ms Other
text/html 104.21.94.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.94.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 776f0006069df2bca5562fcc7c5295ebbb8e782175c65c3b734fc2350b5d3f25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 Jun 2024 10:35:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2773
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQMx80oc7c3AuuTJDNaWXNpS%2BMZv4%2BEBMDcYu4fqRi8ODN5ZP7cB6RTUNn8rSWqwgVJFLyDgtJTU%2Bd1LENIaFHMQEbKSLr%2FynoAGKLyRWxIdXWLja4awuKMtCSvh8561huA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 894a6ae90c233a3d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.dredown.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 11:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 11:21:40 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F67 0
0 128ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.dredown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 09:07:28 GMT
expires: Mon, 16 Jun 2025 09:07:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET static.html
dainaith.net/ Frame E34E 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ptogheeb.net
URL: https://ptogheeb.net/jquery-ui.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0zMDg1OTY2

Domain: dainaith.net
URL: https://dainaith.net/icon.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0zMDg1OTY2

Domain: dainaith.net
URL: https://dainaith.net/articles.json

Domain: dainaith.net
URL: https://dainaith.net/static.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=54960980236565&bg=!1Nel15jNAAb64txl2uI7ADQBe5WfOCh3ehuRTcY9fqEc6_tLXDneybLdIuUEq892uTb3X6ClIv51WSb3CffEMdYfpKVqAgAAAEVSAAAABWgBB34ANX4NzK806ye81Zhsnq9oziNlKv7kDv_xbESPrz8hFei8tlICzcY2bLV-XZ_qxYTnAhaPi5domQKkZwzthEhhcuxcenvQ8i82DeAMV5LInfYyWPg1A7Wazuystu9t41l2D17svBvVS6MkPM03ychkG_Dh-Mk6um1vCfzoNKQJzQPl_z-OhyZMplom1YrehSfRn4tm6Rk3lA1_Tz7c1OQ2eT00TXVSKr-sPZZXTL1wFzXNnQ8KwPxvkAluu8ZlWZSpwhzyvLTdUxDw8HTQ4JmGsZ6s8OwSYjZXyBP5c12RKZl31IowZWRNfmD_9-ZbFNu5KoLBIs8oGEdFfOtl4B4c6Eh4Y1xulC3LZJZX0TZIGBOU9A9ghfcoU0SZfJlhagHoMduy91n2fJLB_73oH8Tkev7zCYR1-nhKqoyjUa-0GvDmKTY9bK3-nP_XjrN0Klhrs2YBfJdfTx0xYc6oruRiOr4tV0jOBHZbzVF3jjgdlCPpfgPe__mawILbBXk2n9EYiN23Vgi-SVNKuZZykBULiFNAlZc6XyGi-bbaDs6yHRy0JPkdAgzymjGMvrgnHhnFFslAQKq-0go_0QUny0Eswoh9qJ3rM-WKS2EzcewtzRA-XbWtm0bo41yDyVxGwnTZEgyw9HCA0etF5jmblqe13PEF6lZQ8_rLEF1fuUNr-SmbjryufJjapuc6t_QEJn8G_QSIr6c4y0JfRdvhy5MPKmWZAYu9PKwrg7EQAEboU9rexYo5Uciy_GpBtXCa7lxWZaWqXDLBqEqMMlfgtd6MpTKsPVa7CvsIKerBBBBFeC_hhgh0eeuH8fMmwQDIub7SW5jzK23SkC-_mawS6iOWNpWpYvVrDVeNxG4QPga_BIGlMiIw6osVhdFDhdam4xXm-9CHqVMaqqkjRXhemjQZvCJTDzUTeBJrSeFNLwkM2gMIqUE7mhWpGO5ku7ZAUHo8bNQcxQKzvX2Tk0kpeA

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: OU7He8Fhpy0
.youtube.com/	1970-01-21 01:41:28	Name: VISITOR_INFO1_LIVE Value: a4OxUtSy-j8
.youtube.com/	1970-01-21 01:41:28	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgPg%3D%3D
native.propellerclick.com/	1970-01-21 06:07:52	Name: scm Value: 1
.dredown.com/	1970-01-21 06:58:16	Name: _ga Value: GA1.2.2090659368.1718536897
.dredown.com/	1970-01-20 21:23:43	Name: _gid Value: GA1.2.1621156333.1718536897
.dredown.com/	1970-01-20 21:22:16	Name: _gat Value: 1
my.rtmark.net/	1970-01-21 06:07:52	Name: ID Value: 08007d5c9499493cf1bd1288ae71d1ef
inpagepush.com/	1970-01-21 06:07:52	Name: OAID Value: 08007d5c9499493cf1bd1288ae71d1ef
.dredown.com/	1970-01-21 06:58:16	Name: _ga_FPS8228SQY Value: GS1.2.1718536897.1.0.1718536897.0.0.0
www.dredown.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C824166%22%3A%7B%22page%22%3A1%7D%7D

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://native.propellerclick.com/1?z=3085965 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.youtube.com/s/player/74204f6c/www-widgetapi.vflset/www-widgetapi.js(Line 137) Message: Unrecognized feature: 'web-share'.
javascript	error	URL: https://www.dredown.com/ Message: Access to CSS stylesheet at 'https://ptogheeb.net/jquery-ui.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0zMDg1OTY2' from origin 'https://www.dredown.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ptogheeb.net/jquery-ui.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0zMDg1OTY2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.dredown.com/ Message: Access to image at 'https://dainaith.net/icon.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0zMDg1OTY2' from origin 'https://www.dredown.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dainaith.net/icon.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0zMDg1OTY2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.dredown.com/ Message: Access to XMLHttpRequest at 'https://dainaith.net/articles.json' from origin 'https://www.dredown.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dainaith.net/articles.json Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://www.dredown.com/(Line 196) Message: Mixed Content: The page at 'https://www.dredown.com/' was loaded over HTTPS, but requested an insecure frame 'http://ww25.dainaith.net/static.html?subid1=20240616-2121-4082-9be0-6510c477475d'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
dainaith.net
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
inpagepush.com
jsc.adskeeper.co.uk
my.rtmark.net
native.propellerclick.com
offerimage.com
pagead2.googlesyndication.com
ptogheeb.net
pushsar.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tzegilo.com
www.dredown.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
dainaith.net
pagead2.googlesyndication.com
ptogheeb.net
103.224.212.215
104.21.94.29
139.45.195.254
139.45.195.8
139.45.197.235
139.45.197.237
139.45.197.251
142.250.185.98
172.217.18.14
172.64.152.191
172.67.193.52
2001:4860:4802:32::36
2606:4700:10::6816:20ac
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c1d::9a
07ddae60f2d6d708b6251b9e9ade4c8bb7d4e0af905a8e2f95dfea2dd8588c36
0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2
278b2f1fb819f64a3c3be5852b966375969ba076fdd08f8ca60f3a53cc8996e4
2abb90bbb67877c9a452142d22b3f431e2c14f3a8fdd533af721b7f3e67c5456
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fa3c219e40268b978bae425d3f5e7c8f7589cf50f2b9ea48138e8f0606e3130
35c8593906152606fa01307cf74d8ce7d0cab541fe000807740e12c77e789511
3aa6f1e25bb0c2e4376853b5bbd6604124b1dd34c454537d5eb20976739f4243
3c4746dea37a5eff44f4202ecdbd782933f67f9fa5c53784603faffdcdf0c554
3c6ebd0f9726b9f0d5a566d8b3967e7d5223782fd274ac2da7c674d1ea2b69b1
42c3a02b7e2aa7c37845390a6c4d1a099448386479989259b21edc46b4f98768
433865de9994cebc0c329d68eb1c954ef744f31f246275dd8679e5f67f998a9c
4349329d9810a0dd03edc1841097097667cacc80e4fd9319754b2e4a14a81b96
47424b23ab35819eb0f7badbdee6bb48addca9876803f442c2ab84d66211fa42
502808387cdbf99fd572044c70bd12afa075edb4fad281d6df7f36394dd537f7
59b497821ac41826d2f0921ea5a4ae715fe4a8ed2cfaa21bd6739990fefcce15
5f38d7a13dd18e62078029a649d40b4e5622cbb905f032055249dbf5b3bee8b3
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d45d987719102ecfd1205758ca37830e95e37e77d7cbd1a276ce0706115fca
690f3a5ee35be38480240f153b98cd4e7b510cbb079c572cd053dccd6040fc68
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71a328aff445c55f5bca7c446df8b611042c0ec223e18828178f17c5d37fc22f
75e00146526a8e164593f7802be77a801a67898adce99fdf29ce1acc398d5757
776f0006069df2bca5562fcc7c5295ebbb8e782175c65c3b734fc2350b5d3f25
793a15e0a769a20cf294c35302ddd4ac39c74417962fa4fe539ed0e696ee2678
9412522fc0ac1e8015cd03248533f7d4e779c283bfd0bfcf7a3d46bab805197d
986e080b3daa228dd1a56fec04800039c0fd02e0006284b0cb018445e49585c8
99f0c91286bc72d46a0e900ada363a9c06578f8077fff4ddeaac63f89bf802b6
9fadbb4fa539f8891f10c11b01a9c02f1137999b5f9870fba90c68cf1fe1ec00
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a5864af70c5f9e85fee6127d11b387b134e061ef6af037bd33130db9a66e0d2f
a5f5f0a0d88b18f1821c83b61f8bad8bab9492b4c8cf74ebfaa823a28542b1ca
a816b23df67434a719dc923548a94d50777d433e7c26f3d587cdc2b3ed433db5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac1a631534113ecee7eb3929cd8630100b9df4a841c4e0c94aac4a2e79dad440
b267db45ca3e86031685aaad2b03b8f39c4e0bd97959da2c7a88a0b326059b7b
b3a99e2f59098c89caeca7e7821c14d911f5af34c3207253420258908a007ac8
b4c622dd9ab53b505e6f9b0164557f6d64f6cecb547df209909ee326b8cb1fb4
c74edfc12bedd8370ac28e4f064105d8516149d249f0e7e76e4c9d13f2a0c82b
c7713ba1215becc7ef2a899bbfa5c206ab52153025de3c6921474ab5fc0d8e95
cecbe2e9ad5a6e2d56df0cee9604597c4f0b5cd24d3f7845c0d2494470e3f7ed
dcbf9b7e1e613f98479dc17efe9affc88e2f2c15db998e4ae19b965066491f32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1f2eb8776e447647d85c1e228106e849be0cef78f94e2f9f6d0ae48a317c802
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b69c824d886b6b700fa65c52e1dc22ebfd4e5bfdf469ac3df59be4de09d7ba
e95b54e2485964069501dc7f430b25b20d5cc4b8ce3327ef278255250a7f2593
eccdac91bbbd4f5813bf15edac814bb724d8754de70d0a9fd6633f7ef98f07b6
f16bc857d3a7eb5ca9e3d6c9ac43455b03187f7fb8e049afa9f07a138aeca217
f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4
f78bb2edd2e90afe6f7dd648069916796ba4e317fee181c9f31ca95521ad7005
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.dredown.com Open in urlscan Pro 104.21.94.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

90 %HTTPS

48 %IPv6

18 Domains

21 Subdomains

22 IPs

6 Countries

1597 kBTransfer

3294 kBSize

11 Cookies

0 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dredown.com Open in urlscan Pro
104.21.94.29 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

90 %
HTTPS

48 %
IPv6

18
Domains

21
Subdomains

22
IPs

6
Countries

1597 kB
Transfer

3294 kB
Size

11
Cookies

77 HTTP transactions
0 data transactions