urlscan.io logo urlscan.io
SecurityTrails logo

downloads.dddwnld.com Open in urlscan Pro
50.28.15.212  Public Scan

Go To Rescan Add Verdict Report
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Submission: On November 09 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 100 HTTP transactions. The main IP is 50.28.15.212, located in United States and belongs to LIQUIDWEB, US. The main domain is downloads.dddwnld.com.
This is the only time downloads.dddwnld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 50.28.15.212 32244 (LIQUIDWEB)
1 99.83.154.118 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
3 167.114.129.74 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.226 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.173.215 29990 (ASN-APPNEX)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
100 27
25    50.28.15.212 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: server1.digital-digest.com
downloads.dddwnld.com
static1.ddigest.com
1    99.83.154.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: a51062ecadbb5a26e.awsglobalaccelerator.com
cdnstaticpr.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
3    167.114.129.74 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 74.ip-167-114-129.net
sro-ads.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
13    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
Domain Requested by
20 static1.ddigest.com downloads.dddwnld.com
13 s0.2mdn.net downloads.dddwnld.com
s0.2mdn.net
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
10 pagead2.googlesyndication.com d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 tpc.googlesyndication.com d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
6 apis.google.com downloads.dddwnld.com
apis.google.com
accounts.google.com
5 www.facebook.com connect.facebook.net
www.facebook.com
5 downloads.dddwnld.com downloads.dddwnld.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com apis.google.com
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 sro-ads.com downloads.dddwnld.com
2 googleads4.g.doubleclick.net downloads.dddwnld.com
2 googleads.g.doubleclick.net d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
downloads.dddwnld.com
2 www.google-analytics.com downloads.dddwnld.com
www.google-analytics.com
2 connect.facebook.net downloads.dddwnld.com
connect.facebook.net
2 d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.googletagservices.com downloads.dddwnld.com
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
2 ajax.googleapis.com downloads.dddwnld.com
2 cdnjs.cloudflare.com downloads.dddwnld.com
1 code.createjs.com s0.2mdn.net
1 ssl.gstatic.com accounts.google.com
1 accounts.google.com apis.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cdnstaticpr.com downloads.dddwnld.com
100 28
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh

This page contains 11 frames:

Primary Page: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Frame ID: 3C59C6E79F4641F22DC566CD378720CB
Requests: 50 HTTP requests in this frame

Frame: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42E5F1362A9B9FC75C0F8BF068CE3ED5
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fdownloads.dddwnld.com&url=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 1A837384BEC56B842B029AC5F3BF9B26
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdownloads.dddwnld.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 39591536A3AD4197CE189C1F22BDD93D
Requests: 4 HTTP requests in this frame

Frame: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 19C7ADA2788958BDAC846607B03960C6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYtLuHkgEwAQ&v=APEucNUqWGgl_X3FKbIsfvVeOPCiDk4D9v9Ivibx7R3tU6Ou3XCBkFTpbrkwduB-Fugx9X0yBkDp20nU1gAPldNDMqDn2kxQl9wvhkMyTKUpETOKKepvTb0dr8zhGrc2rFGQz_EG_OGij7EqoexbYEXQdeEBl0dE8vC60MmdhuHQRW3Zn5sf6cU
Frame ID: 44A677A9594DCB4511E0DA7CEBC58C94
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 73CAC49E2B25598AF451269E92C112AD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
Frame ID: 8808D836E486226139B1C8CBD4F0254E
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
Frame ID: 8036E51B8709F977F0DA8400FF924E23
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EE4055E8727B29BFB20773561D089573
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 647142C7759BB29179970556FAB501FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Setup_ImgBurn_2.5.8.0.exe <- ImgBurn Downloads | Software - Digital Digest

Page Statistics

100
Requests

60 %
HTTPS

73 %
IPv6

19
Domains

28
Subdomains

27
IPs

4
Countries

1347 kB
Transfer

3094 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Request Chain 35
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 37
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 60
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDD3BykrAvTIACUlrlzPoAM&google_cver=1
Request Chain 61
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYn8meMEx4wklpiw2Q4O1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK6mfmouyDnBCoqktedP_4&google_cver=1
Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDo3kvPoJL0zybcDInlUGYI&google_cver=1
Request Chain 63
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NTIzMzEwNzA3MDQ5ODkzMA%3D%3D
Request Chain 77
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-bottom.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-bottom.css

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request download.php
downloads.dddwnld.com/software/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
4bf98c4823cf8e2c05ca557e65214f38ccbd00c85a70223bdcce5c2e9d185e5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 09 Nov 2021 04:44:07 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
5586
Keep-Alive
timeout=2, max=500
Content-Type
text/html; charset=UTF-8
software_style.css
downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/ 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
23038a5dd556cd07ef12a4c8001651190ec5a4ab8eef2a49fd7c0e152870496f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2019 05:29:58 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=499
Content-Length
5104
Expires
Tue, 09 Nov 2021 05:14:07 GMT
pp.js
cdnstaticpr.com/js/ 		333 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdnstaticpr.com/js/pp.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
99.83.154.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a51062ecadbb5a26e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
8dde7602757c9a279565e9047031e52edd1072bb554e4a4bad005d74ca552a14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:07 GMT
X-Language
german
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Server
nginx
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1223127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1618
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YOtDi1TsGuD0ffsIgk8OHm50dYoRqe0aZpsG54%2FHztF%2Bj6lSYMYWnQvjSTYQCJHrETJsL3bKvHKU%2FMUxA69%2F1GDsJZs3JYmMd5phfU0cchpLft43EywZ9QdH5wXjL8KT16TeAz%2BLggitmUSUYPKPIzg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ab462547aa53763-MXP
expires
Sun, 30 Oct 2022 04:44:07 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Non-Authoritative-Reason
HSTS
logo.png
static1.ddigest.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/images/logo.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
2b75dd2eb96e7406df2f6bed70fe6acaf1dc145261874672e8fb17e4a7282b9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Tue, 26 Jan 2021 04:50:05 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=2, max=500
Content-Length
5030
Expires
Thu, 09 Dec 2021 04:44:08 GMT
blank.gif
downloads.dddwnld.com/images/ 		42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://downloads.dddwnld.com/images/blank.gif
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 06:33:57 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=2, max=500
Content-Length
42
Expires
Thu, 09 Dec 2021 04:44:08 GMT
blank.gif
static1.ddigest.com/themes/default/images_new/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images_new/blank.gif
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
98ddfd73e6cb79f929941a1b708c682f3ba3f62fdccb4a40a3c55bf71cc1d036

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:32 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
807
Expires
Thu, 09 Dec 2021 04:44:08 GMT
download_image_dlm.png
static1.ddigest.com/images/software/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/images/software/download_image_dlm.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
173d55e17ef07f9efdfff48a42190525c7b5506cfc9a9d673b1f165859ef1713

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sat, 07 May 2016 23:35:52 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
6684
Expires
Thu, 09 Dec 2021 04:44:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 14:47:29 GMT
X-Content-Type-Options
nosniff
Age
395798
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
85925
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Fri, 04 Nov 2022 14:47:29 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8/ 		196 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50ea31c0452a869e41485170ab3ca8d90a7824b99860f4c707c97ed728598a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 09:41:53 GMT
X-Content-Type-Options
nosniff
Age
414134
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
200719
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Fri, 04 Nov 2022 09:41:53 GMT
functions.js
downloads.dddwnld.com/min/f=functions/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://downloads.dddwnld.com/min/f=functions/functions.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
59073a0aafdbfcd4bab021c9b79ba6a46a99e6a98a5766658eaa0ad57ef79dbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:07 GMT
Content-Encoding
gzip
Last-Modified
Sun, 08 May 2016 06:33:44 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=498
Content-Length
1369
Expires
Tue, 09 Nov 2021 05:14:07 GMT
jquery_ratings.php
downloads.dddwnld.com/functions/ 		2 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
http://downloads.dddwnld.com/functions/jquery_ratings.php?softwareid=470&average=4&halfstar=1
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
2fa562bf432d553c99df7d12f371adb918a0d0a2f25eae2f22dab3ff63a1d06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=2, max=500
Content-Length
546
Expires
Thu, 09 Dec 2021 04:44:08 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://downloads.dddwnld.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 09 Nov 2021 04:44:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1038 / 714 of 1000 / last-modified: 1636412720"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
27059
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Tue, 09 Nov 2021 04:44:07 GMT
pubads_impl_2021110401.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://downloads.dddwnld.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 09 Nov 2021 04:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119010
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 04:44:07 GMT
background.png
static1.ddigest.com/themes/default/images/ 		667 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/background.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
9ea856bfa05c90ae6d1262465b50a2ac33f87cc996635f09bb8c8d94b3034cff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:41 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
667
Expires
Thu, 09 Dec 2021 04:44:08 GMT
header_ads.png
static1.ddigest.com/themes/default/images_new/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images_new/header_ads.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
b638a2df9cf06247903231a72e2798c8458e1053c7bbdc2293a4ed39106a269d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
3952
Expires
Thu, 09 Dec 2021 04:44:08 GMT
connect_with_us.png
static1.ddigest.com/themes/default/images_new/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images_new/connect_with_us.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
51cf3e9d0b8ef2b65763880bfaf08b46faa640b2fbaacdb3bd8adc7cc1ec6caf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Tue, 23 Jul 2019 05:27:29 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
16670
Expires
Thu, 09 Dec 2021 04:44:08 GMT
header_lb_new.png
static1.ddigest.com/themes/default/images_new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images_new/header_lb_new.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
40cb5fd689132d69e94e88904cefcf6dea7e391c898786ebbe343be9147fa14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:37 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=2, max=500
Content-Length
1059
Expires
Thu, 09 Dec 2021 04:44:08 GMT
header_b_new.png
static1.ddigest.com/themes/default/images_new/ 		400 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images_new/header_b_new.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
204466757aec0c4780c38edf8f5b425261460ecf9b724764afddc6df35ab1e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:34 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=2, max=500
Content-Length
400
Expires
Thu, 09 Dec 2021 04:44:08 GMT
top_nav_icons.png
static1.ddigest.com/themes/default/images_new/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images_new/top_nav_icons.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
c77c7281594f814be437f412346af94b7ecf872b75a62e76030b08f9a3a8df61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:38 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=2, max=500
Content-Length
4634
Expires
Thu, 09 Dec 2021 04:44:08 GMT
box_top_980_green.png
static1.ddigest.com/themes/default/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/box_top_980_green.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
5d1fbf35951d99436c116e64f4d08c6a71334aededd5bd4cc83e7dc063c92b6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:46 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=2, max=500
Content-Length
3755
Expires
Thu, 09 Dec 2021 04:44:08 GMT
header_40.gif
static1.ddigest.com/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/header_40.gif
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
b8751a69d17a0ba6debef5dc09f35d3d9150703d9a7d0856ecf35563768dbc34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:50 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
max-age=2592000
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=2, max=500
Content-Length
2015
Expires
Thu, 09 Dec 2021 04:44:08 GMT
ajs.php
sro-ads.com/revive/www/delivery/ 		897 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sro-ads.com/revive/www/delivery/ajs.php?zoneid=7&cb=46505893641&charset=UTF-8&loc=http%3A//downloads.dddwnld.com/software/download.php%3Fsid%3D470%26ssid%3D0%26did%3D1
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
167.114.129.74 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
74.ip-167-114-129.net
Software
Apache /
Resource Hash
5058957079b9551d373b438536529db8078ca7cd1a3c88c8dffa8b0abbf85634

Request headers

Referer
http://downloads.dddwnld.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:44:07 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Connection
Keep-Alive
Content-Type
text/javascript; charset=UTF-8
Keep-Alive
timeout=5, max=100
Expires
Mon, 26 Jul 1997 05:00:00 GMT
4f6fb542192d9e14efaab12a315e39bc.png
sro-ads.com/revive/www/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sro-ads.com/revive/www/images/4f6fb542192d9e14efaab12a315e39bc.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
167.114.129.74 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
74.ip-167-114-129.net
Software
Apache /
Resource Hash
8faaa77438bdeab74681cd9464a16d19ce4dfa1f85ab15d4e031eba43fe62bdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:07 GMT
Last-Modified
Wed, 15 Jul 2015 12:48:31 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5832
lg.php
sro-ads.com/revive/www/delivery/ 		43 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sro-ads.com/revive/www/delivery/lg.php?bannerid=49&campaignid=2&zoneid=7&loc=http%3A%2F%2Fdownloads.dddwnld.com%2Fsoftware%2Fdownload.php%3Fsid%3D470%26ssid%3D0%26did%3D1&cb=0b199cd0ad
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
HTTP/1.1
Server
167.114.129.74 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
74.ip-167-114-129.net
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:44:07 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=100
Expires
Mon, 26 Jul 1997 05:00:00 GMT
box_middle_980_green.png
static1.ddigest.com/themes/default/images/ 		404 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/box_middle_980_green.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
6e6a5944c8ec1741190eefab5d5ab3d7fc051cf886f522d56c026f63fecb070a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:44 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=499
Content-Length
404
Expires
Thu, 09 Dec 2021 04:44:08 GMT
softwarebox.png
static1.ddigest.com/themes/default/images/ 		264 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/softwarebox.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
38266dc53e8a82c085cef083aa040a6c727a1fe1eb0976c739385de6fc90d251

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:33:05 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
264
Expires
Thu, 09 Dec 2021 04:44:08 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=downloads.dddwnld.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=downloads.dddwnld.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=195127958161454&correlator=2981873074838159&output=ldjh&impl=fifs&vrg=2021110401&ptt=17&sc=0&sfv=1-0-38&ecs=20211109&iu_parts=3154494%2CDigital_Digest_ImgBurn_Download_300x250%2CDigital_Digest_ImgBurn_Download_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1636433047&dt=1636433047956&dlt=1636433047304&idt=263&frm=20&biw=1600&bih=1200&oid=2&adxs=700%2C-9&adys=808%2C-9&adks=1112250385%2C2177875468&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fdownloads.dddwnld.com%2Fsoftware%2Fdownload.php%3Fsid%3D470%26ssid%3D0%26did%3D1&vis=1&scr_x=0&scr_y=0&psz=337x272%7C0x-1&msz=300x-1%7C0x-1&ga_vid=330185528.1636433048&ga_sid=1636433048&ga_hid=780165553&ga_fc=false&fws=0%2C2&ohw=0%2C0&btvi=0%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0b7f5ea4eceeb69c8eed0adbc23773518eaa142d0f270e33420115bd7a2f24bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14137
x-xss-protection
0
google-lineitem-id
-1,266407694
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,52645195454
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://downloads.dddwnld.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42E5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:44:08 GMT
expires
Wed, 09 Nov 2022 04:44:08 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wide_layout_separator_top_green.png
static1.ddigest.com/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/wide_layout_separator_top_green.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
f5e8e54c17cee4ce2174d54ff47f09f3d6ac2ede9ef9e1105ca981aec9e0e355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:33:11 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
1800
Expires
Thu, 09 Dec 2021 04:44:08 GMT
emptystar_new.png
static1.ddigest.com/images/rating/ 		523 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/images/rating/emptystar_new.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
afbe3661c49f881bb0520673edaee3965e9837a821b01d87ea4db0ac32f4fcd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Wed, 01 Jun 2016 02:46:07 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
523
Expires
Thu, 09 Dec 2021 04:44:08 GMT
wide_layout_separator_green.png
static1.ddigest.com/themes/default/images/ 		197 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/wide_layout_separator_green.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
db15e43e55feafcd8c268087b75cdde2c26a8f68c6feb09a0bff6062f9534fde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:33:10 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
197
Expires
Thu, 09 Dec 2021 04:44:08 GMT
wide_layout_separator_bottom_green.png
static1.ddigest.com/themes/default/images/ 		813 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/wide_layout_separator_bottom_green.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
bd44f4c3c8eb45568336bb6476889cfec6000417d785e7ee4e75b83a8a28aa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:33:09 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
813
Expires
Thu, 09 Dec 2021 04:44:08 GMT
box_bottom_980_green.png
static1.ddigest.com/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/themes/default/images/box_bottom_980_green.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
3253bfca736ff69b150da2979e65651321ed5f4c967e03ac0019d8710875c7df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Sun, 08 May 2016 00:32:43 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
2194
Expires
Thu, 09 Dec 2021 04:44:08 GMT
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c4698ed4db79d47895e9eeac67c7f8030ba750804178d94caa838daa33bd4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
r984WrekJi+TfQhLvrQgYA==
cross-origin-resource-policy
cross-origin
expires
Tue, 09 Nov 2021 05:03:30 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
di2lAl6XBY5kdDGG34GVqUmvEYwlRyHIR9b3cc7ewTkr1QHiM9fIiRdrD6jbPWh7GgyEmkhKY3PRZrY29yvnmg==
x-fb-trip-id
686109401
x-fb-content-md5
be2646b9d8457c7e776b1089f1b52ad1
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 09 Nov 2021 04:44:08 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4a2ab0f61b5521ad65a9dad4664f8fbf"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VJ/8vs8kZW5wvuyVnd+B5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-VJ/8vs8kZW5wvuyVnd+B5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Tue, 09 Nov 2021 04:44:08 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2614
date
Tue, 09 Nov 2021 04:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 06:00:34 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
star_new.png
static1.ddigest.com/images/rating/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/images/rating/star_new.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
737a51b026544d71177fdff27fa902c44195d901a3d92456e414cf3d6c4d3ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Wed, 01 Jun 2016 02:46:08 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
1046
Expires
Thu, 09 Dec 2021 04:44:08 GMT
halfstar_new.png
static1.ddigest.com/images/rating/ 		855 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static1.ddigest.com/images/rating/halfstar_new.png
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/min/f=themes/default/css/main_style.css,themes/default/css/new_wide2_software_style.css,themes/default/css/software_style.css
Protocol
HTTP/1.1
Server
50.28.15.212 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
server1.digital-digest.com
Software
Apache /
Resource Hash
302636bc1fc742aededaf2f49999bbb02596a74ff937ca177b7227d96d033075

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 04:44:08 GMT
Last-Modified
Wed, 01 Jun 2016 02:46:07 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
855
Expires
Thu, 09 Dec 2021 04:44:08 GMT
all.js
connect.facebook.net/en_US/ 		266 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=78b7fd2eec34bea90414a44d402e5717
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
689c37912c73c1b6a9c7e5f4509121b114f2a1be29078d64347008c4124be84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://downloads.dddwnld.com/
Origin
http://downloads.dddwnld.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RUJrlBtBIledamgWDkZCvA==
cross-origin-resource-policy
cross-origin
expires
Wed, 09 Nov 2022 04:43:30 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76699
x-fb-rlafr
0
x-fb-debug
3AYgh10X4nBm6lg2jKJcKJjgXyUAqaLLd6exDlA/ZMI8+GkjGquZo+MZUjiWD4+DD8fZM76DhgOZsuPn9YK1dg==
x-fb-trip-id
686109401
x-fb-content-md5
df9990829ccd2f6811cb39273dfce5f1
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 09 Nov 2021 04:44:08 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"616304b3cfe6e633c2138ddbddc719e8"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=780165553&t=pageview&_s=1&dl=http%3A%2F%2Fdownloads.dddwnld.com%2Fsoftware%2Fdownload.php%3Fsid%3D470%26ssid%3D0%26did%3D1&ul=en-us&de=UTF-8&dt=Setup_ImgBurn_2.5.8.0.exe%20%3C-%20ImgBurn%20Downloads%20%7C%20Software%20-%20Digital%20Digest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1137736047&gjid=1387418215&cid=330185528.1636433048&tid=UA-11581809-7&_gid=2011656702.1636433048&_r=1&_slc=1&z=1518271286
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://downloads.dddwnld.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://downloads.dddwnld.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 13:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51558
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 04 Nov 2022 13:59:19 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 02:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33943
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 05 Nov 2022 02:47:14 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 1A83 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fdownloads.dddwnld.com&url=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Tue, 09 Nov 2021 04:44:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11581809-7&cid=330185528.1636433048&jid=1137736047&gjid=1387418215&_gid=2011656702.1636433048&_u=IAhAAEAAAAAAAC~&z=1014947083
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://downloads.dddwnld.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 09 Nov 2021 04:44:08 GMT
content-type
text/plain
access-control-allow-origin
http://downloads.dddwnld.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1553685621590677&input_token&origin=1&redirect_uri=http%3A%2F%2Fdownloads.dddwnld.com%2Fsoftware%2Fdownload.php%3Fsid%3D470%26ssid%3D0%26did%3D1&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=78b7fd2eec34bea90414a44d402e5717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
4SNI4azgMeXf4zXlhZrySI6xtpjE9hlWdGCWh78mgljc1XL4lGT06f2/u7xvSL7WgL3N5WhdNLsvlEu4AEhXdA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cache-control
private, no-cache, no-store, must-revalidate
date
Tue, 09 Nov 2021 04:44:08 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://downloads.dddwnld.com
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 1A83 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fdownloads.dddwnld.com&url=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 09 Nov 2021 04:44:08 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 3959 		566 B
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdownloads.dddwnld.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3da703d1e438653f08362f5250c8cda28a3eb691ce928df5beb3dceb592bbc81
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dhjElTYNoemc7O0i29isEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Nov 2021 04:44:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-dhjElTYNoemc7O0i29isEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2759057950-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 3959 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2759057950-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdownloads.dddwnld.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 08:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4293
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 22:08:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Wed, 02 Nov 2022 08:03:04 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 3959 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdownloads.dddwnld.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e/bKVqY+ogmIqULsqZxIlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"998951b1d5405dad0418a425bf80cab9"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-e/bKVqY+ogmIqULsqZxIlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Tue, 09 Nov 2021 04:44:08 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 3959 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 08:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
506186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18151
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Thu, 03 Nov 2022 08:07:42 GMT
container.html
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 19C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 04:44:08 GMT
expires
Wed, 09 Nov 2022 04:44:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 44A6 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYtLuHkgEwAQ&v=APEucNUqWGgl_X3FKbIsfvVeOPCiDk4D9v9Ivibx7R3tU6Ou3XCBkFTpbrkwduB-Fugx9X0yBkDp20nU1gAPldNDMqDn2kxQl9wvhkMyTKUpETOKKepvTb0dr8zhGrc2rFGQz_EG_OGij7EqoexbYEXQdeEBl0dE8vC60MmdhuHQRW3Zn5sf6cU
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 09 Nov 2021 04:44:09 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 09 Nov 2021 04:44:09 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 19C7 		73 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DztG_dY5EUONrxjfpetMHmvooZ4YYLUb9ZwZeBl6_knlBTFOm7q7_NfcwB9PvJXdvGK_1qYAISgzm0RWmTB_UKmTjndlGhRmFHYbWj-TGnwgeoxvG8Khu5BKCcazABtpPHoVayHtuVDW69HjNj9cdodbosVA&dbm_d=AKAmf-AsqdmmAfgvtScYBcTEC2O_ELlgaTTqyWRLMacfseYCN7OfeHm-NVJp7VjlxR8smuXkGSDNOgId-bQfP3oG_npEdrAnTXMQxXwe1NZig2CIZDajR7lVB3D6vda8XW23kqtPcnyPcDXhotpQXgUHcvzoXEsNzZIhaT_TIJQAsTDjbzMMJkSWFvExvddV0eNOdEz1fRo8Nk39nIMaPa1JMVDyccxbNkzEI3FBm3limeC80OYoUxDgZ2x-g3hQFiHP-t7MDvigprzh9nePE4EvyeKfQpHLEnEaaAW2XU8X4OYvFvY5yFjLuyTM_ysfrpDBD3EOGZZ_cxJwyAezWkXphzLq-AoC7k_o7TNOZtGvwzGdPetjeKRupQDNrJp5aJyMJ1x2sZKAmiqhrzfVW238JsHlj3DZnlSKbZSQD00_l-hwho1MxLaLikFaMbAHVUrGZw764RnFKN3e_nPAdyZAxA6c6ywhFMcNPfxtrbk5Nl0FJgpudaQEiGDcmsQnmvdAs0Oz0QOKGAkfjQTliY3IU9B2bwcjCi4COov3GtpFV3e65Y-wotR4QC_GGqnzkPETvyAh1BJv-Cz1jvuw8xYJwpbv9slQ7dW8uDKGhyh28FBxcdH5pLzzdVzsfxVDCeTcLsHxNQ1VQlANbOiJ-Jr--b7PlmJGkbsxfoAbh8j9_R0mmLFwr8jG3zyJpPJlzSoDnbmATYda0VP1OcbCKI6gnMcUdFdqWUc3jqwXBLhN7ECjX8ncuXoh0vd6BgBofB11VpDXk5H4fp8M2J6dpeExlVeGWSWPB59dGq0b3uZKfT4fX77q0i0wpWtWvVCfoDcMPLiERQLLSZm1Az16te08T52UCWsg14UrkmjzcqUlglHUuoKXoSzrClKLsx7gKK5l1TnH0UvWjs3zOfusbr6DJoIfoQdxLW-ZQl3UNafX2DVd3r0GVdq48gI2ALIDPu93vskd7XgRS-_C1GKwERMqQG9VCdU1dw0WmdPQYSMNikFI3DuAyOLWnHmggG_1fBnJ8-1IdirAr062oSgIsRIM7AN2YlkMsTJC7GDMv7ygUIBPZ70PbKvcdGFr-Bm7bfCLuFhaanZRDnPcWUd10TH6R4FAxEoEt5b0IrXqJFPBvl6b_TXPuwak62COP4vf7iiUx_wndy5-LC7r-sa541rQucPBtdGh2Dz5Sw-sXcyRjxblcmsNyuEDwbAHVYoVFq5o9vZqzv2T90Ptl_pu1JqsDnz_DU_eBiv-EWnkTFiz7nreip-9s5kcYs22C3IL7ZrKAzOCfvKLfEvN_Re8dLw0v_IhYUQZQuksmzpkw6Uz-dUOPB7RLEw1ALLVgITzSUwzxbBWQPkbj_vSw12hRpdFm2FlsOfe-wbQRwHabLxiQGFRtRAn0l4Mzsv2tNoec-DJCIYDOr4pyCOBf7XzL0epeA9q0OYbGehpC2sVUbscRt_HZnoAalTF9R3boC5p1web2516z0y_ugI30Scr5B77FMW9eQlv3_w1jeKlPhjmgtEADFbZa5uUWX9BHJsaGWiHZ8OjoelBW2mRdwVSdT2-pEA_KRViiLIoMLsM9slXJGx7c_0Nlz24OWaJ4Ffvy5s0IpKbeQun7QSCynzzXuazEkZZeDRLTH6COB8gAEpzzWpwOPsyQfQhSqsoO6ot6wq1XFaa3HqPHcoiIDP86wQDXbXfESJ8oUKYhYMGfedsI4H8YjXwnUi14ortoyv8p8OwpdWiKJeuV3h1h39IMSBI6WL7uZ4vAroPy3lsW0VnX8PxSTGxD6ksxFCexkL2qhDQFvlIyCQE_x-hV8I-wHi_4S1h5SIw2AeNZxe0XulNIu6qpa8l-BDrO2EOIAmMt9nyYF7eDMdwx_aGCRNX7Yi6TED5W_iUR8dCpxImZDuYzTUcGicVSLt9FZaUhUD_Pw1LL4TBGV-OhuMO0NdgbhJHKZawnpZpcZtWAn3_WGvQgQrA7caczk9LOsyb6oTrTmCHp6AMJGGzq6P8-nJbN7FV7IyzKSMnREwhpePSpeeVALWNNXGacnoMCWVpQDyQiVSNGms2gwHQYZB57T-QRWnixV1QRkh2TMRZ03UoK3fdDJrcbYogi-XZ60LWdrS35RewKpv_nxlEDa5dwXyEFxXn0Qd5wfX7rEEEh3HiRFfMUZB70qq3dWIRS6yK4H4EgFLxcqXv9HqbarVo3Ce-0S_NMD2bVGhSAOAFZiIo-C3qIFjFUR6_5Crso-0_TjedAYL00Kg9u9miY-zlzCtgu51aun2HyyN-HWP30oBN9t06EOV8uOLwzl_Bzr4KPK6iahRrav47erwRY7Bp7q19t0UgPj-3xSx7sBmDolFYtNcRSRSVvkYDd5Ac-fgw8brr8PQ6p9j66sczYLVvqswU8XFMEvutbyCwxeS0OqiyA2s425n5Jo6Rj0XFHVLci5y-c6SEUIaRGT5nd3VoWh2VcR6wQ8eBHjPkBlwOOYvqP9fONCwV5GACgNfZ_LW_MmvMjXitOyBNLuG9ou8DtBR0TSrhJ1E4X9goGZXhd0cfSH5-quzCRNcYsvAIL6cQ_ObDr4OsxihkcsVLJphfMSHJSeK3Yzyfod44nQuq4XU1GMHk8rXXDKm1PKleAiK413M5o6Fgj8PU_I1iHiBQ8xvupJeWDfcl9u60pPmcUdagILPbbzRkz4CV5bim-hL7j6j0PbJnOV3OTNjpqZmxc3MCDoXmdSbxCsaozGitxjSNQQaNXYB1a5gJBs4KoHXCUDyzGL2OMCWUYvPNzDhfjWc-UMZqGmyb5mhcsidmswY1F3u4FpZx_FTqAhV4SC5Hd__noAZIlVXHZXT88a35xiZOzpUTfwSe4P5Yp6TGMFqdFstJCFXGYqSkMpwM3K6R45PJ1yAKEYMrntQw7jzuNYheW5NlxSrK8z3-9h2znpBQatr0m5dRhrIXpVf1O5UdWN5W5Vr5kt0Vp-u5Bzlv0cZvorceeaF2QQ-0XP7YhAfFD48d1jhz8MUaov1aQXyba1YSggG2rOBMR1vT985pFFiyJb_FQ7ZrsNGDaNpFO1_s8Uoh7_pX_idXXitTUjgeikSAEYJvkgjhqBldY4-ETZLJnxykczAUsgFFCPSbxiLnUPLouIhs9vcuAmNyl_F7-NCZWCDptopc9q__tcY0IMafQryODu8VRYQEACETNBqnnMq_kUQ8BdWEwr4&cid=CAASFeRoJbBLU_tq1Mci9vmUSRjjdwFzLA&rfl=1%2Chttp%253A%252F%252Fdownloads.dddwnld.com%252F%240
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aafc6d676b5ebb3031b24dcc3d1b6a7f842dc38a1c4a4cf1c1fa1896a9bd0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30021
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 19C7 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9c2MAmojV0MTzqiKkupYtBVBBuaofV2YaoE3J3uYyI8dUH65QFvQ9hlDaIFg6aQJ1uAW_QtzXjuXcw7u8LWNNDQ1xlxXxIHmKnV-8KZ-J9hOB1oI
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 19C7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:30:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19C7 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:44:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 19C7 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:35:24 GMT
l
www.google.com/ads/measurement/ Frame 19C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSors3IuxwfH_qxYWwAKXAqN_PdEyJuxwQON_50zxEkG6lqkSmtgU1IifjEX6mMpv4CV55b_s2lfRwTjhnpU0CPMWAwhA
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 44A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDD3BykrAvTIACUlrlzPoAM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDD3BykrAvTIACUlrlzPoAM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYtLuHkgEwAQ&v=APEucNUqWGgl_X3FKbIsfvVeOPCiDk4D9v9Ivibx7R3tU6Ou3XCBkFTpbrkwduB-Fugx9X0yBkDp20nU1gAPldNDMqDn2kxQl9wvhkMyTKUpETOKKepvTb0dr8zhGrc2rFGQz_EG_OGij7EqoexbYEXQdeEBl0dE8vC60MmdhuHQRW3Zn5sf6cU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:44:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 04:44:09 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDD3BykrAvTIACUlrlzPoAM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 44A6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYn8meMEx4wklpiw2Q4O1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK6mfmouyDnBCoqktedP_4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK6mfmouyDnBCoqktedP_4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYtLuHkgEwAQ&v=APEucNUqWGgl_X3FKbIsfvVeOPCiDk4D9v9Ivibx7R3tU6Ou3XCBkFTpbrkwduB-Fugx9X0yBkDp20nU1gAPldNDMqDn2kxQl9wvhkMyTKUpETOKKepvTb0dr8zhGrc2rFGQz_EG_OGij7EqoexbYEXQdeEBl0dE8vC60MmdhuHQRW3Zn5sf6cU
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:44:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 04:44:09 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK6mfmouyDnBCoqktedP_4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 44A6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDo3kvPoJL0zybcDInlUGYI&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDo3kvPoJL0zybcDInlUGYI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYtLuHkgEwAQ&v=APEucNUqWGgl_X3FKbIsfvVeOPCiDk4D9v9Ivibx7R3tU6Ou3XCBkFTpbrkwduB-Fugx9X0yBkDp20nU1gAPldNDMqDn2kxQl9wvhkMyTKUpETOKKepvTb0dr8zhGrc2rFGQz_EG_OGij7EqoexbYEXQdeEBl0dE8vC60MmdhuHQRW3Zn5sf6cU
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:44:09 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0e25a28c-055f-4b56-8426-d2d1763b3d22
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDo3kvPoJL0zybcDInlUGYI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NTIzMzEwNzA3MDQ5ODkzMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NTIzMzEwNzA3MDQ5ODkzMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYtLuHkgEwAQ&v=APEucNUqWGgl_X3FKbIsfvVeOPCiDk4D9v9Ivibx7R3tU6Ou3XCBkFTpbrkwduB-Fugx9X0yBkDp20nU1gAPldNDMqDn2kxQl9wvhkMyTKUpETOKKepvTb0dr8zhGrc2rFGQz_EG_OGij7EqoexbYEXQdeEBl0dE8vC60MmdhuHQRW3Zn5sf6cU
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 04:44:09 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6eb10cb1-2bc3-4fa8-8d07-d019b2ca4ce5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1NTIzMzEwNzA3MDQ5ODkzMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 19C7 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
Origin
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 16:09:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 19C7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DztG_dY5EUONrxjfpetMHmvooZ4YYLUb9ZwZeBl6_knlBTFOm7q7_NfcwB9PvJXdvGK_1qYAISgzm0RWmTB_UKmTjndlGhRmFHYbWj-TGnwgeoxvG8Khu5BKCcazABtpPHoVayHtuVDW69HjNj9cdodbosVA&dbm_d=AKAmf-AsqdmmAfgvtScYBcTEC2O_ELlgaTTqyWRLMacfseYCN7OfeHm-NVJp7VjlxR8smuXkGSDNOgId-bQfP3oG_npEdrAnTXMQxXwe1NZig2CIZDajR7lVB3D6vda8XW23kqtPcnyPcDXhotpQXgUHcvzoXEsNzZIhaT_TIJQAsTDjbzMMJkSWFvExvddV0eNOdEz1fRo8Nk39nIMaPa1JMVDyccxbNkzEI3FBm3limeC80OYoUxDgZ2x-g3hQFiHP-t7MDvigprzh9nePE4EvyeKfQpHLEnEaaAW2XU8X4OYvFvY5yFjLuyTM_ysfrpDBD3EOGZZ_cxJwyAezWkXphzLq-AoC7k_o7TNOZtGvwzGdPetjeKRupQDNrJp5aJyMJ1x2sZKAmiqhrzfVW238JsHlj3DZnlSKbZSQD00_l-hwho1MxLaLikFaMbAHVUrGZw764RnFKN3e_nPAdyZAxA6c6ywhFMcNPfxtrbk5Nl0FJgpudaQEiGDcmsQnmvdAs0Oz0QOKGAkfjQTliY3IU9B2bwcjCi4COov3GtpFV3e65Y-wotR4QC_GGqnzkPETvyAh1BJv-Cz1jvuw8xYJwpbv9slQ7dW8uDKGhyh28FBxcdH5pLzzdVzsfxVDCeTcLsHxNQ1VQlANbOiJ-Jr--b7PlmJGkbsxfoAbh8j9_R0mmLFwr8jG3zyJpPJlzSoDnbmATYda0VP1OcbCKI6gnMcUdFdqWUc3jqwXBLhN7ECjX8ncuXoh0vd6BgBofB11VpDXk5H4fp8M2J6dpeExlVeGWSWPB59dGq0b3uZKfT4fX77q0i0wpWtWvVCfoDcMPLiERQLLSZm1Az16te08T52UCWsg14UrkmjzcqUlglHUuoKXoSzrClKLsx7gKK5l1TnH0UvWjs3zOfusbr6DJoIfoQdxLW-ZQl3UNafX2DVd3r0GVdq48gI2ALIDPu93vskd7XgRS-_C1GKwERMqQG9VCdU1dw0WmdPQYSMNikFI3DuAyOLWnHmggG_1fBnJ8-1IdirAr062oSgIsRIM7AN2YlkMsTJC7GDMv7ygUIBPZ70PbKvcdGFr-Bm7bfCLuFhaanZRDnPcWUd10TH6R4FAxEoEt5b0IrXqJFPBvl6b_TXPuwak62COP4vf7iiUx_wndy5-LC7r-sa541rQucPBtdGh2Dz5Sw-sXcyRjxblcmsNyuEDwbAHVYoVFq5o9vZqzv2T90Ptl_pu1JqsDnz_DU_eBiv-EWnkTFiz7nreip-9s5kcYs22C3IL7ZrKAzOCfvKLfEvN_Re8dLw0v_IhYUQZQuksmzpkw6Uz-dUOPB7RLEw1ALLVgITzSUwzxbBWQPkbj_vSw12hRpdFm2FlsOfe-wbQRwHabLxiQGFRtRAn0l4Mzsv2tNoec-DJCIYDOr4pyCOBf7XzL0epeA9q0OYbGehpC2sVUbscRt_HZnoAalTF9R3boC5p1web2516z0y_ugI30Scr5B77FMW9eQlv3_w1jeKlPhjmgtEADFbZa5uUWX9BHJsaGWiHZ8OjoelBW2mRdwVSdT2-pEA_KRViiLIoMLsM9slXJGx7c_0Nlz24OWaJ4Ffvy5s0IpKbeQun7QSCynzzXuazEkZZeDRLTH6COB8gAEpzzWpwOPsyQfQhSqsoO6ot6wq1XFaa3HqPHcoiIDP86wQDXbXfESJ8oUKYhYMGfedsI4H8YjXwnUi14ortoyv8p8OwpdWiKJeuV3h1h39IMSBI6WL7uZ4vAroPy3lsW0VnX8PxSTGxD6ksxFCexkL2qhDQFvlIyCQE_x-hV8I-wHi_4S1h5SIw2AeNZxe0XulNIu6qpa8l-BDrO2EOIAmMt9nyYF7eDMdwx_aGCRNX7Yi6TED5W_iUR8dCpxImZDuYzTUcGicVSLt9FZaUhUD_Pw1LL4TBGV-OhuMO0NdgbhJHKZawnpZpcZtWAn3_WGvQgQrA7caczk9LOsyb6oTrTmCHp6AMJGGzq6P8-nJbN7FV7IyzKSMnREwhpePSpeeVALWNNXGacnoMCWVpQDyQiVSNGms2gwHQYZB57T-QRWnixV1QRkh2TMRZ03UoK3fdDJrcbYogi-XZ60LWdrS35RewKpv_nxlEDa5dwXyEFxXn0Qd5wfX7rEEEh3HiRFfMUZB70qq3dWIRS6yK4H4EgFLxcqXv9HqbarVo3Ce-0S_NMD2bVGhSAOAFZiIo-C3qIFjFUR6_5Crso-0_TjedAYL00Kg9u9miY-zlzCtgu51aun2HyyN-HWP30oBN9t06EOV8uOLwzl_Bzr4KPK6iahRrav47erwRY7Bp7q19t0UgPj-3xSx7sBmDolFYtNcRSRSVvkYDd5Ac-fgw8brr8PQ6p9j66sczYLVvqswU8XFMEvutbyCwxeS0OqiyA2s425n5Jo6Rj0XFHVLci5y-c6SEUIaRGT5nd3VoWh2VcR6wQ8eBHjPkBlwOOYvqP9fONCwV5GACgNfZ_LW_MmvMjXitOyBNLuG9ou8DtBR0TSrhJ1E4X9goGZXhd0cfSH5-quzCRNcYsvAIL6cQ_ObDr4OsxihkcsVLJphfMSHJSeK3Yzyfod44nQuq4XU1GMHk8rXXDKm1PKleAiK413M5o6Fgj8PU_I1iHiBQ8xvupJeWDfcl9u60pPmcUdagILPbbzRkz4CV5bim-hL7j6j0PbJnOV3OTNjpqZmxc3MCDoXmdSbxCsaozGitxjSNQQaNXYB1a5gJBs4KoHXCUDyzGL2OMCWUYvPNzDhfjWc-UMZqGmyb5mhcsidmswY1F3u4FpZx_FTqAhV4SC5Hd__noAZIlVXHZXT88a35xiZOzpUTfwSe4P5Yp6TGMFqdFstJCFXGYqSkMpwM3K6R45PJ1yAKEYMrntQw7jzuNYheW5NlxSrK8z3-9h2znpBQatr0m5dRhrIXpVf1O5UdWN5W5Vr5kt0Vp-u5Bzlv0cZvorceeaF2QQ-0XP7YhAfFD48d1jhz8MUaov1aQXyba1YSggG2rOBMR1vT985pFFiyJb_FQ7ZrsNGDaNpFO1_s8Uoh7_pX_idXXitTUjgeikSAEYJvkgjhqBldY4-ETZLJnxykczAUsgFFCPSbxiLnUPLouIhs9vcuAmNyl_F7-NCZWCDptopc9q__tcY0IMafQryODu8VRYQEACETNBqnnMq_kUQ8BdWEwr4&cid=CAASFeRoJbBLU_tq1Mci9vmUSRjjdwFzLA&rfl=1%2Chttp%253A%252F%252Fdownloads.dddwnld.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 04:41:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 19C7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DztG_dY5EUONrxjfpetMHmvooZ4YYLUb9ZwZeBl6_knlBTFOm7q7_NfcwB9PvJXdvGK_1qYAISgzm0RWmTB_UKmTjndlGhRmFHYbWj-TGnwgeoxvG8Khu5BKCcazABtpPHoVayHtuVDW69HjNj9cdodbosVA&dbm_d=AKAmf-AsqdmmAfgvtScYBcTEC2O_ELlgaTTqyWRLMacfseYCN7OfeHm-NVJp7VjlxR8smuXkGSDNOgId-bQfP3oG_npEdrAnTXMQxXwe1NZig2CIZDajR7lVB3D6vda8XW23kqtPcnyPcDXhotpQXgUHcvzoXEsNzZIhaT_TIJQAsTDjbzMMJkSWFvExvddV0eNOdEz1fRo8Nk39nIMaPa1JMVDyccxbNkzEI3FBm3limeC80OYoUxDgZ2x-g3hQFiHP-t7MDvigprzh9nePE4EvyeKfQpHLEnEaaAW2XU8X4OYvFvY5yFjLuyTM_ysfrpDBD3EOGZZ_cxJwyAezWkXphzLq-AoC7k_o7TNOZtGvwzGdPetjeKRupQDNrJp5aJyMJ1x2sZKAmiqhrzfVW238JsHlj3DZnlSKbZSQD00_l-hwho1MxLaLikFaMbAHVUrGZw764RnFKN3e_nPAdyZAxA6c6ywhFMcNPfxtrbk5Nl0FJgpudaQEiGDcmsQnmvdAs0Oz0QOKGAkfjQTliY3IU9B2bwcjCi4COov3GtpFV3e65Y-wotR4QC_GGqnzkPETvyAh1BJv-Cz1jvuw8xYJwpbv9slQ7dW8uDKGhyh28FBxcdH5pLzzdVzsfxVDCeTcLsHxNQ1VQlANbOiJ-Jr--b7PlmJGkbsxfoAbh8j9_R0mmLFwr8jG3zyJpPJlzSoDnbmATYda0VP1OcbCKI6gnMcUdFdqWUc3jqwXBLhN7ECjX8ncuXoh0vd6BgBofB11VpDXk5H4fp8M2J6dpeExlVeGWSWPB59dGq0b3uZKfT4fX77q0i0wpWtWvVCfoDcMPLiERQLLSZm1Az16te08T52UCWsg14UrkmjzcqUlglHUuoKXoSzrClKLsx7gKK5l1TnH0UvWjs3zOfusbr6DJoIfoQdxLW-ZQl3UNafX2DVd3r0GVdq48gI2ALIDPu93vskd7XgRS-_C1GKwERMqQG9VCdU1dw0WmdPQYSMNikFI3DuAyOLWnHmggG_1fBnJ8-1IdirAr062oSgIsRIM7AN2YlkMsTJC7GDMv7ygUIBPZ70PbKvcdGFr-Bm7bfCLuFhaanZRDnPcWUd10TH6R4FAxEoEt5b0IrXqJFPBvl6b_TXPuwak62COP4vf7iiUx_wndy5-LC7r-sa541rQucPBtdGh2Dz5Sw-sXcyRjxblcmsNyuEDwbAHVYoVFq5o9vZqzv2T90Ptl_pu1JqsDnz_DU_eBiv-EWnkTFiz7nreip-9s5kcYs22C3IL7ZrKAzOCfvKLfEvN_Re8dLw0v_IhYUQZQuksmzpkw6Uz-dUOPB7RLEw1ALLVgITzSUwzxbBWQPkbj_vSw12hRpdFm2FlsOfe-wbQRwHabLxiQGFRtRAn0l4Mzsv2tNoec-DJCIYDOr4pyCOBf7XzL0epeA9q0OYbGehpC2sVUbscRt_HZnoAalTF9R3boC5p1web2516z0y_ugI30Scr5B77FMW9eQlv3_w1jeKlPhjmgtEADFbZa5uUWX9BHJsaGWiHZ8OjoelBW2mRdwVSdT2-pEA_KRViiLIoMLsM9slXJGx7c_0Nlz24OWaJ4Ffvy5s0IpKbeQun7QSCynzzXuazEkZZeDRLTH6COB8gAEpzzWpwOPsyQfQhSqsoO6ot6wq1XFaa3HqPHcoiIDP86wQDXbXfESJ8oUKYhYMGfedsI4H8YjXwnUi14ortoyv8p8OwpdWiKJeuV3h1h39IMSBI6WL7uZ4vAroPy3lsW0VnX8PxSTGxD6ksxFCexkL2qhDQFvlIyCQE_x-hV8I-wHi_4S1h5SIw2AeNZxe0XulNIu6qpa8l-BDrO2EOIAmMt9nyYF7eDMdwx_aGCRNX7Yi6TED5W_iUR8dCpxImZDuYzTUcGicVSLt9FZaUhUD_Pw1LL4TBGV-OhuMO0NdgbhJHKZawnpZpcZtWAn3_WGvQgQrA7caczk9LOsyb6oTrTmCHp6AMJGGzq6P8-nJbN7FV7IyzKSMnREwhpePSpeeVALWNNXGacnoMCWVpQDyQiVSNGms2gwHQYZB57T-QRWnixV1QRkh2TMRZ03UoK3fdDJrcbYogi-XZ60LWdrS35RewKpv_nxlEDa5dwXyEFxXn0Qd5wfX7rEEEh3HiRFfMUZB70qq3dWIRS6yK4H4EgFLxcqXv9HqbarVo3Ce-0S_NMD2bVGhSAOAFZiIo-C3qIFjFUR6_5Crso-0_TjedAYL00Kg9u9miY-zlzCtgu51aun2HyyN-HWP30oBN9t06EOV8uOLwzl_Bzr4KPK6iahRrav47erwRY7Bp7q19t0UgPj-3xSx7sBmDolFYtNcRSRSVvkYDd5Ac-fgw8brr8PQ6p9j66sczYLVvqswU8XFMEvutbyCwxeS0OqiyA2s425n5Jo6Rj0XFHVLci5y-c6SEUIaRGT5nd3VoWh2VcR6wQ8eBHjPkBlwOOYvqP9fONCwV5GACgNfZ_LW_MmvMjXitOyBNLuG9ou8DtBR0TSrhJ1E4X9goGZXhd0cfSH5-quzCRNcYsvAIL6cQ_ObDr4OsxihkcsVLJphfMSHJSeK3Yzyfod44nQuq4XU1GMHk8rXXDKm1PKleAiK413M5o6Fgj8PU_I1iHiBQ8xvupJeWDfcl9u60pPmcUdagILPbbzRkz4CV5bim-hL7j6j0PbJnOV3OTNjpqZmxc3MCDoXmdSbxCsaozGitxjSNQQaNXYB1a5gJBs4KoHXCUDyzGL2OMCWUYvPNzDhfjWc-UMZqGmyb5mhcsidmswY1F3u4FpZx_FTqAhV4SC5Hd__noAZIlVXHZXT88a35xiZOzpUTfwSe4P5Yp6TGMFqdFstJCFXGYqSkMpwM3K6R45PJ1yAKEYMrntQw7jzuNYheW5NlxSrK8z3-9h2znpBQatr0m5dRhrIXpVf1O5UdWN5W5Vr5kt0Vp-u5Bzlv0cZvorceeaF2QQ-0XP7YhAfFD48d1jhz8MUaov1aQXyba1YSggG2rOBMR1vT985pFFiyJb_FQ7ZrsNGDaNpFO1_s8Uoh7_pX_idXXitTUjgeikSAEYJvkgjhqBldY4-ETZLJnxykczAUsgFFCPSbxiLnUPLouIhs9vcuAmNyl_F7-NCZWCDptopc9q__tcY0IMafQryODu8VRYQEACETNBqnnMq_kUQ8BdWEwr4&cid=CAASFeRoJbBLU_tq1Mci9vmUSRjjdwFzLA&rfl=1%2Chttp%253A%252F%252Fdownloads.dddwnld.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 03:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
378257483732583304
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 03:56:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 19C7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 11:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 08 Nov 2022 11:10:41 GMT
truncated
/ Frame 19C7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4762952a936085c2f4d5bcc30f3a9b44b5c546a55d9e522316be8e8e45a5be1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 73CA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 08 Nov 2021 11:10:41 GMT
expires
Tue, 08 Nov 2022 11:10:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
63208
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/18009363788076966023/ Frame 8808 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
224bd60cd17d04f4934310bb6b250427b114cfd0147c5f44d73baba4f0011ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2306
date
Wed, 03 Nov 2021 08:08:43 GMT
expires
Thu, 03 Nov 2022 08:08:43 GMT
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
506126
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 19C7 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstenZTd9ugu27x48m-xDeoVXSUHwqaEivg3NKb7UeMVhzdZJS7WBVqPfOEblURqw1jVFAKor_KbPsmiuvdOCx3IuSyLHhzx4n31vrOAFc7NvAvb-IulDqJvmM6G9JrQoyluM6WikrnXE36ni9YhUwfPoBCMgFBAmg8wBKb8Ux4AcsRmTTtNEpY8N8X6yY6hIvM-3CF0nonRJitsuMa6qzJnNg5gr-iUXaDA4KRnOrKSo0BmBf12wtpSbJEJ28IM9lwY_KCJl70ohxz7QOl3uUQLZTG79bUeYjRSmwd66klmiFO_aLPIMMx3jU_QfSgTpaz7IlFo8Ya6jEfpr8nN1FDKlsnQdo0B4fDqk0qIPneMZxZbitsZMqBP0XZt90jgWv0FW8X2J0Ok_rPAmLS7QkwR7KtKXdcpXFJB4SZVps7WU_OGj-ruBI8X6eITky_qq5eqHY5yWEDtUxJBAmaNXYe1Pvh3Mnc2p-xrIAvb7LUfC6eOgOwOxZsZ_GAyr0anxYlmnCVxT9LjfZtYttoJploESjje3GwuOdtsPhDsEebo1QwDWSR-sRu-43uoY_AHrTIvknpNeNpHgZvu5ZtoBGpmuv0J3ZlgWyUePb17j4RtTR-Xk2FMUGZIS-j9WGUwRo42N5mUXNjzm_qhSF_Mzzbz7L73qzZz6FAfhR-KlaON6E1cnq7d_m4Yas2BoX_H76hZVYEa1YVuz5ZYs0eagWZrad-eVmqY7rxy-bZEiGSjhmXZxN4uYzeGHJ-c5ditaf4zJOBpZdf8KjjZWYh4A0NzHxv8Au2HPS9rMF3VbOtmhARmioggGXNFv1pPk-kKEVjsW4PdNGJ_4cmFBBhUT7jZVy0zMQViYw_2wF2g0O8xgzaOz86ajI7haiR_4VIzDKnAK8cdoTkJqYTgeNAhgHo_M-UsFTmLbAP7QZQP_okmW5UzYXBhvZmpSkm2Mgq1YnslJjEPlt6nyKJ3e4rCBprQmFQN7Aa12DB8hOxw61iBToGso0Xz7-D4MQB3D0oc0rJCnaH3v9lpa7NBr0T8qK6mQQdbqKXpTbMEi93dkv6KkbdTjn6VWhGQgJ1fIkySsQw2umKkPV3GUv6iawbs4epdLY_0pgje-35Ic5FY0G9tW7c0k7rYtLhsHD_0yD7Fp4abMHDGNjGBtkiPhW7WZsM0Suk5V3pVNtuPkVSI0PgH-YeccZik6r8ERrXyP2L54n7600CysayC6YRgaz3Ya-I9&sai=AMfl-YRMp-7QiQqe3p6AlrvIzPtEVZlmrXFBxxvEF3WHebk0MNa-df1RyFJT0y6F1he81cHK9Eqf6DYnkppIFcUUZfuLpTPGpv4bDmeQ8oXZcVTnT8MVvAYD3TolGglKTdnLWlp6Kn-y2reqlyf1nz89YdVUmxXRp6fQpPqqCvU&sig=Cg0ArKJSzNskmVJ_RvmpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&cbvp=1&cstd=85&cisv=r20211103.24774&adurl=
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 09 Nov 2021 04:44:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame 73CA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 8808 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:09 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Tue, 09 Nov 2021 04:59:09 GMT
Dragon_300x250.js
s0.2mdn.net/sadbundle/18009363788076966023/ Frame 8808 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/Dragon_300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bf1ed9d53190b03ff752162b011d151e0d62daab5082b1b8e49d2468d1161bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 11:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149132
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11659
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 11:18:37 GMT
bg_300x250.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/bg_300x250.png
Requested by
Host: d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
URL: https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5301a2cdddc807983089aa44a921e0578668be8e287f200c3ddcf03384de34e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 17:52:34 GMT
x-content-type-options
nosniff
age
384695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44495
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 17:52:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 19C7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstenZTd9ugu27x48m-xDeoVXSUHwqaEivg3NKb7UeMVhzdZJS7WBVqPfOEblURqw1jVFAKor_KbPsmiuvdOCx3IuSyLHhzx4n31vrOAFc7NvAvb-IulDqJvmM6G9JrQoyluM6WikrnXE36ni9YhUwfPoBCMgFBAmg8wBKb8Ux4AcsRmTTtNEpY8N8X6yY6hIvM-3CF0nonRJitsuMa6qzJnNg5gr-iUXaDA4KRnOrKSo0BmBf12wtpSbJEJ28IM9lwY_KCJl70ohxz7QOl3uUQLZTG79bUeYjRSmwd66klmiFO_aLPIMMx3jU_QfSgTpaz7IlFo8Ya6jEfpr8nN1FDKlsnQdo0B4fDqk0qIPneMZxZbitsZMqBP0XZt90jgWv0FW8X2J0Ok_rPAmLS7QkwR7KtKXdcpXFJB4SZVps7WU_OGj-ruBI8X6eITky_qq5eqHY5yWEDtUxJBAmaNXYe1Pvh3Mnc2p-xrIAvb7LUfC6eOgOwOxZsZ_GAyr0anxYlmnCVxT9LjfZtYttoJploESjje3GwuOdtsPhDsEebo1QwDWSR-sRu-43uoY_AHrTIvknpNeNpHgZvu5ZtoBGpmuv0J3ZlgWyUePb17j4RtTR-Xk2FMUGZIS-j9WGUwRo42N5mUXNjzm_qhSF_Mzzbz7L73qzZz6FAfhR-KlaON6E1cnq7d_m4Yas2BoX_H76hZVYEa1YVuz5ZYs0eagWZrad-eVmqY7rxy-bZEiGSjhmXZxN4uYzeGHJ-c5ditaf4zJOBpZdf8KjjZWYh4A0NzHxv8Au2HPS9rMF3VbOtmhARmioggGXNFv1pPk-kKEVjsW4PdNGJ_4cmFBBhUT7jZVy0zMQViYw_2wF2g0O8xgzaOz86ajI7haiR_4VIzDKnAK8cdoTkJqYTgeNAhgHo_M-UsFTmLbAP7QZQP_okmW5UzYXBhvZmpSkm2Mgq1YnslJjEPlt6nyKJ3e4rCBprQmFQN7Aa12DB8hOxw61iBToGso0Xz7-D4MQB3D0oc0rJCnaH3v9lpa7NBr0T8qK6mQQdbqKXpTbMEi93dkv6KkbdTjn6VWhGQgJ1fIkySsQw2umKkPV3GUv6iawbs4epdLY_0pgje-35Ic5FY0G9tW7c0k7rYtLhsHD_0yD7Fp4abMHDGNjGBtkiPhW7WZsM0Suk5V3pVNtuPkVSI0PgH-YeccZik6r8ERrXyP2L54n7600CysayC6YRgaz3Ya-I9&sai=AMfl-YRMp-7QiQqe3p6AlrvIzPtEVZlmrXFBxxvEF3WHebk0MNa-df1RyFJT0y6F1he81cHK9Eqf6DYnkppIFcUUZfuLpTPGpv4bDmeQ8oXZcVTnT8MVvAYD3TolGglKTdnLWlp6Kn-y2reqlyf1nz89YdVUmxXRp6fQpPqqCvU&sig=Cg0ArKJSzNskmVJ_RvmpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=242&vt=11&dtpt=153&dett=3&cstd=85&cisv=r20211103.24774&adurl=
Requested by
Host: downloads.dddwnld.com
URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:44:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
light-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-bottom.css
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-bottom.css
3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-bottom.css
Protocol
H2
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad0b4b022794192f02d6ae172b4477d1c69d2b8efa979df025b2d7fef16b74c6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3651950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
713
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-c3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOt7kzzQseMwaPgHjtK8gB51L7MpSNi9qQ1DfpaiaC5ydcIO7a4UcnaLl05H6nMsmX5fIzmL2EPRw0WWrvA2EuUYVFRxuw0VdQ3%2Bh54xzjqK82hmhutXBlCX6ts7b6%2BBkaqGP2rVBmwKS6zW7huKkaf%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ab46260caa83763-MXP
expires
Sun, 30 Oct 2022 04:44:09 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-bottom.css
Non-Authoritative-Reason
HSTS
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f9620880be46a074173bc1f2030d170da6ef6c68e1681931d2ea7aca28558e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 04:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9249
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 8036 		47 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=78b7fd2eec34bea90414a44d402e5717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c616be2cf06fd9b423705db1baf24bb8a9fd2b3f44cb3ef7f8437bf995cdcad
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
pYBImE7TgGRXZCs63CJImDEwFmD6JjYDHrmpCU9HMURoqipv4gJzVWI9RvMHf46umwGem00Cp2jMq9UDcjGcWg==
date
Tue, 09 Nov 2021 04:44:09 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
chara_purple_magic.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/chara_purple_magic.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a6e869caa03d0558a68186d8ce1061be8204b68d8eb0914a34bb01ed9c695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 14:57:42 GMT
x-content-type-options
nosniff
age
395187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10891
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 14:57:42 GMT
CTA.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		564 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/CTA.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b70fd03e42db21a2d576949c3a76e5da656fcc51d0d3692862511e49317baaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 06:23:05 GMT
x-content-type-options
nosniff
age
166864
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 06:23:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:44:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 04:44:09 GMT
dragon_300x250.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/dragon_300x250.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b232689e7cc716c2d77afd47ca4440e27a7bbc57272e4e317b604fb30fae8bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:05:51 GMT
x-content-type-options
nosniff
age
365898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26259
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:05:51 GMT
fire_breath.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/fire_breath.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8535d3fecc9c9038d62018118a37030e68b9294013c603de2476e48ee2b03aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:24:46 GMT
x-content-type-options
nosniff
age
29963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15300
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 20:24:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73CA 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBsyOmfyJYdqbGO2ux_APl4ej6AYAAAAAOAHgBAI&bg=!7u2l7anNAAYH3anuB907ACkAdvg8WoUbeBbddmNPbc8nkP0hG72u5heZomup3vkF7I1Wpk9xRsLH6wIAAACdUgAAAAtoAQeZAxQR2uEQVPcUSr5bkUGcaEKcPkXbKfLN50mouqWl-jKV4wgcN9poZgmpWxBVrutQtSZRLp9Onl-Pu-yF7z67g4t-7P93OtYqPX1y3rSzT9o0p7x4chWvjFyJqre8_SJeHymRInHZO4dB7D4hKti0ZTnRybCPzQ3sUCxqWXBlPuj-49zXco8XEYlaRMD7dgKVqqDi2ozdIesMO5Ci87H9JOs6VjcTpD9DkYcnoPGaBpNDZRw8AZyuXZC1zGzcYdJXaBm6POb0vZ7nIdI1GOdSYwKf2Q7ZKRbqX-GeJmU7dS2l3wXsr1j7-p1Wvq7SPafJxiPNRNk29cl9pLvFk7h7jOrHCAAuroSb2oGYoV-NFDabkz5xstJF9tjLjEaMpYKYc9CBLcxvZ7ehnu3tbmvU94tqJnWbU2_Mt9V2CRAuvp9QstO3QLVyb5V2fbIhgS2TykTMiBg2qQPlvyn88CLkESaThpdmTxbIZf9Ws-8pUyTa1PuMYtdQIwzsezUAPDRCNAERX7SMcL8O_DpIry_E3GdG7nLq39tNdX8mtcjHL2-ja5_KfeTjXC0AmAlovKZJ6d1Bcascgj0CDG_0-SFb9Sdm7y9jCDlT668FjkKN1zfV4lIDYjpFurudFupmAVVwnbuJ4-7sW7dKYjsF1N9ogu42U7jw_DVWFjnVI5kLXV1nsbqEpC6TMd0DggUwrwIQN3P2I_MURn-uwTyZTKjudROBhmMoZ6pbwVIDQ75n4Hl7iqQWl65WG5FFy4As4Ow_opb-qKHEL_ooSDFAw5hBh5m12f_kqqlO2FviyLoq3kQ42r5hxgOnAyKrmkh5s3pbRtrO6Ft-kDuLls4Dn5S0TWH5bqaHq8b44s_XGHZ7svWhKlYLIeRlyYPk5Q5nQkWb_uJg2Bo4HYc-d6qZ1xlcCYRnAwoBcw8aQeRE56TmUNpekF_JKS8xiEzJgIPy2oArVKVebLjnbeeu9tbtMIjdcgykv5QN3muJqdxGP2MxspVd3jTJuHScn3WheTJ5vzTCd8b-bLcXRdyOfUBgIai1ASjuckQdfA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
magic_purple_Large2.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/magic_purple_Large2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e2c11a73e5b94f3ed685b710754b5708af6f97ef90ad22de3633caa9cdd478d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:24:46 GMT
x-content-type-options
nosniff
age
29963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31765
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 20:24:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EE40 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 08 Nov 2021 19:53:47 GMT
expires
Tue, 08 Nov 2022 19:53:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
31822
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6471 		783 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7d0bb044af2e9dd8e233a56d9b5ab8c47f73fc8ddec1b0e6e93265263e2b344
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uYFmQD6luGvj3SNr0tf2uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 04:44:09 GMT
date
Tue, 09 Nov 2021 04:44:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-uYFmQD6luGvj3SNr0tf2uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
night_elf_LT.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/night_elf_LT.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
022c14d205d91cec8e586712bbfa8737c4297c04f8370e7e4c4ba69f74846e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:05:52 GMT
x-content-type-options
nosniff
age
365897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3731
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:05:52 GMT
night_elf_RT.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/night_elf_RT.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd89dc15c27aa3bf5f6ef3e4319928cb1bc2d7b2460fe076ad6c1958507c3dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 02:50:03 GMT
x-content-type-options
nosniff
age
438846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 02:50:03 GMT
zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
pagead2.googlesyndication.com/bg/ Frame EE40 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 20:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
31272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13399
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 20:02:57 GMT
streak.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		387 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/streak.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96d1726908ab73a1c6ab88e8415f5b8061ea327fa0d46f075cd055f691250429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 00:10:00 GMT
x-content-type-options
nosniff
age
16449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
387
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 00:10:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6471 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=195127958161454&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
TXT.png
s0.2mdn.net/sadbundle/18009363788076966023/images/ Frame 8808 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18009363788076966023/images/TXT.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e9430adfa5df6165665667575297ee87c17f543950ce4c48e639d81d82d42fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18009363788076966023/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 00:10:01 GMT
x-content-type-options
nosniff
age
16448
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9956
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 16:56:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Nov 2022 00:10:01 GMT
zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 8036 		388 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-fb-debug
0jULty9bn/R434/BNpubkDpZGPBjgUPxHTUF0E1cGDGxgu5Uq9qsolr6kDcIu5TEZ90NhjsZ340ATPWUnpTjwQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
date
Sun, 07 Nov 2021 01:32:00 GMT
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
388
x-fb-rlafr
0
expires
Mon, 07 Nov 2022 01:32:00 GMT
iALgA1-gt9l.js
www.facebook.com/rsrc.php/v3iEpO4/yB/l/en_US/ Frame 8036 		515 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yB/l/en_US/iALgA1-gt9l.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e569324711cccb67c749aa61baf42a398dc20f2a94ef682d645a6b7d83366e1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 01:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
r3HjNg7qh48be5gDUT2dWw==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
137936
x-fb-rlafr
0
x-fb-debug
iE9ZjcJN6V4ooXrjO0hstxZrw3xQUcqwRZrbo+Spj1eDN65IYAKX9bJfEfaYMZQ+rdzLsFf59bOFZO3Sf+F5vg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 09 Nov 2022 01:04:23 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 8036 		67 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1636433049566&t_start=1636433049566&t_domcontent=1636433049575&t_layout=1636433049600&t_onload=1636433049600&t_paint=1636433049600&t_creport=1636433049600&t_tti=1636433049575&lid=7028426429075797925-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?action=recommend&app_id=1553685621590677&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ae8a9ab1b8148%26domain%3Ddownloads.dddwnld.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdownloads.dddwnld.com%252Ffed491da0c5ec8%26relation%3Dparent.parent&container_width=0&font=arial&href=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&layout=box_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
ucAaSNQmPGZObsEd7KwRn82lVyY/AJUpngVJajGv3SsifXenFqaLVwD/ppKwWs+jw1LUx3Kg05b4Dt0ZN4Zjmw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Nov 2021 04:44:10 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=195127958161454&bg=!5eal5qLNAAYH3anuB907ACkAdvg8WtYmBVHGFXX8rhiDCTUWk6kTLrb3NhDsy6PGbRb8Mrt0do3i6AIAAACZUgAAAAtoAQeZArUaZh7KI8UlO-5J8yd0QS7T81-jRFDlZQJ4AeOHn9Z2o5rXx8kSFC9q782Y38B-Njthr6Nc-YnLfAjkZ2SHiT51n8q0orAofnYWATarXjj_lTBUU8BIN37hwhfXx0PI7t2VgsEdlfnJDgoZF-9cLD1Jzeowxd1CZwfkr9UNowJ5iId5fMIgWPh6JwnzIf7oC5D8-w5UptjKlgEbHzkhKLsaZwrFxXcGrtTKNSB_fHnBXwpIfn5Mfl71CImAVeaNMx9-4pH-HzP2b2Bg5Ym2wiqq1LWZ6XLfXjeh5nDtMJS3iIJbmYXxnBVnohGZhpggBx5IrV_ZDl2nWpmFooaME_HBIYa6_lDZGrwg4HVJK2c-jDtuKOWdVJrSAK3sXoFrrlbLcUHwvrkK1x2t6zMRB9Zny55w_YERETUFmoYwhqJBBy6SK9g2jtN8PcrPBUri-u0sptPHvanRd4ezbMAHKJtwS1qd5nbTtF-J-AoOiSoBdfcX6Pgpi-FgcNBXoXJqKN3atVpJtwaKI4fwCqaggHZW8CO4HowC7n8porGNdGyI5CbjJ-gD8aF4Bk4f-JPSOc5SlxNgFXvK1KhDKNYwDO8Tgqub4giFR_WxRJpqF8jmYrV3cJM5ONVGtS3oIwpVysTxp83_63LshANOajJ1TJVPs7BCA7sF_RQURzSHjcLynoGe8C-1JGsvs1Vf0RIHP4VH9SmpaHWlkSNm79C8khzCeKhE9ARPmWaPZFygXW2fxgAroWtv-dpjsb-Vk0sMjRmsXK0mVYkckMPtbsob7PdaWuLnWDXGdw7T_GzfE7MJsnyOLNA9PxUqMtQcCXU9ZjDZOz1XzFF-p0gHEt6H2h_VLVXdk996vk1o56ealPBmZnVkg9Ey89r1muoDHkWJX4tyIvuKDIUei_q_0ZpRUEn2g8LKdBc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloads.dddwnld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 19C7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwbeAFGwegQXvmJynwtgtNnoPqy36_56GxJIyHdwgpXsm89YOAEfDaM5HZUClGvI1YSQFmrDEUo2-XsvaucQozX7zemhI_7PaA3cOL8DKc1tohGMAclg&sai=AMfl-YRmkcEUzjZLIbSWFxedWvLtz8ReWvlXGZvUfMUITPg7PRdQKBuEQTB3N4PYxBrEw3wAwMthu5_9aZhRCtp0XUpVeHRWXTCKh_JUP-R1tCyuWvNLqWwyIqMUSTK5V0cg&sig=Cg0ArKJSzP2T-Jqfjdp6EAE&cid=CAASFeRoJbBLU_tq1Mci9vmUSRjjdwFzLA&id=lidar2&mcvt=1001&p=808,699,1058,999&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1112250385&rs=4&la=0&cr=0&vs=4&r=v&rst=1636433048617&rpt=508&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 04:44:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| cookieconsent_options boolean| hasCookieConsent number| _popwnd function| _popwnd_open string| m3_u number| m3_r string| OX_0e95b6af object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| fbAsyncInit function| $ function| jQuery function| DP_jQuery_1636433047984 function| CheckCommentsForm function| CheckRegisterForm function| CheckResetPasswordForm function| CheckEditAccountForm function| testPassword function| writit function| copyToList function| allSelect function| showRedStar function| hideRedStar string| GoogleAnalyticsObject function| ga number| star_ctr object| FB object| google_tag_data object| gaplugins object| gaData object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| ampInaboxIframes object| ampInaboxPendingMessages function| update_cookieconsent_options object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
downloads.dddwnld.com/ Name: PHPSESSID
Value: b4de222qsfjsft5nd7t4ghvkk4
.google.com/ Name: NID
Value: 511=rjZCeBbcoSuxZtTUMqjyvE23HX1GjJDC5q0lOePwMBHkeS8nz_Hs172jQ0X6T32lR73OJbcNc7PTrVrzOJPNQTa9kz8wA9a5Vm8-0s3y5GFJBG0aVywurDf2PZVGCsgiuJmYgXAYJqMcpPsm9lxNzaGPcKJ2Z5VExYVI8tFEprI
.dddwnld.com/ Name: _ga
Value: GA1.2.330185528.1636433048
.dddwnld.com/ Name: _gid
Value: GA1.2.2011656702.1636433048
.dddwnld.com/ Name: _gat
Value: 1
.dddwnld.com/ Name: __gads
Value: ID=935db9c637924771-2207c49643cb008f:T=1636433048:S=ALNI_MYxGRyq3tg2kQetDNDFHj0O-tikew
.doubleclick.net/ Name: IDE
Value: AHWqTUlz_D9hjirqpn-uf8mYgJI7MxxUb2KNyYqu8_U0fGqhfGsuBZYs80PosKhtIQQ
.adnxs.com/ Name: uuid2
Value: 5155233107070498930
.casalemedia.com/ Name: CMID
Value: YYn8meMEx4wklpiw2Q4O1QAA
.casalemedia.com/ Name: CMPS
Value: 5203
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVPj.opH!]tbPl1M>e)ZlrFUfJ+tGXxo7c5aA!8jeWK8zmNt_E[D'><nR<ZslROgFvpj*bpRz*qF1`*b`Nj*<>i2
.casalemedia.com/ Name: CMPRO
Value: 1136
.casalemedia.com/ Name: CMST
Value: YYn8mWGJ-JkA
.casalemedia.com/ Name: CMRUM3
Value: 2d6189fc992760CAESEHK6mfmouyDnBCoqktedP_4

6 Console Messages

Source Level URL
Text
javascript warning URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1(Line 30)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1(Line 30)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://downloads.dddwnld.com/software/download.php?sid=470&ssid=0&did=1(Line 159)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://sro-ads.com/revive/www/delivery/ajs.php?zoneid=7&cb=46505893641&charset=UTF-8&loc=http%3A//downloads.dddwnld.com/software/download.php%3Fsid%3D470%26ssid%3D0%26did%3D1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fdownloads.dddwnld.com&url=http%3A%2F%2Fwww.dvdr-digest.com%2Fsoftware%2Fimgburn.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1636433048090&_gfid=I0_1636433048090&parent=http%3A%2F%2Fdownloads.dddwnld.com&pfname=&rpctoken=16305926
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
cdnjs.cloudflare.com
cdnstaticpr.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
d99a20c5d9f4613f5d6f100356d08509.safeframe.googlesyndication.com
downloads.dddwnld.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
sro-ads.com
ssl.gstatic.com
static1.ddigest.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
142.250.185.226
142.250.186.130
167.114.129.74
2.18.234.21
2606:4700::6810:135e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200d
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9c
2a02:26f0:6c00::210:ba1a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.252.173.215
50.28.15.212
99.83.154.118
022c14d205d91cec8e586712bbfa8737c4297c04f8370e7e4c4ba69f74846e66
04f9620880be46a074173bc1f2030d170da6ef6c68e1681931d2ea7aca28558e
0b7f5ea4eceeb69c8eed0adbc23773518eaa142d0f270e33420115bd7a2f24bb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf1ed9d53190b03ff752162b011d151e0d62daab5082b1b8e49d2468d1161bd
0e9430adfa5df6165665667575297ee87c17f543950ce4c48e639d81d82d42fe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
173d55e17ef07f9efdfff48a42190525c7b5506cfc9a9d673b1f165859ef1713
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1a6e869caa03d0558a68186d8ce1061be8204b68d8eb0914a34bb01ed9c695a6
204466757aec0c4780c38edf8f5b425261460ecf9b724764afddc6df35ab1e5e
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
224bd60cd17d04f4934310bb6b250427b114cfd0147c5f44d73baba4f0011ac9
23038a5dd556cd07ef12a4c8001651190ec5a4ab8eef2a49fd7c0e152870496f
2b75dd2eb96e7406df2f6bed70fe6acaf1dc145261874672e8fb17e4a7282b9b
2fa562bf432d553c99df7d12f371adb918a0d0a2f25eae2f22dab3ff63a1d06b
302636bc1fc742aededaf2f49999bbb02596a74ff937ca177b7227d96d033075
3253bfca736ff69b150da2979e65651321ed5f4c967e03ac0019d8710875c7df
38266dc53e8a82c085cef083aa040a6c727a1fe1eb0976c739385de6fc90d251
3b70fd03e42db21a2d576949c3a76e5da656fcc51d0d3692862511e49317baaf
3da703d1e438653f08362f5250c8cda28a3eb691ce928df5beb3dceb592bbc81
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
40cb5fd689132d69e94e88904cefcf6dea7e391c898786ebbe343be9147fa14a
4762952a936085c2f4d5bcc30f3a9b44b5c546a55d9e522316be8e8e45a5be1e
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf98c4823cf8e2c05ca557e65214f38ccbd00c85a70223bdcce5c2e9d185e5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5058957079b9551d373b438536529db8078ca7cd1a3c88c8dffa8b0abbf85634
50ea31c0452a869e41485170ab3ca8d90a7824b99860f4c707c97ed728598a3f
51cf3e9d0b8ef2b65763880bfaf08b46faa640b2fbaacdb3bd8adc7cc1ec6caf
5301a2cdddc807983089aa44a921e0578668be8e287f200c3ddcf03384de34e2
59073a0aafdbfcd4bab021c9b79ba6a46a99e6a98a5766658eaa0ad57ef79dbf
5c616be2cf06fd9b423705db1baf24bb8a9fd2b3f44cb3ef7f8437bf995cdcad
5d1fbf35951d99436c116e64f4d08c6a71334aededd5bd4cc83e7dc063c92b6b
689c37912c73c1b6a9c7e5f4509121b114f2a1be29078d64347008c4124be84d
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2c11a73e5b94f3ed685b710754b5708af6f97ef90ad22de3633caa9cdd478d
6e6a5944c8ec1741190eefab5d5ab3d7fc051cf886f522d56c026f63fecb070a
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
737a51b026544d71177fdff27fa902c44195d901a3d92456e414cf3d6c4d3ae6
8535d3fecc9c9038d62018118a37030e68b9294013c603de2476e48ee2b03aa7
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
8aafc6d676b5ebb3031b24dcc3d1b6a7f842dc38a1c4a4cf1c1fa1896a9bd0a0
8dde7602757c9a279565e9047031e52edd1072bb554e4a4bad005d74ca552a14
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8faaa77438bdeab74681cd9464a16d19ce4dfa1f85ab15d4e031eba43fe62bdc
96d1726908ab73a1c6ab88e8415f5b8061ea327fa0d46f075cd055f691250429
98ddfd73e6cb79f929941a1b708c682f3ba3f62fdccb4a40a3c55bf71cc1d036
9c4698ed4db79d47895e9eeac67c7f8030ba750804178d94caa838daa33bd4fc
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ea856bfa05c90ae6d1262465b50a2ac33f87cc996635f09bb8c8d94b3034cff
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ad0b4b022794192f02d6ae172b4477d1c69d2b8efa979df025b2d7fef16b74c6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afbe3661c49f881bb0520673edaee3965e9837a821b01d87ea4db0ac32f4fcd9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232689e7cc716c2d77afd47ca4440e27a7bbc57272e4e317b604fb30fae8bc0
b638a2df9cf06247903231a72e2798c8458e1053c7bbdc2293a4ed39106a269d
b8751a69d17a0ba6debef5dc09f35d3d9150703d9a7d0856ecf35563768dbc34
bd44f4c3c8eb45568336bb6476889cfec6000417d785e7ee4e75b83a8a28aa7c
bd89dc15c27aa3bf5f6ef3e4319928cb1bc2d7b2460fe076ad6c1958507c3dc8
c77c7281594f814be437f412346af94b7ecf872b75a62e76030b08f9a3a8df61
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
db15e43e55feafcd8c268087b75cdde2c26a8f68c6feb09a0bff6062f9534fde
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
e569324711cccb67c749aa61baf42a398dc20f2a94ef682d645a6b7d83366e1d
e7d0bb044af2e9dd8e233a56d9b5ab8c47f73fc8ddec1b0e6e93265263e2b344
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e8e54c17cee4ce2174d54ff47f09f3d6ac2ede9ef9e1105ca981aec9e0e355
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c