urlscan.io logo urlscan.io
SecurityTrails logo

new.downloader.la Open in urlscan Pro
2606:4700:3037::ac43:a598  Public Scan

Go To Rescan Add Verdict Report
URL: https://new.downloader.la/
Submission Tags: falconsandbox
Submission: On August 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 13 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3037::ac43:a598, located in United States and belongs to CLOUDFLARENET, US. The main domain is new.downloader.la.
TLS certificate: Issued by WE1 on July 27th 2024. Valid for: 3 months.
This is the only time new.downloader.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 3.160.150.115 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
2 142.250.184.228 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 172.67.165.152 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
1 3.71.234.132 16509 (AMAZON-02)
3 142.250.184.238 15169 (GOOGLE)
1 142.250.186.104 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 13.32.121.95 16509 (AMAZON-02)
5 2600:9000:215... 16509 (AMAZON-02)
44 23
3    2606:4700:3037::ac43:a598 (United States)

ASN13335 (CLOUDFLARENET, US)
new.downloader.la
downloader.la
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
getpaidstock.com
1    3.160.150.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-115.fra60.r.cloudfront.net
platform-api.sharethis.com
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.67.165.152 (United States)

ASN13335 (CLOUDFLARENET, US)
new.downloader.la
downloader.la
1    2600:9000:206f:de00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.71.234.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-234-132.eu-central-1.compute.amazonaws.com
l.sharethis.com
3    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net
count-server.sharethis.com
5    2600:9000:2156:5a00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
Apex Domain
Subdomains		 Transfer
9 google.com
www.google.com — Cisco Umbrella Rank: 10
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
202 KB
9 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5787
buttons-config.sharethis.com — Cisco Umbrella Rank: 6537
l.sharethis.com — Cisco Umbrella Rank: 6409
count-server.sharethis.com — Cisco Umbrella Rank: 11503
platform-cdn.sharethis.com — Cisco Umbrella Rank: 12361
54 KB
6 downloader.la
new.downloader.la
downloader.la
40 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
334 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
387 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
13 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
194 KB
2 getpaidstock.com
getpaidstock.com
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
8 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
4 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
16 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
31 KB
44 13
Domain Requested by
7 fundingchoicesmessages.google.com new.downloader.la
pagead2.googlesyndication.com
5 platform-cdn.sharethis.com new.downloader.la
4 www.googletagmanager.com new.downloader.la
www.googletagmanager.com
4 new.downloader.la 1 redirects new.downloader.la
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
new.downloader.la
2 downloader.la new.downloader.la
2 cdnjs.cloudflare.com new.downloader.la
2 pagead2.googlesyndication.com new.downloader.la
pagead2.googlesyndication.com
2 www.google.com new.downloader.la
www.gstatic.com
2 getpaidstock.com new.downloader.la
2 fonts.googleapis.com new.downloader.la
1 count-server.sharethis.com platform-api.sharethis.com
1 region1.google-analytics.com www.googletagmanager.com
1 lh3.googleusercontent.com new.downloader.la
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.gstatic.com www.google.com
1 stackpath.bootstrapcdn.com new.downloader.la
1 code.jquery.com new.downloader.la
1 platform-api.sharethis.com new.downloader.la
44 21

This site contains links to these domains. Also see Links.

Domain
stockpanel.la
getstocks.b-cdn.net
downloader.la
getpaidstock.com
m.do.co
Subject Issuer Validity Valid
downloader.la
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
getpaidstock.com
WE1		 2024-08-19 -
2024-11-17		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://new.downloader.la/
Frame ID: AB9297369F4F7C08ABB297F78DD2AADB
Requests: 41 HTTP requests in this frame

Frame: https://new.downloader.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js
Frame ID: 2B00192054CA39BF0C286AB10942EA43
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvxYwaAAAAAH0VyAYrkbBUzxcFnHtXJoSmPFVo&co=aHR0cHM6Ly9uZXcuZG93bmxvYWRlci5sYTo0NDM.&hl=de&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&cb=knlmow1rbncw
Frame ID: E08C0BBF7716C486C9ECA9C344575B4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shutterstock Photo Downloader, Gettyimages Video Dowloader, AdobeStock Video Downloader

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

98 %
HTTPS

52 %
IPv6

13
Domains

21
Subdomains

23
IPs

4
Countries

1308 kB
Transfer

3736 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://new.downloader.la/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://new.downloader.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
new.downloader.la/ 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a5c77458fcdd933686bd7e80aceb0084444597d2ad90bd19ab23732d1fe08d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

a-hosted-by
BaseZap
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bb916b31f863a49-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 31 Aug 2024 01:01:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AScbg9oRewD39pJ9NNP7PooqW0G1XG6N1jcMXGDXkwCVzrKrfQ4LAVGeDkrm3ehWPXV1sqiM5sb6OiQLMeHZsvxf82v4CBxIiJlF8kXLAHoI%2Fj8RjJUfBYa4GOkeg6xSPMAG5WG%2BmINsGLOD1D8HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 00:55:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Aug 2024 01:01:19 GMT
base.css
getpaidstock.com/static/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getpaidstock.com/static/css/base.css
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c439ef23ce14247e4e646fbd9efe76bd1f8e86c233ea2ec4205ee723dd06b81c

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sun, 22 May 2022 04:35:26 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=9275
etag
W/"1c0182-243b-5df9240a466a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KZFmGZMcWsnqizRLMPCaKRGoV2ub7LRLS2M2xjeC7aERVc8c3E5%2FYBGfWQf%2ByGGKBemPH7AV2VpRZZqZUQ%2FLrf9ycVQ6oPf%2FSwbctbemjkHzP2AQIiwcONJhhO%2BSS6KCo1w"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8bb916b51c02383a-FRA
alt-svc
h3=":443"; ma=86400
home.css
getpaidstock.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getpaidstock.com/static/css/home.css
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3304773d8a15d4ba803dbb52dc4558d51e6ed44d14b72415c7d8ff050092712b

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sun, 24 Jul 2022 00:00:26 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1946
etag
W/"1c0183-79a-5e481c1334d2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dKyvHzsjn9yQw1Olfo%2FMNwrhqs1FXh0ygG6prOswzNImMxd6P003m1CMbDlccDD%2F8%2FB4o%2BC1ETCMR4BpKadPpGeOGBZckieyWE%2FMpkE%2F5KtRgIAnU9pKhs%2FXLe03FQlGLC0t"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8bb916b51c06383a-FRA
alt-svc
h3=":443"; ma=86400
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-115.fra60.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:55:53 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P7
age
326
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
ueRl-RU0RONWYS00JgzLrlCCN5N7168kRiK8aXA18yvqPFRr3H3YiQ==
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192928577-1
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
695ab41fbf972c123933ffa37a222498cef8b9c7f463a9df0a157f3a364c8815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77494
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 00:19:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Aug 2024 01:01:19 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://new.downloader.la/
Origin
https://new.downloader.la
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3083824
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6974-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1725066080.562005,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93803, 1096616
api.js
www.google.com/recaptcha/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdvxYwaAAAAAH0VyAYrkbBUzxcFnHtXJoSmPFVo
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
ESF /
Resource Hash
08167e4a2398a6189db742a2ec535f106bd14d9aa8c66d86e8468b6295bfe456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires
Sat, 31 Aug 2024 01:01:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
bf75f065b947c2e88511fa2ee317201935e112e418a854b4c7006c8fe276859a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52439
x-xss-protection
0
server
cafe
etag
3233776895691247155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 31 Aug 2024 01:01:19 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
179555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzkAmnSbw739WeIX8GATAFDUxKije%2B9PRB8xizHrseLRIP6vFGzxqclfyyhOBc2P1dgNlyukxlz%2FBpQokFnE7q3bJNSFroO%2Fdq5xDY4Tc9vQrijM95aI1%2BrZnnatI3GZ0rGx52Mm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb916b4eb828ed7-FRA
expires
Thu, 21 Aug 2025 01:01:19 GMT
pub-3991628143607830
fundingchoicesmessages.google.com/i/ 		206 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-3991628143607830?ers=1
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4daf54902d7ddced3af629ac548a6601a04b99e813f2570529c66e84f3ee30
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jGGj3rDlem_-9V49FqbCzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jGGj3rDlem_-9V49FqbCzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh-P-tZPb2AQurD2xnllJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDCyFzPwCi-wAAAI6o-_Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo-header.png
downloader.la/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloader.la/logo-header.png
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a598 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aeb4f3433c2f283f88156940fa71211916be1a75e6976aa0db179211d105522

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13922778
alt-svc
h3=":443"; ma=86400
content-length
9952
last-modified
Fri, 14 Oct 2022 16:38:11 GMT
server
cloudflare
etag
"1c5d7d-26c9-5eb014061e107"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vg7bjxQzu9BTnwnhAZqWoFflL5ZMHnm8mb8vI5lwpLdW1KX9bprPilzAcoJVyddaYZGL3d9W2UxKGbV%2F8FeK%2BqKQ83Bs2yke0kNeXv75lgg4U%2BonrHTsL0Lx2J%2BV1CGnQ4jKSNtufj0PBtI5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8bb916b4b8753a49-FRA
expires
Sat, 22 Mar 2025 21:35:00 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://new.downloader.la/
Origin
https://new.downloader.la
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
14708199
cdn-cachedat
10/31/2023 18:58:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
83162977ba79c31ffd280627cb05a752
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8bb916b4ec9a8f35-FRA
cdn-requestpullsuccess
True
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://new.downloader.la/
Origin
https://new.downloader.la
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
699907
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=maX9h0Zm3DSKGvzILHJTX9R%2BTm7zJJGXLHW0%2F8Q6Fr9oslBNLOZ7lYlpNxJpYRCJaQS%2FGZ4w1%2FR5dFqD2yb9%2BttFD05xrAxzv1og46b49Q%2BFWg22lHU2OCx3r3B8F5IRCS8Tf66l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bb916b559909b77-FRA
expires
Thu, 21 Aug 2025 01:01:19 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ 		539 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdvxYwaAAAAAH0VyAYrkbBUzxcFnHtXJoSmPFVo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e368d06d619da2ddbac62f83484f2b207601a2fd8ea86ee0ce8ab30855fe6fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
Origin
https://new.downloader.la
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 21:05:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218560
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 04:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Aug 2025 21:05:49 GMT
pub-3991628143607830
fundingchoicesmessages.google.com/b/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-3991628143607830
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be5790a515a7e88eba107aca4422d0da6f445848878ee5f1175f87b6c72b16e0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZsDAfyecnryEZMCoGuY9ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZsDAfyecnryEZMCoGuY9ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh-P-tZPb2AQe_D21h1lJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDCyFzPwCi-wAAAOLg_bg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://new.downloader.la
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 00:40:53 GMT
x-content-type-options
nosniff
age
1226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 00:40:53 GMT
main.js
new.downloader.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/ Frame 2B00
Redirect Chain
  • https://new.downloader.la/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://new.downloader.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new.downloader.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Server
172.67.165.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42d1fd09db1280b37c592f44fd8925c6a72f2e2061065083f3952442b7a906e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQphSmc2uhaSQyyaZuCEMbsr6a2Co4mZf%2BDcJ400o4PIUoom87I2Pezl%2FKFfk7A3Ovk6VpdtDYHajp9tkxzKjiVlsm01VFVtPNCakB4zST1TGZ63FgZAbvZuLueW2AQzAEtRgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8bb916b728a337f2-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 31 Aug 2024 01:01:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nlxk7PVXCr8EY5S4mI9rBOJzEuDXUZ0HplZQL7rtgjXZj8VCcKQN295RUzv6M03HYW6GVhEFb02nkeoKcXzf6tfx7D%2FvkmRVN1jodTyhKmmqRE0QJjnyLLxPVbm0uQNPqeRQ%2Fnr4AmKSp3xajIkzA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8bb916b6d9583a49-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
8bb916b31f863a49
new.downloader.la/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2B00 		0
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new.downloader.la/cdn-cgi/challenge-platform/h/g/jsd/r/8bb916b31f863a49
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 31 Aug 2024 01:01:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57K1%2BEwzlrt2y9mUx%2BR4zZyiKoFz4APJvUrxS2b4DHU7sAt%2Beg%2Bi3lvuSyQxQgY0KkdZxadqzzSc2YoZPiavI%2FBSRZdXboE4nxsSjcTWObMVWJK00nnJAGNVmRzQOS%2Fx9ZiFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8bb916b7d8fe37f2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
5d71f0ecab6f1000123c8034.js
buttons-config.sharethis.com/js/ 		566 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5d71f0ecab6f1000123c8034.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:de00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ae39a6a304c2f1e673e8ccb459f569d2d69764e6419acd7d5f6d955529cdba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:21 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 07 Sep 2019 07:10:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
"8a70235d4c97f4d4ae5d7c1c3521256b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
566
x-amz-cf-id
_R2W9BWX50TnAyMpkFBseSY1hsZhI6z6-yM9Ca2-6ZYm2OmxHeficw==
pview
l.sharethis.com/ 		0
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=new.downloader.la&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fnew.downloader.la%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Shutterstock%20Photo%20Downloader%2C%20Gettyimages%20Video%20Dowloader%2C%20AdobeStock%20Video%20Downloader&cms=unknown&publisher=5d71f0ecab6f1000123c8034&sop=true&version=st_sop.js&lang=en&description=Download%20shutterstock%20photos%2C%20gettyimages%20videos%2C%20adobestock%20videos%2C%20alamy%20photos%20and%20more&ua=&ua_mobile=false&ua_full_version_list=&uuid=2903984e-c3fe-4a00-8626-b89e2f45348d
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.234.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-234-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 01:01:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://new.downloader.la
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408280101/ 		428 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3991628143607830&plah=new.downloader.la&bust=31086664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c63a3c19c0a64cfc8197c5a20dc903320b4c536d99305a756c035aec2e0d1819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146373
x-xss-protection
0
server
cafe
etag
3463615119094369600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 31 Aug 2024 01:01:20 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GK0MBXHK89&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192928577-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86f1b0b94b06f244915f22617b17850aeff5e25adc032e6e83bdfc009fb2195b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93176
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 31 Aug 2024 01:01:20 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-142700192-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192928577-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e72248d8bed27d15bfbb214d80d207e1f45bd2fafbb7e9efd8959178f0ed87e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77585
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 00:19:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Aug 2024 01:01:20 GMT
AGSKWxVBc2flmu9OC9xfxurnFNnX8AcD60v4JXHKu3tbTbeK3pnQ4u0Yl6J17PxnNUhLcabY9ZHRkB4RioMkHWHt_RxktXjTsFsy6FiH81EtmtGCvJXRE_V0bn07R0fhAimYqgnX2rLKUg==
fundingchoicesmessages.google.com/f/ 		389 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVBc2flmu9OC9xfxurnFNnX8AcD60v4JXHKu3tbTbeK3pnQ4u0Yl6J17PxnNUhLcabY9ZHRkB4RioMkHWHt_RxktXjTsFsy6FiH81EtmtGCvJXRE_V0bn07R0fhAimYqgnX2rLKUg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1MDY2MDgwLDY5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL25ldy5kb3dubG9hZGVyLmxhLyIsbnVsbCxbWzgsIm1uZmtnZ1JxNzQ0Il0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79f6f944a290d3de47343cde2fd0b39a9720429c194d1d7de72d6c5c8ad72cac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--Bu4LIZjRb_o4kUljRaaZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-security-policy
script-src 'report-sample' 'nonce--Bu4LIZjRb_o4kUljRaaZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2B-P66S6zPgXjvx0usR4FYiJvjwbWT29gEZvRudlDSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwMtczMIovMAAAxMFDLw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUhhIz_lKViYlWh2_aqUrv42YIrgXUFQ8ZazXcl1Bb4YN2rd0gBKZOBURlG9-DsPFyL0rOm6xAuLU2ROSOSNcqzdQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUhhIz_lKViYlWh2_aqUrv42YIrgXUFQ8ZazXcl1Bb4YN2rd0gBKZOBURlG9-DsPFyL0rOm6xAuLU2ROSOSNcqzdQ==
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fckzZkS5oDmJUFUdoZSYbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-fckzZkS5oDmJUFUdoZSYbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFuDkeXDu5jU2g4dq3KCWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBhZKlnYBpfYAAAVsYuVQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://new.downloader.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame E08C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvxYwaAAAAAH0VyAYrkbBUzxcFnHtXJoSmPFVo&co=aHR0cHM6Ly9uZXcuZG93bmxvYWRlci5sYTo0NDM.&hl=de&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=invisible&cb=knlmow1rbncw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-awF0d1aDwtRqSFsOHdcNlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-awF0d1aDwtRqSFsOHdcNlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Aug 2024 01:01:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-3991628143607830
fundingchoicesmessages.google.com/i/ 		206 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3991628143607830?href=https%3A%2F%2Fnew.downloader.la&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3991628143607830&plah=new.downloader.la&bust=31086664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1364c8e4783424261b85eeab1df6a8e45be655e30ccae4cbd3f91fa0cdf101f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CN2unDYXx58YCQj9iQ3yaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-CN2unDYXx58YCQj9iQ3yaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIm-PBtZPb2AR2XHgUpqSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFkrmdgFF9gAADq-D7I"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GZSFW8F7W1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-142700192-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d76d061e5e84caf6a19eff8a16d71e246cbb4da26c088029cf40987690d9c2d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93216
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 31 Aug 2024 01:01:20 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwjNNVj8kPNq9pbqhf2bIWH1V35nA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 31 Aug 2024 01:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 01:01:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Aug 2024 01:01:20 GMT
qjFVNwQsmy63j-uP0Awjb-5cGhYhsnOTZJT6yyBs0mkQV2yKRwG2A64oMK4zNIlb6cjfFhu0pAO3l62yjMSMJZ-hKrsdOwOFbXIHMFSF189qMQj4Nll8Jg=h60
lh3.googleusercontent.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/qjFVNwQsmy63j-uP0Awjb-5cGhYhsnOTZJT6yyBs0mkQV2yKRwG2A64oMK4zNIlb6cjfFhu0pAO3l62yjMSMJZ-hKrsdOwOFbXIHMFSF189qMQj4Nll8Jg=h60
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
51098958ce0a0ee437dcc99a5e65159a159bc51aaa4e508df5a9b9b8efbcf17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 21:43:28 GMT
x-content-type-options
nosniff
age
11872
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3706
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 31 Aug 2024 21:43:28 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
Origin
https://new.downloader.la
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 04:40:43 GMT
x-content-type-options
nosniff
age
159637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 04:40:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-142700192-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 23:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6078
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 31 Aug 2024 01:20:02 GMT
AGSKWxXLyPr-Kq8TcLITPhhiphTHtkelOgtBMfy_XJdtPd49LHQmxqEoo_9rF59kNdA-SmD2Kn5dt-N96NhSAYQl_pWTOX0wq-7ETuqt49wwAL9ET0Q1iWrQpxTcrbaULwmaWn9NS3NgUQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLyPr-Kq8TcLITPhhiphTHtkelOgtBMfy_XJdtPd49LHQmxqEoo_9rF59kNdA-SmD2Kn5dt-N96NhSAYQl_pWTOX0wq-7ETuqt49wwAL9ET0Q1iWrQpxTcrbaULwmaWn9NS3NgUQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jX0Xn2QpwQjElce_EkYKiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jX0Xn2QpwQjElce_EkYKiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFuDkeXDu5jU3gxp6v9UouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCyFLPwDS-wAAAclAutg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://new.downloader.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXLyPr-Kq8TcLITPhhiphTHtkelOgtBMfy_XJdtPd49LHQmxqEoo_9rF59kNdA-SmD2Kn5dt-N96NhSAYQl_pWTOX0wq-7ETuqt49wwAL9ET0Q1iWrQpxTcrbaULwmaWn9NS3NgUQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLyPr-Kq8TcLITPhhiphTHtkelOgtBMfy_XJdtPd49LHQmxqEoo_9rF59kNdA-SmD2Kn5dt-N96NhSAYQl_pWTOX0wq-7ETuqt49wwAL9ET0Q1iWrQpxTcrbaULwmaWn9NS3NgUQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jeHva_Tu2vrFXgBsTuLLwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jeHva_Tu2vrFXgBsTuLLwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDgeXDu5jU3gxfRDjYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshSz8A0vsAAAHZdLnY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://new.downloader.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GZSFW8F7W1&gtm=45je48s0v9124156925za200&_p=1725066079763&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1924649297.1725066080&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725066080&sct=1&seg=0&dl=https%3A%2F%2Fnew.downloader.la%2F&dt=Shutterstock%20Photo%20Downloader%2C%20Gettyimages%20Video%20Dowloader%2C%20AdobeStock%20Video%20Downloader&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1230
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZSFW8F7W1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 01:01:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new.downloader.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=366517836&t=pageview&_s=1&dl=https%3A%2F%2Fnew.downloader.la%2F&ul=de-de&de=UTF-8&dt=Shutterstock%20Photo%20Downloader%2C%20Gettyimages%20Video%20Dowloader%2C%20AdobeStock%20Video%20Downloader&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1612816103&gjid=248229366&cid=1924649297.1725066080&tid=UA-142700192-1&_gid=46818253.1725066080&_r=1&gtm=457e48s0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&jsscut=1&npa=1&z=358871585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 01:01:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new.downloader.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_counts
count-server.sharethis.com/v2.0/ 		419 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fnew.downloader.la%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
/
Resource Hash
8b01ad148c24415ec7e26f45fddf9cbda0152978c0571ee0ad3c71e0c3845c4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:20 GMT
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
etag
459cbad1b6cb3b29618dce323f346894
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=3600
content-length
419
apigw-requestid
dVmMxhbgoAMEaRw=
x-amz-cf-id
bOR996mXzhh8Ny7Og6-yR3RqFFFTaNGBG6RsE0_bfEXqp81XX3gSGg==
facebook-white.svg
platform-cdn.sharethis.com/img/ 		357 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook-white.svg
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 11:14:21 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1518420
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
357
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"d2c2caf5b123988ddd17ceeb1c7d9d50"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
YMKYKyAZU5NBrSpD4flrYGGAcJxs765NjJxv4gpSa0eKZlIoZRn3HA==
twitter-white.svg
platform-cdn.sharethis.com/img/ 		641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter-white.svg
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4842f835de39abaa449973e6beb13260b52d1bace5843d2246369fc3e4e8034d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:00:51 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:35:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
32
x-amz-server-side-encryption
AES256
etag
"232c36e0e377e32fbb20a34ff902fe55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
641
x-amz-cf-id
Dzw06FJsjirc7v455vciEL-jzsgw5-NqzjMxidOx6Uttb0fkLmWk2Q==
reddit-white.svg
platform-cdn.sharethis.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit-white.svg
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
913cd8d481a1c37ca2326b5242f09e92fddd532d93e5c8830a71b5620f10b332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:06:51 GMT
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
320070
x-amz-server-side-encryption
AES256
etag
W/"4e9ff86f0b516d12fdf135941bf88d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
ECcJ8LG21r1P_SZ_IW_sSypUJKKnWSPamcGgJdSgDhe5pX5dnJLa1w==
pinterest-white.svg
platform-cdn.sharethis.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest-white.svg
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
404d16bd846c2487a7e391f1fee1a04e5f7e10a55b3c7e45cc0976d5a02a6d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:04:29 GMT
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1965412
x-amz-server-side-encryption
AES256
etag
W/"f54e172d01168179f936c9e076216b2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
RRkxacOxfLm2ZzKgU8DiqOXy-YdFNVdAmaNe63IoUkii9NeGhpXVUw==
sharethis-white.svg
platform-cdn.sharethis.com/img/ 		625 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis-white.svg
Requested by
Host: new.downloader.la
URL: https://new.downloader.la/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5e92663d140c2742136bd09372e2d37c070b09e3de4cd3bf16dabce17cd02d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 15:35:54 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1329927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
625
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"2506159844f1711ede2746e62df1370a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
1pCHwwSvnbwuyj-MQHLCVMD_-BKwS3IVVVOqONfCWSSxIQ8GbxRlCA==
favicon.png
downloader.la/ 		14 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://downloader.la/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd1df18a13de1c36e03457691ccb7cc304bb5d3084637e23273c4ee312bc713

Request headers

Referer
https://new.downloader.la/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 01:01:21 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13922778
alt-svc
h3=":443"; ma=86400
content-length
14497
last-modified
Mon, 15 Jan 2024 14:10:57 GMT
server
cloudflare
etag
"1c5cbe-388a-60efc952f5f01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Be5qYu16k142On7qQKYLgrInyhiKvz03m4j0xE9Aj4cg89Q%2BAMqzbSEO%2Bq2GPRD2mcH7yhbRq5ZNIQlQ43WReVUBOOZ4X4PaN0sLw3N6JhPfuD1L8uzAsldqm4WJwmxu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8bb916be5c9b37f2-FRA
expires
Sat, 22 Mar 2025 21:35:02 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| gtag object| dataLayer function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| __h82AlnkH6D91__ object| adsbygoogle object| bootstrap function| Popper object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| N2QzYjNiMmI0MTIxZDQ3MmxvYWRlcl9qcw== string| N2QzYjNiMmI0MTIxZDQ3MmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __p4qa8r1lb17__ string| cHViLTM5OTE2MjgxNDM2MDc4MzA= object| recaptcha object| closure_lm_950395 function| google_sa_impl boolean| adsbygoogle_ama_fc_has_run string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

5 Cookies

Domain/Path Name / Value
.downloader.la/ Name: cf_clearance
Value: LPotbcVyaqmE_Yb4g80YPyIyonpg21GuvTrApAAXrcg-1725066079-1.2.1.1-_v44KTnDLDOF517izYqT8ZhmFlXXlVWxpjYjnVOaBE0_Dll7ud7QPUK_XLeB3IVH3Bp3T1zrNGDwJrvE3UqbcE4SeoHc9fV30Ya389Sp0_FlRz79GNJoyRQCkDqvAPBO6rj.DYLwldZmNavX4lCEo1cjgEdWK4xRjmBloPkGHo9uhOAnQBbOlV_sT0SE5QfAQsqn4i_FSOhAlzGyCd3BpdqZPHNSzG2oXj5FBSO3MhvMBzCdydJIkonRYAHh.k_DVDYzEt1bB0EQAZkv_h1pAGxCkFr0lXbDd_eZMnNg_xQ5dlZjDjyP9zGQmscQkVpKYyw9fGU5UPln1rYFChQrqfQZrMclCXMrviHEz5mNmnPyfKmKxCqwZbRMRw2SHe35
.downloader.la/ Name: _ga_GZSFW8F7W1
Value: GS1.1.1725066080.1.0.1725066080.0.0.0
.downloader.la/ Name: _ga
Value: GA1.2.1924649297.1725066080
.downloader.la/ Name: _gid
Value: GA1.2.46818253.1725066080
.downloader.la/ Name: _gat_gtag_UA_142700192_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
cdnjs.cloudflare.com
code.jquery.com
count-server.sharethis.com
downloader.la
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
getpaidstock.com
l.sharethis.com
lh3.googleusercontent.com
new.downloader.la
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.24.14
104.18.10.207
13.32.121.95
142.250.184.194
142.250.184.228
142.250.184.238
142.250.186.104
172.67.165.152
188.114.96.3
2001:4860:4802:32::36
2001:4860:4802:36::178
2600:9000:206f:de00:c:abe:f440:93a1
2600:9000:2156:5a00:1d:85c3:6640:93a1
2606:4700:3037::ac43:a598
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:829::2003
2a04:4e42:200::649
3.160.150.115
3.71.234.132
08167e4a2398a6189db742a2ec535f106bd14d9aa8c66d86e8468b6295bfe456
1c4daf54902d7ddced3af629ac548a6601a04b99e813f2570529c66e84f3ee30
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8
3304773d8a15d4ba803dbb52dc4558d51e6ed44d14b72415c7d8ff050092712b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
404d16bd846c2487a7e391f1fee1a04e5f7e10a55b3c7e45cc0976d5a02a6d1f
4842f835de39abaa449973e6beb13260b52d1bace5843d2246369fc3e4e8034d
51098958ce0a0ee437dcc99a5e65159a159bc51aaa4e508df5a9b9b8efbcf17d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5ae39a6a304c2f1e673e8ccb459f569d2d69764e6419acd7d5f6d955529cdba5
68a5c77458fcdd933686bd7e80aceb0084444597d2ad90bd19ab23732d1fe08d
695ab41fbf972c123933ffa37a222498cef8b9c7f463a9df0a157f3a364c8815
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79f6f944a290d3de47343cde2fd0b39a9720429c194d1d7de72d6c5c8ad72cac
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
86f1b0b94b06f244915f22617b17850aeff5e25adc032e6e83bdfc009fb2195b
8b01ad148c24415ec7e26f45fddf9cbda0152978c0571ee0ad3c71e0c3845c4f
913cd8d481a1c37ca2326b5242f09e92fddd532d93e5c8830a71b5620f10b332
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9aeb4f3433c2f283f88156940fa71211916be1a75e6976aa0db179211d105522
a42d1fd09db1280b37c592f44fd8925c6a72f2e2061065083f3952442b7a906e
a5e92663d140c2742136bd09372e2d37c070b09e3de4cd3bf16dabce17cd02d8
afd1df18a13de1c36e03457691ccb7cc304bb5d3084637e23273c4ee312bc713
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
be5790a515a7e88eba107aca4422d0da6f445848878ee5f1175f87b6c72b16e0
bf75f065b947c2e88511fa2ee317201935e112e418a854b4c7006c8fe276859a
c439ef23ce14247e4e646fbd9efe76bd1f8e86c233ea2ec4205ee723dd06b81c
c63a3c19c0a64cfc8197c5a20dc903320b4c536d99305a756c035aec2e0d1819
d76d061e5e84caf6a19eff8a16d71e246cbb4da26c088029cf40987690d9c2d8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e368d06d619da2ddbac62f83484f2b207601a2fd8ea86ee0ce8ab30855fe6fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72248d8bed27d15bfbb214d80d207e1f45bd2fafbb7e9efd8959178f0ed87e7
f1364c8e4783424261b85eeab1df6a8e45be655e30ccae4cbd3f91fa0cdf101f
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e