www.downloadcrew.com Open in urlscan Pro
109.104.89.128  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1775784640&utmhn=www.downloadcrew.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Smart%20DNS%20Changer%204.7.2.0%20free%20download%20-%20Software%20reviews%2C%20downloads%2C%20news%2C%20free%20trials%2C%20freeware%20and%20full%20commercial%20software%20-%20Downloadcrew&utmhid=1292631006&utmr=-&utmp=%2Fdownload%2F33874%2Fsmart_dns_changer&utmht=1615283392618&utmac=UA-12634483-5&utmcc=__utma%3D147366818.2000691174.1615283393.1615283393.1615283393.1%3B%2B__utmz%3D147366818.1615283393.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1151960823&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12634483-5&cid=2000691174.1615283393&jid=1151960823&_v=5.7.2&z=1775784640

Request Chain 64

• https://d.agkn.com/pixel/2175/?google_gid=CAESEBxWa3WZmXpuLtj5kMILODY&google_cver=1&google_push=AQvitUJsJPVxGN7fltxmuV-nmdAPkm9_Oh4QhIjB3fibN-GGk6hidejgS4y4f3cbsKR-giuQh96TR_dkQifSMbjcWOFzBaOew9wt HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VCeFdhM1dabVhwdUx0ajVrTUlMT0RZ

Request Chain 65

• https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUI1rd3dcN7L760iMqd4bkGBrLyj-_t2jqrsLTOq3tyM-pGlZuHuuASBUF-un0qNjtUOQjVNW1Wd_DJTMutzBcCDrUGn3frS&google_gid=CAESECCrJeoeRAcc8lcTvEkMt8M&google_cver=1 HTTP 307
• https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMGJnYIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJMXJkM2RjTjdMNzYwaU1xZDRia0dCckx5ai1fdDJqcXJzTFRPcTN0eU0tcEdsWnVIdXVBU0JVRi11bjBxTmp0VU9RalZOVzFXZF9ESlRNdXR6QmNDRHJVR24zZnJT HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaF9zeXpQZndlaTFkd3R1Zm85bHYtX3gtQVQzUGtrbGYzeWNmOTdmaWpUQQ==&google_push

Request Chain 66

• https://rtb.openx.net/sync/dds?google_gid=CAESEPlpIEmjLAIkjefEq-eoSjo&google_cver=1&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEPlpIEmjLAIkjefEq-eoSjo&google_cver=1&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u&google_hm=3UY4M5fLwCI2xYDp5T0MFg==

Request Chain 67

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL_1j7xfIPNM0ncooqYvltA&google_cver=1&google_push=AQvitUKc1m_014T5zKD6KlJm1-xTjIIdjwFoPJDXI6kwU0Mk7fixXocIWQthoOZq19o3G4fv6tLO-ypkBA8pgb7kUDMHeLIibFlU HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL_1j7xfIPNM0ncooqYvltA&google_cver=1&google_push=AQvitUKc1m_014T5zKD6KlJm1-xTjIIdjwFoPJDXI6kwU0Mk7fixXocIWQthoOZq19o3G4fv6tLO-ypkBA8pgb7kUDMHeLIibFlU&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wV2KEZVXSQqZaHSfxD0vjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKc1m_014T5zKD6KlJm1-xTjIIdjwFoPJDXI6kwU0Mk7fixXocIWQthoOZq19o3G4fv6tLO-ypkBA8pgb7kUDMHeLIibFlU

Request Chain 68

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKJucTvX_xRiSc7HyP1kSik&google_cver=1&google_push=AQvitULbDUqhuPmFMEWL4G6lGr9JPTwpGemS8sJNMla3evZRxU7-YeLlJ3DeXurqwbyFqVlw8w-LEIMzv_kr9pDUHRuWZz8l5jQA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00xVTBaNzUtQi1FTDlP&google_push=AQvitULbDUqhuPmFMEWL4G6lGr9JPTwpGemS8sJNMla3evZRxU7-YeLlJ3DeXurqwbyFqVlw8w-LEIMzv_kr9pDUHRuWZz8l5jQA

Request Chain 69

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&google_push=AQvitUJfDZ8gQrenA4WIhgDoQUxPPHfpLcObCFOj7l2vZAe4AREEmAFxIhxw-QFti_RIQK6pPjhfy23fXNtIIJ1xZccUpLNELMol HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&google_push=AQvitUJfDZ8gQrenA4WIhgDoQUxPPHfpLcObCFOj7l2vZAe4AREEmAFxIhxw-QFti_RIQK6pPjhfy23fXNtIIJ1xZccUpLNELMol&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEdEwRgWHru5JhM5GUIU-QAABKsAAAIB&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&google_push=AQvitUJfDZ8gQrenA4WIhgDoQUxPPHfpLcObCFOj7l2vZAe4AREEmAFxIhxw-QFti_RIQK6pPjhfy23fXNtIIJ1xZccUpLNELMol

Request Chain 80

• https://www.downloadcrew.com/?act=software.download&id=33874&t=1615283991&c=18119ce581fc94cc9e0b193addb8cbfe2a24c566 HTTP 302
• http://www.rentanadviser.com/downloads/smart_dns_changer_setup.exe HTTP 301
• https://www.rentanadviser.com/downloads/smart_dns_changer_setup.exe

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set smart_dns_changer Show response www.downloadcrew.com/download/33874/	57 KB 16 KB	899ms 820ms	Document text/html	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PHP/5.2.12-0.dotdeb.0 PleskLin Resource Hash dc86c19a5f76a6a42f2574411a146296d5aa96a3468654b91a4006e48b47b822 Request headers Host www.downloadcrew.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx Date Tue, 09 Mar 2021 09:49:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.2.12-0.dotdeb.0 PleskLin Content-Encoding gzip Vary Accept-Encoding Set-Cookie WSID=120297e4c9e33072e276a77738614135; path=/ WSID=120297e4c9e33072e276a77738614135; path=/
GET H2	200	css fonts.googleapis.com/	2 KB 653 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans&display=swap Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5adcaeab7eb8cad07c7dc37d21a84aa09dc3b4d24ee14d9c80d8550b45b96450 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 09 Mar 2021 09:25:51 GMT server ESF date Tue, 09 Mar 2021 09:49:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 09 Mar 2021 09:49:51 GMT
GET H/1.1	200 OK	locale.php Show response www.downloadcrew.com/js/	2 KB 1 KB	79ms 78ms	Script text/javascript	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL https://www.downloadcrew.com/js/locale.php Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PHP/5.2.12-0.dotdeb.0, PleskLin Resource Hash fa214a7d8d9e321048716bc0e1f3ff98b8555e77f6eda34e5a1e0518d1fb27bd Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Content-Encoding gzip Server nginx X-Powered-By PHP/5.2.12-0.dotdeb.0, PleskLin Vary Accept-Encoding Content-Type text/javascript Cache-Control must-revalidate Transfer-Encoding chunked Connection keep-alive Expires Tue, 09 Mar 2021 10:49:51 +0000
GET H/1.1	200 OK	/ img.creativemark.co.uk/min/	44 KB 10 KB	175ms 37ms	Stylesheet text/css	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PHP/7.3.25, PleskLin Resource Hash f8f33db7d1205a940c23fa26287ec0e278cceddb04a6a6cdb27b94a320bfb22e Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Content-Encoding gzip Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PHP/7.3.25, PleskLin ETag "pub1614523865;gz" Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control max-age=1800 Connection keep-alive Content-Length 10269 Expires Tue, 09 Mar 2021 10:19:51 GMT
GET H/1.1	200 OK	/ Show response img.creativemark.co.uk/min/	272 KB 73 KB	1200ms 1055ms	Script application/x-javascript	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL https://img.creativemark.co.uk/min/?f=js%2Fprototype.js,js%2Fscriptaculous%2Feffects.js,js%2Fscriptaculous%2Fcontrols.js,js%2Fscriptaculous%2Fbuilder.js,js%2Fvalidation.js,js%2Fpopup.js,js%2Flayout.js,js%2Ftooltips.js,js%2Fcountdown.js,js%2Fcookies-enabler.min.js,js%2Ftiny-slider.min.js,js%2Fsoftware%2FpreDownload.js Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PHP/7.3.25, PleskLin Resource Hash c5e400365749cc956fed8f701509361340da3d99b800684ea4349281b7e3ee28 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Content-Encoding gzip Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PHP/7.3.25, PleskLin ETag "pub1614523865;gz" Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control max-age=1800 Connection keep-alive Content-Length 74716 Expires Tue, 09 Mar 2021 10:19:52 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	140 KB 49 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 60b55bef2079fa578b7ac3cd7716bf64978dd634eaa7dbb4eabf49a23a3e6bf0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:51 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50418 x-xss-protection 0 server cafe etag 1742501760674321009 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 09 Mar 2021 09:49:51 GMT
GET H/1.1	200 OK	style.css www.downloadcrew.com/whitelabels/www.downloadcrew.com/	385 B 583 B	70ms 25ms	Stylesheet text/css	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL https://www.downloadcrew.com/whitelabels/www.downloadcrew.com/style.css Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 70551019aa2cfcd33e4a5922bf2b7246b54bcfaa372e7509d400425f04661117 Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Content-Encoding gzip ETag "1a8002-181-5bc66a1746840"-gzip Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 265
GET H/1.1	200 OK	logo.png www.downloadcrew.com/whitelabels/www.downloadcrew.com/images/	13 KB 13 KB	27ms 26ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.downloadcrew.com/whitelabels/www.downloadcrew.com/images/logo.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 4019f5e56b77a3e16b4cafd410ebb0e9ba613e9baebc86df61bf01c217badf33 Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT ETag "1b0003-32d4-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 13012
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/225/16225/	7 KB 7 KB	23ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/225/16225/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash b932524a7815d48397f575bd702851fd0d36575b7bcba9d1880877e8e4ced2c0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Thu, 05 Jun 2014 07:17:48 GMT Server nginx X-Powered-By PleskLin ETag "5390199c-1c3e" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7230
GET H/1.1	200 OK	star.svg www.downloadcrew.com/images/	331 B 671 B	25ms 24ms	Image image/svg+xml	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.downloadcrew.com/images/star.svg Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash bd7f1fe08828f8f8bde1784ff0399d5b6864f7b183251b553b302741d81f0fe7 Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT ETag "7260f3-14b-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 331 Expires Tue, 09 Mar 2021 10:49:51 GMT
GET H/1.1	200 OK	img3File.jpg img.creativemark.co.uk/uploads/images/681/22681/	199 KB 199 KB	39ms 38ms	Image image/jpeg	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/681/22681/img3File.jpg Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 36e8b26ac69fe3eb3d1b2a191d70211a2a46179aeaf90cd6f310a00368829737 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Sun, 24 May 2020 07:49:01 GMT Server nginx X-Powered-By PleskLin ETag "5eca26ed-31b23" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 203555
GET H/1.1	200 OK	img3File.png img.creativemark.co.uk/uploads/images/516/18516/	142 KB 142 KB	23ms 23ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/516/18516/img3File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 748b2d035fec19ce30cfc5bd62aa7c7988563f47dfe2c26990740a5494f6d037 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Fri, 06 Sep 2019 09:18:58 GMT Server nginx X-Powered-By PleskLin ETag "5d722482-237f4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 145396
GET H/1.1	200 OK	img3File.jpg img.creativemark.co.uk/uploads/images/186/10186/	143 KB 143 KB	23ms 23ms	Image image/jpeg	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/186/10186/img3File.jpg Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 0eb54bb50225fad8da7e28aa544cdd2a58239899230ad54bd8955d4da5e5b0e8 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Mon, 11 May 2020 17:39:50 GMT Server nginx X-Powered-By PleskLin ETag "5eb98de6-23c43" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 146499
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/521/16521/	8 KB 8 KB	23ms 23ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/521/16521/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 6793b327c02e208d728d5f37530e7c2e21c2b542a55001ee09716bc4cfb52d19 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Sat, 11 Oct 2014 12:40:08 GMT Server nginx X-Powered-By PleskLin ETag "54392528-1f62" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 8034
GET H/1.1	200 OK	smallstar.png www.downloadcrew.com/images/	303 B 639 B	26ms 26ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.downloadcrew.com/images/smallstar.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 8ed9afea26d6df1a1241c089e4588283a821d7f6af7955418070d81a96de30bd Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT ETag "72609b-12f-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/png Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 303 Expires Tue, 09 Mar 2021 10:49:51 GMT
GET H/1.1	200 OK	smallstar_empty.png www.downloadcrew.com/images/	316 B 652 B	25ms 25ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.downloadcrew.com/images/smallstar_empty.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash abb997bca777e54961a38b6daaaf9d64e99b786d3fbea93b77d170d8a8170895 Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT ETag "7260d3-13c-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/png Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 316 Expires Tue, 09 Mar 2021 10:49:51 GMT
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/196/15196/	4 KB 4 KB	23ms 23ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/196/15196/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash a2d8e2dc1a4c179b9b27f53099ed91db130922e47c7697df2596c286512de717 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Wed, 20 Feb 2013 10:58:11 GMT Server nginx X-Powered-By PleskLin ETag "5124ac43-fed" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4077
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/779/15779/	8 KB 8 KB	23ms 23ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/779/15779/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 6aa68f99e178d68369277615179b1785c689376d4dcc652a095bf5e09f8b32e5 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Tue, 29 Oct 2013 09:53:56 GMT Server nginx X-Powered-By PleskLin ETag "526f85b4-1f70" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 8048
GET H/1.1	200 OK	smallImg.png img.creativemark.co.uk/uploads/images/315/13315/	1 KB 2 KB	23ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/315/13315/smallImg.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 29722f39acc0b879bbad846d2824e5d0404ff3c3f6d2837bf1e85f15f6a09ff3 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Thu, 11 Aug 2011 08:57:38 GMT Server nginx X-Powered-By PleskLin ETag "4e439982-5ca" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1482
GET H/1.1	200 OK	smallImg.png img.creativemark.co.uk/uploads/images/433/11433/	59 KB 60 KB	23ms 23ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/433/11433/smallImg.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash c8dfbafcf70bf8cb83200f0da992be3a1231cb93861c045b4c126bc27ef0fff8 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Sat, 24 Jul 2010 12:35:08 GMT Server nginx X-Powered-By PleskLin ETag "4c4addfc-ed4d" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 60749
GET H/1.1	200 OK	smallImg.gif img.creativemark.co.uk/uploads/images/902/10902/	3 KB 4 KB	23ms 22ms	Image image/gif	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/902/10902/smallImg.gif Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 53309d2f4cdc55f56f2075ccafd82079f97d217310e3e671f08bb8459968cb61 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Sat, 24 Jul 2010 12:35:17 GMT Server nginx X-Powered-By PleskLin ETag "4c4ade05-d51" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 3409
GET H/1.1	200 OK	smallImg.gif img.creativemark.co.uk/uploads/images/643/12643/	1 KB 1 KB	33ms 33ms	Image image/gif	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/643/12643/smallImg.gif Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 389679bac01237c20e96a347fdfd9154f0536fdd3c76ae64277636982c17a6ff Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Thu, 16 Jun 2011 09:21:58 GMT Server nginx X-Powered-By PleskLin ETag "4df9cb36-4d6" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1238
GET H/1.1	200 OK	smallImg.png img.creativemark.co.uk/uploads/images/584/10584/	4 KB 4 KB	23ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/584/10584/smallImg.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 1c2673710f8116b3ae92a3102ee0db1819eb7eca0fb78cd2d06b24df4ce3e4c1 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:51 GMT Last-Modified Sat, 24 Jul 2010 12:35:10 GMT Server nginx X-Powered-By PleskLin ETag "4c4addfe-fb9" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4025
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/764/16764/	3 KB 3 KB	23ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/764/16764/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 80c5b92da3a2797405e4d399e4e38e3cb11a0eaa663be8b8522b80897a80e957 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Last-Modified Thu, 10 Jan 2019 11:32:53 GMT Server nginx X-Powered-By PleskLin ETag "5c372d65-baf" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2991
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/523/18523/	6 KB 6 KB	23ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/523/18523/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash bf4c0da8b2aeaf21f5494dbdf83b69853fdbcfa5afc252d5b424a5ceef3b534e Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Last-Modified Mon, 04 Nov 2019 17:22:26 GMT Server nginx X-Powered-By PleskLin ETag "5dc05e52-168e" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5774
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/131/14131/	3 KB 4 KB	22ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/131/14131/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash c1eb15c36d7f55b8ae04d043ef51e13676de54b0a79df7739603734c577eece1 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Last-Modified Fri, 16 Mar 2012 10:46:51 GMT Server nginx X-Powered-By PleskLin ETag "4f631a1b-d79" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3449
GET H/1.1	200 OK	img1File.png img.creativemark.co.uk/uploads/images/336/13336/	975 B 1 KB	34ms 34ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/336/13336/img1File.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash ebd6076d23548fbcc2aefe8106b4a9cbf281d0a9b5d067e0c1d10b9201f68dae Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Last-Modified Tue, 11 Jun 2019 08:43:27 GMT Server nginx X-Powered-By PleskLin ETag "5cff69af-3cf" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 975
GET H/1.1	200 OK	smallImg.png img.creativemark.co.uk/uploads/images/987/11987/	6 KB 6 KB	22ms 22ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/987/11987/smallImg.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 5eb71bf730e925a23eecef932b5d1e6eb2bd029adb8ace5009c2ae26f6afd8ae Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Last-Modified Mon, 04 Oct 2010 12:27:17 GMT Server nginx X-Powered-By PleskLin ETag "4ca9c825-17d5" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6101
GET H/1.1	200 OK	smallImg.gif img.creativemark.co.uk/uploads/images/224/11224/	2 KB 2 KB	22ms 22ms	Image image/gif	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/uploads/images/224/11224/smallImg.gif Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 0ec55ef203286344d9e2d1d74116996a1a0e762d11361542226bb0c47088d2e7 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT Last-Modified Sat, 24 Jul 2010 12:35:02 GMT Server nginx X-Powered-By PleskLin ETag "4c4addf6-896" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 2198
GET H/1.1	200 OK	footer_logo.png www.downloadcrew.com/whitelabels/www.downloadcrew.com/images/	4 KB 4 KB	26ms 26ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.downloadcrew.com/whitelabels/www.downloadcrew.com/images/footer_logo.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 537e3399364d723a4aa71735b15c863707bf97f6d3de5842518e66dd9d084729 Request headers Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT ETag "1b0002-fbb-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4027
GET H/1.1	200 OK	corner-dc.png www.downloadcrew.com/images/	53 KB 53 KB	43ms 43ms	Image image/png	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://www.downloadcrew.com/images/corner-dc.png Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/whitelabels/www.downloadcrew.com/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash b47e939dbcea8041c975b0b6d8122a0acc570131f7c543891c0b7e9d96542a55 Request headers Referer https://www.downloadcrew.com/whitelabels/www.downloadcrew.com/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT ETag "7260d8-d295-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/png Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 53909 Expires Tue, 09 Mar 2021 10:49:52 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v18/	14 KB 14 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.downloadcrew.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 04 Mar 2021 12:56:31 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:22 GMT server sffe age 420801 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14380 x-xss-protection 0 expires Fri, 04 Mar 2022 12:56:31 GMT
GET H/1.1	200 OK	iconRSSWhite.svg img.creativemark.co.uk/images/	447 B 788 B	23ms 23ms	Image image/svg+xml	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/images/iconRSSWhite.svg Requested by Host: img.creativemark.co.uk URL: https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash cc109f6921f1846e5a1710507c3dd85129e5315dd2d0d685f55facab29b7a72e Request headers Referer https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT ETag "1de0cbe-1bf-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 447 Expires Tue, 09 Mar 2021 10:49:52 GMT
GET H/1.1	200 OK	windows.svg img.creativemark.co.uk/images/download/	550 B 891 B	23ms 23ms	Image image/svg+xml	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/images/download/windows.svg Requested by Host: img.creativemark.co.uk URL: https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash 6425077b424f23c7116480b46366b809fd8f3aed0467adf920ec99cc5b220db7 Request headers Referer https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT ETag "1de0bf6-226-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 550 Expires Tue, 09 Mar 2021 10:49:52 GMT
GET H/1.1	200 OK	download.svg img.creativemark.co.uk/images/	2 KB 2 KB	37ms 25ms	Image image/svg+xml	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Show image Full URL https://img.creativemark.co.uk/images/download.svg Requested by Host: img.creativemark.co.uk URL: https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PleskLin Resource Hash c56c7686592275b1f9680e3d5b3942464428a99e3a82491b8e847e1ba0c93fab Request headers Referer https://img.creativemark.co.uk/min/?f=css%2Fstyle.css,css%2Ftooltips.css,css%2Fpopup.css,css%2Fcookies-enabler.css,css%2Fcounter%2Fblack.css,css%2Ftiny-slider.css,css%2Farticle.css,css%2Fsoftware%2FpreDownload.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 09 Mar 2021 09:49:52 GMT ETag "1de0cc1-71d-5bc66a1746840" Last-Modified Sun, 28 Feb 2021 14:51:05 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 1821 Expires Tue, 09 Mar 2021 10:49:52 GMT
GET H3-Q050	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/	227 KB 86 KB	73ms 58ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87278 x-xss-protection 0 server cafe etag 4389487008424739880 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 09 Mar 2021 09:49:52 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame 7881	11 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210303/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.downloadcrew.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.downloadcrew.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 08 Mar 2021 21:27:47 GMT expires Mon, 22 Mar 2021 21:27:47 GMT content-type text/html; charset=UTF-8 etag 14371272352318978350 x-content-type-options nosniff content-encoding gzip server cafe content-length 5136 x-xss-protection 0 age 44525 cache-control public, max-age=1209600 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 2472 date Tue, 09 Mar 2021 09:08:40 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Tue, 09 Mar 2021 11:08:40 GMT
POST H/1.1	200 OK	/ Show response www.downloadcrew.com/	105 B 391 B	557ms 557ms	XHR application/json	109.104.89.128 GD-EMEA-DC-LD5
General Check archive.org Show headers Download Go to Full URL https://www.downloadcrew.com/ Requested by Host: img.creativemark.co.uk URL: https://img.creativemark.co.uk/min/?f=js%2Fprototype.js,js%2Fscriptaculous%2Feffects.js,js%2Fscriptaculous%2Fcontrols.js,js%2Fscriptaculous%2Fbuilder.js,js%2Fvalidation.js,js%2Fpopup.js,js%2Flayout.js,js%2Ftooltips.js,js%2Fcountdown.js,js%2Fcookies-enabler.min.js,js%2Ftiny-slider.min.js,js%2Fsoftware%2FpreDownload.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 109.104.89.128 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE), Reverse DNS ds10047.dedicated.turbodns.co.uk Software nginx / PHP/5.2.12-0.dotdeb.0, PleskLin Resource Hash 392761899d3ed6ffa25d9f1e44e855c94c0ccfc9e84444917b0b707ad9e4db40 Request headers Accept text/javascript, text/html, application/xml, text/xml, */* X-Prototype-Version 1.7.3 X-Requested-With XMLHttpRequest Referer https://www.downloadcrew.com/download/33874/smart_dns_changer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 09 Mar 2021 09:49:53 GMT Content-Encoding gzip Server nginx X-Powered-By PHP/5.2.12-0.dotdeb.0, PleskLin Vary Accept-Encoding Content-Type application/json Transfer-Encoding chunked Connection keep-alive
GET H2	200	collect stats.g.doubleclick.net/r/ Redirect Chain https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1775784640&utmhn=www.downloadcrew.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12634483-5&cid=2000691174.1615283393&jid=1151960823&_v=5.7.2&z=1775784640	35 B 113 B	14ms 14ms	Image image/gif	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12634483-5&cid=2000691174.1615283393&jid=1151960823&_v=5.7.2&z=1775784640 Requested by Host: www.downloadcrew.com URL: https://www.downloadcrew.com/download/33874/smart_dns_changer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 09 Mar 2021 09:49:52 GMT content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 09 Mar 2021 09:49:52 GMT last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 location https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12634483-5&cid=2000691174.1615283393&jid=1151960823&_v=5.7.2&z=1775784640 content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 371 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	206 B 645 B	64ms 36ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.downloadcrew.com&callback=_gfp_s_&client=ca-pub-6676241418785266 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 4e153a17f4c55016b3efda704e4fa56222ba767be5956e0e043690a8b5978c44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 196 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	19ms 19ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.downloadcrew.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	18ms 18ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.downloadcrew.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2669	16 KB 1 KB	101ms 100ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1615283392&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&ea=0&flash=0&pra=5&wgl=1&dt=1615283392556&bpp=11&bdt=1338&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3014173973119&frm=20&pv=2&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=24576&bc=31&ifi=1&uci=a!1&fsb=1&dtd=113 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4346aa6935f75bd110b2cd0ce69bbf1318a488887f6f76ae139c2730693bdc89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-6676241418785266&output=html&adk=1812271804&adf=3025194257&lmt=1615283392&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&ea=0&flash=0&pra=5&wgl=1&dt=1615283392556&bpp=11&bdt=1338&idt=101&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3014173973119&frm=20&pv=2&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=24576&bc=31&ifi=1&uci=a!1&fsb=1&dtd=113 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.downloadcrew.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.downloadcrew.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 09 Mar 2021 09:49:52 GMT server cafe content-length 1251 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 09-Mar-2021 10:04:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 09 Mar 2021 09:49:52 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	74 KB 28 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1614774803212306" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28399 x-xss-protection 0 expires Tue, 09 Mar 2021 09:49:52 GMT
GET H3-Q050	200	integrator.js Show response adservice.google.de/adsid/	107 B 777 B	48ms 32ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.downloadcrew.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	integrator.js Show response adservice.google.com/adsid/	107 B 531 B	48ms 33ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.downloadcrew.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Mar 2021 09:49:52 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-Q050	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame F91A	78 KB 26 KB	554ms 554ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3c3876103891ea26524a3bc9f4676209b673022e980c9a054298efcd7ecc5045 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.downloadcrew.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.downloadcrew.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 09 Mar 2021 09:49:53 GMT server cafe content-length 26671 x-xss-protection 0 set-cookie IDE=AHWqTUnS4ZL88cO1dMoRiwyeDyGUvEGXWdcpsHzjWy3POOFLWo2gsmSqG0HRN1uRsh0; expires=Sun, 03-Apr-2022 09:49:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 09 Mar 2021 09:49:53 GMT cache-control private
GET H2	200	72a874cca306542af25f88900e42ba2c.js Show response www.gstatic.com/mysidia/ Frame F91A	7 KB 3 KB	25ms 6ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/72a874cca306542af25f88900e42ba2c.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f3943403fa574f048b588642d8370339a02dce3a7ec8a578662ecbc885b48e54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 04 Mar 2021 07:52:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Mar 2021 06:30:43 GMT server sffe age 439063 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3020 x-xss-protection 0 expires Wed, 02 Jun 2021 07:52:10 GMT
GET H3-Q050	200	css fonts.googleapis.com/ Frame F91A	3 KB 1016 B	51ms 36ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 09 Mar 2021 09:23:06 GMT server ESF date Tue, 09 Mar 2021 09:49:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 09 Mar 2021 09:49:53 GMT
GET H2	200	3aa3fb99195f3894d7dec54cc5b479a1.js Show response www.gstatic.com/mysidia/ Frame F91A	8 KB 4 KB	26ms 8ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 02 Mar 2021 13:07:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 25 Feb 2021 05:48:51 GMT server sffe age 592969 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3798 x-xss-protection 0 expires Mon, 31 May 2021 13:07:04 GMT
GET H3-Q050	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F91A	2 KB 990 B	40ms 24ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:49 GMT content-encoding gzip x-content-type-options nosniff age 4 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 896 x-xss-protection 0 server cafe etag 948078048762640732 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 23 Mar 2021 09:49:49 GMT
GET H2	200	6248eab49cfd09ff78cd9d1acc91b01c.js Show response www.gstatic.com/mysidia/ Frame F91A	3 KB 1 KB	26ms 9ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/6248eab49cfd09ff78cd9d1acc91b01c.js?tag=analytics_pingback_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 Mar 2021 02:39:48 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 25 Feb 2021 05:48:51 GMT server sffe age 544205 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1296 x-xss-protection 0 expires Tue, 01 Jun 2021 02:39:48 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame F91A	18 KB 7 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:08 GMT content-encoding gzip x-content-type-options nosniff age 45 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7378 x-xss-protection 0 server cafe etag 2412555088240638002 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 23 Mar 2021 09:49:08 GMT
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F91A	3 KB 2 KB	38ms 22ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:47:44 GMT content-encoding gzip x-content-type-options nosniff age 129 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 x-xss-protection 0 server cafe etag 8852521427838746165 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 23 Mar 2021 09:47:44 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F91A	110 KB 34 KB	37ms 22ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1614774766775808" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34192 x-xss-protection 0 expires Tue, 09 Mar 2021 09:49:53 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame F91A	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:45:40 GMT content-encoding gzip x-content-type-options nosniff age 253 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6140 x-xss-protection 0 server cafe etag 17031075750977984330 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 23 Mar 2021 09:45:40 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame F91A	0 0	18ms 17ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRa4IH71159OxIeNo6d_D6WBDEsGQFuXLBOTlDmEj50kjtQErLM2VLiv7ie34Xgx-v5mns8_lW1ttAQsGQ7acJMzsDxog Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-Q050	200	1e8eaeef6431cb6de349a68674062a29.js Show response www.gstatic.com/mysidia/ Frame F91A	26 KB 11 KB	36ms 23ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 05 Mar 2021 14:30:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Mar 2021 07:11:17 GMT server sffe age 328787 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10971 x-xss-protection 0 expires Thu, 03 Jun 2021 14:30:06 GMT
GET H3-Q050	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/13167031118712853350/ Frame F91A	24 KB 24 KB	37ms 22ms	Image image/jpeg	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13167031118712853350/downsize_200k_v1?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80bcb9df22ec572f3f209f6714e67ddf6a79930be1ac448545e29e961d1afccb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 04 Mar 2021 15:58:12 GMT x-content-type-options nosniff age 409901 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24731 x-xss-protection 0 last-modified Thu, 10 Dec 2020 12:05:30 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Mar 2022 15:58:12 GMT
GET DATA	200 OK	truncated / Frame F91A	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3-Q050	200	adview googleads.g.doubleclick.net/pagead/ Frame F91A	0 0	44ms 43ms	Fetch text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CsyUswERHYJS1M83t3wOTzrGoA8Hr4dxh7ZOq9YkN2tkeEAEg2d-KA2CVAqAButS73gPIAQmoAwHIA8sEqgTgAU_QXXII7broPebVr49vcsSiKoC3HotTOYtTTPlFfLIPBQ_hAeGpfnCGABgZQyZ3LGl93_nV7z0rqPDu_aosRTXJ9LNscSAgb39Dn2HsnmfczeULeZW4IOVRhRnGfx4I9oXHcwa0LdXQebi8JeABSB_xPjUnc9nBmlNTus-o3zdrsWLYhUfwXfQpe9ZLLVa2X5Z_KTeDTYGunYQUow5IJbIy6Ik3UbQCvUtlrOzSu2SWr_JMFX6jHjtIVdVBXRCNoBGshRtaoxc0aGnFtokjhPJHT4gsjt25tOZ9BFvVfpjdwASr2OyouQOSBQQIBBgBkgUECAUYBKAGLoAHrqvEIagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCe-RbSCAkIgOGAEBABGB-ACgHICwHYEw2YFgGyFxoKGAgAEhRwdWItNjY3NjI0MTQxODc4NTI2Ng&sigh=PPGiSYPadcg&template_id=5000&tpd=AGWhJmsBBKDKaPJYX088U8MMQRWsq1THACsJi_C2349Udq7ZZg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 09 Mar 2021 09:49:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame DECE	1 KB 835 B	6ms 6ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 09 Mar 2021 03:14:09 GMT expires Wed, 10 Mar 2021 03:14:09 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 cache-control public, max-age=86400 age 23744 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame F91A	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ae00df0377ea38c2bfe18584226e76c059f51c387611806934e4401d4c88c1c0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame DECE	35 B 463 B	31ms 9ms	Image image/gif	2620:116:800d:21:36a9:ecb:e518:b308 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKauYlwsw3fZJaz937109x8&google_cver=1&google_push=AQvitULHv2EnWTk6Kv4SgzMZcj1mBbBG5yO3FfCBjIYM7nD2cC4mPv1Q48YccIIa3gczwnboqaOm_FvdMAINo9SdX2skDVXl7PRI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame DECE Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEBxWa3WZmXpuLtj5kMILODY&google_cver=1&google_push=AQvitUJsJPVxGN7fltxmuV-nmdAPkm9_Oh4QhIjB3fibN-GGk6hidejgS4y4f3cbsKR-giuQh96TR_dkQifSMbjcWOFzBaOew9wt https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VCeFdhM1dabVhwdUx0ajVrTUlMT0RZ	170 B 484 B	46ms 31ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VCeFdhM1dabVhwdUx0ajVrTUlMT0RZ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 09 Mar 2021 09:49:52 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VCeFdhM1dabVhwdUx0ajVrTUlMT0RZ Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame DECE Redirect Chain https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUI1rd3dcN7L760iMqd4bkGBrLyj-_t2jqrsLTOq3tyM-pGlZuHuuASBUF-un0qNjtUOQjVNW1Wd_DJTMutzBcCDrUGn3frS&google_gid=CAESECCrJeoeRAcc8lcTvEkMt8M&goo... https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMGJnYIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVJMXJkM2RjTjdMNzYwaU1xZDRia0dCckx5ai1fdDJqcXJzTFRPcTN0eU0tcEdsWnVIdXVBU0JVRi11bjBxTmp0VU9RalZOVzFXZF9ESlRNdX... https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaF9zeXpQZndlaTFkd3R1Zm85bHYtX3gtQVQzUGtrbGYzeWNmOTdmaWpUQQ==&google_push	170 B 190 B	34ms 32ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaF9zeXpQZndlaTFkd3R1Zm85bHYtX3gtQVQzUGtrbGYzeWNmOTdmaWpUQQ==&google_push Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 09 Mar 2021 09:49:53 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaF9zeXpQZndlaTFkd3R1Zm85bHYtX3gtQVQzUGtrbGYzeWNmOTdmaWpUQQ==&google_push cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame DECE Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEPlpIEmjLAIkjefEq-eoSjo&google_cver=1&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u https://rtb.openx.net/sync/dds?google_gid=CAESEPlpIEmjLAIkjefEq-eoSjo&google_cver=1&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u&google_hm=3UY4M5fLwCI2xYDp5T0MFg==	170 B 190 B	34ms 34ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u&google_hm=3UY4M5fLwCI2xYDp5T0MFg== Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULUmfWiX4fDP3-ArGZ0NPA9UwYMqzTye6qnrYtdkSx9oX5bJSr2I3Jlk1qS-86m2vSUnIwda2wsh7UBc2vxh_whob8pwV0u&google_hm=3UY4M5fLwCI2xYDp5T0MFg== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 3mjfgm8ni47ln534coef5j0e9vg8o3ki
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame DECE Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wV2KEZVXSQqZaHSfxD0vjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 190 B	33ms 32ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wV2KEZVXSQqZaHSfxD0vjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKc1m_014T5zKD6KlJm1-xTjIIdjwFoPJDXI6kwU0Mk7fixXocIWQthoOZq19o3G4fv6tLO-ypkBA8pgb7kUDMHeLIibFlU Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wV2KEZVXSQqZaHSfxD0vjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKc1m_014T5zKD6KlJm1-xTjIIdjwFoPJDXI6kwU0Mk7fixXocIWQthoOZq19o3G4fv6tLO-ypkBA8pgb7kUDMHeLIibFlU Date Tue, 09 Mar 2021 09:49:52 GMT P3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame DECE Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKJucTvX_xRiSc7HyP1kSik&google_cver=1&google_push=AQvitULbDUqhuPmFMEWL4G6lGr9JPTwpGemS8sJNMla3evZRxU7-YeLlJ3DeXurqwbyFqVlw8w-... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00xVTBaNzUtQi1FTDlP&google_push=AQvitULbDUqhuPmFMEWL4G6lGr9JPTwpGemS8sJNMla3evZRxU7-YeLlJ3DeXurqwbyFqVlw8w-LEIMzv_kr9pDUHRuWZz8l5jQA	170 B 190 B	35ms 33ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00xVTBaNzUtQi1FTDlP&google_push=AQvitULbDUqhuPmFMEWL4G6lGr9JPTwpGemS8sJNMla3evZRxU7-YeLlJ3DeXurqwbyFqVlw8w-LEIMzv_kr9pDUHRuWZz8l5jQA Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S00xVTBaNzUtQi1FTDlP&google_push=AQvitULbDUqhuPmFMEWL4G6lGr9JPTwpGemS8sJNMla3evZRxU7-YeLlJ3DeXurqwbyFqVlw8w-LEIMzv_kr9pDUHRuWZz8l5jQA Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 8f052d4f888ae4e0626c5f819879cacd Expires 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame DECE Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEdEwRgWHru5JhM5GUIU-QAABKsAAAIB&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&google_push=AQvitUJfDZ8gQrenA4WIhgDoQUxPPHfpLcObC...	170 B 190 B	32ms 31ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEdEwRgWHru5JhM5GUIU-QAABKsAAAIB&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&google_push=AQvitUJfDZ8gQrenA4WIhgDoQUxPPHfpLcObCFOj7l2vZAe4AREEmAFxIhxw-QFti_RIQK6pPjhfy23fXNtIIJ1xZccUpLNELMol Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 09 Mar 2021 09:49:53 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEdEwRgWHru5JhM5GUIU-QAABKsAAAIB&google_gid=CAESEP9KoC9Q9KTDpEYO60wHD98&google_cver=1&google_push=AQvitUJfDZ8gQrenA4WIhgDoQUxPPHfpLcObCFOj7l2vZAe4AREEmAFxIhxw-QFti_RIQK6pPjhfy23fXNtIIJ1xZccUpLNELMol Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 460 Expires Tue, 09 Mar 2021 09:49:53 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame DECE	0 227 B	40ms 15ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K31XUxaG9X3MOh6LasCapV6d2frCRwAOhcmiBCD0lxvFiWx6s0SM0HdceFqOf6_n5zrYh_ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:53 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-Q050	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v27/ Frame F91A	21 KB 22 KB	42ms 26ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://googleads.g.doubleclick.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 04 Mar 2021 01:58:20 GMT x-content-type-options nosniff last-modified Wed, 11 Nov 2020 20:26:21 GMT server sffe age 460293 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21716 x-xss-protection 0 expires Fri, 04 Mar 2022 01:58:20 GMT
GET H3-Q050	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v27/ Frame F91A	21 KB 21 KB	42ms 27ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://googleads.g.doubleclick.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 Mar 2021 16:18:33 GMT x-content-type-options nosniff last-modified Wed, 11 Nov 2020 20:26:16 GMT server sffe age 495080 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21552 x-xss-protection 0 expires Thu, 03 Mar 2022 16:18:33 GMT
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	43ms 28ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef5bd2beda7b428f71ca6a57164a38291e7ea0e301d91fc3453f9d31588340ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 09 Mar 2021 09:49:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6454 x-xss-protection 0
GET H3-Q050	200	cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Show response pagead2.googlesyndication.com/bg/ Frame 862A	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6676241418785266&output=html&h=280&adk=3633635400&adf=798844830&pi=t.aa~a.856495556~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1615283392&rafmt=1&to=qs&pwprc=2901569623&psa=0&format=1200x280&url=https%3A%2F%2Fwww.downloadcrew.com%2Fdownload%2F33874%2Fsmart_dns_changer&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1615283392799&bpp=1&bdt=1581&idt=1&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De7ae781cd85091eb-22d0aa8e04a700bd%3AT%3D1615283392%3ART%3D1615283392%3AS%3DALNI_MbSnL2hHX-CuERu-jUEVs7DY3iVMw&prev_fmts=0x0&nras=1&correlator=3014173973119&frm=20&pv=1&ga_vid=2000691174.1615283393&ga_sid=1615283393&ga_hid=1292631006&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2851075714075017&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=24704&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=CknVRj6OEQ&p=https%3A//www.downloadcrew.com&dtd=17 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 16:20:53 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 01 Mar 2021 10:45:00 GMT server sffe age 62940 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5702 x-xss-protection 0 expires Tue, 08 Mar 2022 16:20:53 GMT
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6676241418785266&plah=www.downloadcrew.com&amaexp=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 09:49:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1611170586013198" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6403 x-xss-protection 0 expires Tue, 09 Mar 2021 09:49:53 GMT
POST H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F91A	0 86 B	41ms 40ms	Other image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGYmFubmVyCgoIAioGc2VydmVyCiEIBCodcmRhX2Fndl9pbnMsbXlzaWRpYV9hbmFseXRpY3MKDRADIQAAMa5HeoNAMAQKDRAKIQAAAOVRuBVAMAQKDRANIQAAAAAqe4Q_MAQKDhAeKggxMjAweDI4MDAECg4QGSoIMTIwMHgyODAwBAoNEA4hAAAAAEK4jj8wBAoNEBAhAAAAAMBW2kAwBAoNEBEhAAAAAACzykAwBAoNEBIhAAAAAAAAEEAwBAoNEBMhAAAAAAAAAEAwBAoNEAQhAACuCtesg0AwBAoNEA8hAAAAAK16hD8wBAoNEBQhAAAAAACvzEAwBAoNEBUhAAAAAAAAHEAwBAoNEBYhAAAAAAAAEEAwBAoNEAUhAACFZmaug0AwBAoNEBchAAANUrjThEAwBAoNEBghAACVZmbshUAwBBIaQ0pTVjNzYjNvdThDRmMzMmR3b2RFMmNNTlEiCXRleHQvcnl1aygV Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8C19	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/221/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.downloadcrew.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.downloadcrew.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4984 date Mon, 08 Mar 2021 15:58:45 GMT expires Tue, 08 Mar 2022 15:58:45 GMT last-modified Tue, 08 Dec 2020 21:41:15 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 64268 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Show response pagead2.googlesyndication.com/bg/ Frame 8C19	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/cBiyZrE2vwbFPBS6sT95jOp0NaMCoy8g5L57SNLHBl8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7018b266b136bf06c53c14bab13f798cea7435a302a32f20e4be7b48d2c7065f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 16:20:53 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 01 Mar 2021 10:45:00 GMT server sffe age 62940 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5702 x-xss-protection 0 expires Tue, 08 Mar 2022 16:20:53 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 23 B	43ms 43ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=2851075714075017&bg=!QkGlQQLNAAWsVXnBrDsAKQB2-DxaXKXyIZrfHUeIZWPhFPLJjMIxAUhYWf2Uzxym0d3Kwu6FnJskAgAAAD9SAAAADGgBBwoBDj12SHuAq2G6PMTJLM_Skm7oQ7uZ3Xet8J-UxKi5t1O3-tfifDk2Zo2AAgxQbfLI9dVvXr8RbjpvLicKT2qgjq40ucUw0CNOLef2djJlhSt_rPskn5CrURSnNkr8RpuGBGphVHeEMUaWxervxHJ195XVmeBJKjJhyPiL5Hiq921xc4p7HmtIb7G7FZOq-N3HjTUuNEDM4rrO2vU7iHDTfwkCwo75rGbS50rWWo77L6tipG7DGW6Upq8Ho_0uLo0f9ZuzlTxTZsqwiL79Rl_ExZSsgdhtvsqqFTaoRLH474f27OIZ3vYMtho9ED2fEj-m09uQ4FK7DIwPe1f3rVtl6VyIpSdw4atKnp5efB7465kCBh7XOY8unmtdhHyD4cq-yXdueJTzYJrxn-VZyZreIPoNg3K8sTDReTgIm2nYVSLipA9WuGza_3fbbf8LH2fPZKFKlYx-tRBvGJfC0chTNQH-ebPgthCvSrcYduTOGJGeAI34uQ8ViwusQ8y7iHmBVOQHoP4gT4NwCr6hg0kbTcO1lEqHkDbWtZ2NFLA5IU41iHZ1zItrZ3PKK7_J8OdLCcZ43M-fl2upkeouFxrWTBAymHfJzO6mzhT-gv2JO-Y4m1OAodTmoYONqgL-fP2s7BW-YvmQ6g6OpbRjIsJeYpR7Nmw7xe1B15Ad5_E4lagRhPJirjEtN1j6VS49VbyCn6s8-pFezHIg0vR5P9OHbb6uxmPJtyvl-vAuep742ljiv1CdhFpUQGbb6WDbsaaS9lcwt0GVHzP98nGqYqHq0wkVpeWS83B0CloVXAkIzeCNL05aamf8mNlplfO3YiunM5YM1SLRbt4YMi5RO5TSDQMvVmFCj7Bf_f2VG9bMMjgIn5VE9k9XJ-BHh_O-GLuE53B7VkcBfWCKL0RQRctzZld9AdtUWcAARBpXsMKHHnW-JvQ1PC52110NE8Vye8VnoLC7HQa10EQ97DGCWl4JKoHAWryHggNZPwLyGM3uQDeHAPVJYHIwfvQT_HFQQ7ZkqCuA4m6GDhdmHDQp4HIv8U2mt3O67waw Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.downloadcrew.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 09 Mar 2021 09:49:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	smart_dns_changer_setup.exe www.rentanadviser.com/downloads/ Redirect Chain https://www.downloadcrew.com/?act=software.download&id=33874&t=1615283991&c=18119ce581fc94cc9e0b193addb8cbfe2a24c566 http://www.rentanadviser.com/downloads/smart_dns_changer_setup.exe https://www.rentanadviser.com/downloads/smart_dns_changer_setup.exe	0 0	201ms 71ms	Document application/octet-stream	185.87.254.51 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.rentanadviser.com/downloads/smart_dns_changer_setup.exe Requested by Host: img.creativemark.co.uk URL: https://img.creativemark.co.uk/min/?f=js%2Fprototype.js,js%2Fscriptaculous%2Feffects.js,js%2Fscriptaculous%2Fcontrols.js,js%2Fscriptaculous%2Fbuilder.js,js%2Fvalidation.js,js%2Fpopup.js,js%2Flayout.js,js%2Ftooltips.js,js%2Fcountdown.js,js%2Fcookies-enabler.min.js,js%2Ftiny-slider.min.js,js%2Fsoftware%2FpreDownload.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.87.254.51 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers :method GET :authority www.rentanadviser.com :scheme https :path /downloads/smart_dns_changer_setup.exe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.downloadcrew.com/download/33874/smart_dns_changer Response headers cache-control max-age=604800 content-type application/octet-stream last-modified Thu, 25 Feb 2021 16:56:16 GMT accept-ranges bytes etag "5687f2197bd71:0" server Microsoft-IIS/10.0 x-powered-by ASP.NET x-powered-by-plesk PleskWin date Tue, 09 Mar 2021 09:49:58 GMT content-length 4950016 Redirect headers Content-Type text/html; charset=UTF-8 Location https://www.rentanadviser.com/downloads/smart_dns_changer_setup.exe Server Microsoft-IIS/10.0 X-Powered-By ASP.NET X-Powered-By-Plesk PleskWin Date Tue, 09 Mar 2021 09:49:58 GMT Content-Length 190