down.mdiaload.com Open in urlscan Pro
163.172.33.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://down.mdiaload.com/download2447363
Effective URL:
https://down.mdiaload.com/download4947993
Submission Tags: falconsandbox
Submission: On February 26 via api (February 26th 2023, 2:49:17 am UTC) from US — Scanned from FR

Summary HTTP 130 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 20 domains to perform 130 HTTP transactions. The main IP is 163.172.33.167, located in France and belongs to Online SAS, FR. The main domain is down.mdiaload.com. The Cisco Umbrella rank of the primary domain is 573833.
TLS certificate: Issued by GoGetSSL RSA DV CA on August 14th 2022. Valid for: a year.

This is the only time down.mdiaload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	163.172.33.167 163.172.33.167	12876 (Online SAS) (Online SAS)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
3	2606:4700::68... 2606:4700::6812:1bb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.129 149.56.240.129	16276 (OVH) (OVH)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.44.144 2.19.44.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.225.45.79 34.225.45.79	14618 (AMAZON-AES) (AMAZON-AES)
4	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	52.51.12.6 52.51.12.6	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
130	28

29 163.172.33.167 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 163-172-33-167.rev.poneytelecom.eu

down.mdiaload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1bb1 (United States)

ASN13335 (CLOUDFLARENET, US)

copyrightcontent.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.44.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.45.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-45-79.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.12.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-12-6.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	demand.supply live.demand.supply — Cisco Umbrella Rank: 34545 api.demand.supply — Cisco Umbrella Rank: 80266	50 KB
29	mdiaload.com 1 redirects down.mdiaload.com — Cisco Umbrella Rank: 573833	622 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	173 KB
9	googlesyndication.com c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	40 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476	53 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	4 KB
4	google.fr adservice.google.fr — Cisco Umbrella Rank: 31012	940 B
3	copyrightcontent.org copyrightcontent.org — Cisco Umbrella Rank: 470936	172 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 673	450 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 912 id5-sync.com — Cisco Umbrella Rank: 404	17 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	10 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2425	309 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 19547 s4.histats.com — Cisco Umbrella Rank: 16238	5 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 14113 c.statcounter.com — Cisco Umbrella Rank: 9185	15 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 995	404 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1140	17 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	76 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	44 KB
130	20

	Domain	Requested by
34	live.demand.supply	down.mdiaload.com live.demand.supply client
29	down.mdiaload.com	1 redirects down.mdiaload.com cdnjs.cloudflare.com
15	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	copyrightcontent.org securepubads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	down.mdiaload.com cdnjs.cloudflare.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.fr	securepubads.g.doubleclick.net
4	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	api.demand.supply	live.demand.supply
3	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
3	copyrightcontent.org	down.mdiaload.com client copyrightcontent.org
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	down.mdiaload.com
1	tags.crwdcntrl.net	down.mdiaload.com
1	secure.cdn.fastclick.net	down.mdiaload.com
1	fonts.gstatic.com	down.mdiaload.com
1	c.statcounter.com	www.statcounter.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	down.mdiaload.com
1	www.statcounter.com	down.mdiaload.com
1	www.googletagmanager.com	down.mdiaload.com
1	cdnjs.cloudflare.com	down.mdiaload.com
130	29

This site contains no links.

Subject Issuer	Validity	Valid
*.mdiaload.com GoGetSSL RSA DV CA	`2022-08-14` - `2023-09-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
histats.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://down.mdiaload.com/download4947993
Frame ID: 8DD289BCA57ED680127EE5B917828E45
Requests: 123 HTTP requests in this frame

Frame: https://c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B73A2C443619829BC197BE3994917DDE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2BAE55340AAF20670711C346A10A4B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E10666CC632B007CF4E32F35CAF491C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Téléchargement

Page URL History Show full URLs

https://down.mdiaload.com/download2447363 HTTP 302
https://down.mdiaload.com/download4947993 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

100 %
HTTPS

57 %
IPv6

20
Domains

29
Subdomains

28
IPs

6
Countries

1334 kB
Transfer

2616 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://down.mdiaload.com/download2447363 HTTP 302
https://down.mdiaload.com/download4947993 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request download4947993 Show response
down.mdiaload.com/
Redirect Chain

https://down.mdiaload.com/download2447363
https://down.mdiaload.com/download4947993

23 KB
23 KB

70ms
32ms

Document
text/html

163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 2a9d66071757a83f266a74ae068016fb7073b59f421c7efeb05d0f75746cf35a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Feb 2023 02:49:11 GMT
Expires: Sat, 25 Feb 2023 02:49:11 GMT
Server: Apache/2.2.15
Transfer-Encoding: chunked

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/plain; charset=UTF-8
Date: Sun, 26 Feb 2023 02:49:11 GMT
Location: https://down.mdiaload.com/download4947993
Server: Apache/2.2.15

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
down.mdiaload.com/ds1/js/ 90 KB
91 KB 117ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/jquery-1.9.1.min.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34bd-169d5-5b6fcc7282fff"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 92629
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK bootstrap.min.css
down.mdiaload.com/ds1/css/ 118 KB
119 KB 58ms
20ms Stylesheet
text/css 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/bootstrap.min.css?v=12
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34cf-1d975-5b6fcc7282fff"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 121205
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK ie10-viewport-bug-workaround.css
down.mdiaload.com/ds1/css/ 446 B
762 B 58ms
20ms Stylesheet
text/css 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/ie10-viewport-bug-workaround.css
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34d3-1be-5b6fcc7282fff"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 446
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK theme.css
down.mdiaload.com/ds1/css/ 49 KB
49 KB 58ms
20ms Stylesheet
text/css 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/theme.css
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 216749f1364d4b328bc67b01b652db2ebdb2fdffee63ff89eba405f53f3920a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34d5-c49c-5b6fcc72833e7"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 50332
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK styles.css
down.mdiaload.com/css/ 3 KB
3 KB 60ms
20ms Stylesheet
text/css 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/css/styles.css
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 0f2646bcf62d063abc28b2cda3cc1672e8541df4a207c46dda462a699bfa43de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34a2-bb1-5b6fcc7282c17"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 2993
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK ticker.css
down.mdiaload.com/css/ 2 KB
2 KB 60ms
21ms Stylesheet
text/css 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/css/ticker.css
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: f382e813be8c6ad80486f146702b1481931380946e6ec7214dfa64b8f9363033

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34a6-695-5b6fcc7282c17"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1685
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK font-awesome.min.css
down.mdiaload.com/css/ 30 KB
31 KB 72ms
20ms Stylesheet
text/css 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/css/font-awesome.min.css
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: b7490e604fd858905ef8292010d3ce65976b8bee3cbc3da30999b790fc62da0b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34a3-7916-5b6fcc7282c17"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 30998
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H2 200 less.min.js Show response
cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/ 164 KB
44 KB 66ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js

Requested by

Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fddefee30e9add90d386691b53ad927687454aea7272dbd424dfecdc1cebfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8625212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44083
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-28f84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaeFQ%2Fa%2B%2FWpYSp7fUXkUmRDD5FNP%2BDpRxiwqJsu%2FprplV3JMZ69YuMxAO%2FiXswKt%2FGmEOuqI3VXEfNEcuaDRqBSilVLLEMQCQ8hDfa8obXSdM%2F5M9P135kbRvv21G1%2B%2FFuI%2BD5ArmUS4RerT8ojzZCvB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79f55db5ad452143-CDG
expires: Fri, 16 Feb 2024 02:49:11 GMT

GET
H/1.1 200
OK ticker.js Show response
down.mdiaload.com/js/ 4 KB
4 KB 117ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/js/ticker.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: c786317f3ce40a59075ef4565d91c109416258e9e1e860e09e698983ef7beebc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a35f9-e88-5b6fcc7285edf"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 3720
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK jquery.paging.js Show response
down.mdiaload.com/ds1/js/ 19 KB
19 KB 118ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/jquery.paging.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34b6-4ba5-5b6fcc7282c17"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 19365
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK jquery.cookie.js Show response
down.mdiaload.com/ds1/js/ 2 KB
2 KB 148ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/jquery.cookie.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34ba-709-5b6fcc7282c17"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1801
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK paging.js Show response
down.mdiaload.com/ds1/js/ 2 KB
2 KB 152ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/paging.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 1f3c741cc2a0975148b5daf3086fdcf62f5b59debe152ca1b73145c55dd011a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34b1-72c-5b6fcc7282c17"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1836
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK share.js Show response
down.mdiaload.com/js/ 354 B
677 B 170ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/js/share.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 37ddc3df628de7dbb35e49b0eef020d9fe1613acbbfc77418bb7e69566395aa5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a3604-162-5b6fcc72862c7"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 354
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 162ms
62ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900

Requested by

Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19012142d3d038fe81fb35b42175aff2359a1d60f3fff59ccd64a9716c86eef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 01:39:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 02:49:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 109ms
45ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TK2KX2E65Q

Requested by

Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70d0be5326c09006ec7d46aa2850376a4a3524c07851e05120bfe34f41e73b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77891
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Feb 2023 02:49:11 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 43 KB
14 KB 92ms
30ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 15:52:02 GMT
server: cloudflare
age: 29150
etag: W/"63f8dd22-aa70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 79f55db6ffb3f130-CDG
expires: Sun, 26 Feb 2023 06:43:20 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 10 KB
5 KB 372ms
321ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cada881d954e6a8a50ec48fc4fa9e505baec1086cdadef2fad0ffbf14f11000d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GSTTFB8V9HCAZ7CFKR79SYK4
date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 501
cf-polished: origSize=9853
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"fcbb32fef65aa44a7a52fc265ae60d87-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 79f55db5b95299b1-CDG
link: <https://live.demand.supply/impl.v16.5.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/ZG93bi5tZGlhbG9hZC5jb20v>; rel=preload; as=script
timing-allow-origin: *

GET
H/1.1 200
OK logo.png
down.mdiaload.com/ds1/img/ 33 KB
33 KB 60ms
21ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/ds1/img/logo.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 240b0767745e76f8c6105f4205b5a454d36bab47536608867cff75403bcf7c0c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Sun, 27 Dec 2020 18:45:39 GMT
Server: Apache/2.2.15
ETag: "a15a6-8480-5b776905435c4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 33920
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK tools1.png
down.mdiaload.com/images/ 19 KB
19 KB 58ms
20ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/images/tools1.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a358a-4aae-5b6fcc7285327"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 19118
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK tools2.png
down.mdiaload.com/images/ 641 B
958 B 59ms
20ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/images/tools2.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a3540-281-5b6fcc7284b57"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 641
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK icon_no_g.png
down.mdiaload.com/images/ 1 KB
2 KB 59ms
21ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/images/icon_no_g.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 0a4d1fb78420332147b4bae4592ce9d65aa38f2c0e5de5b8d089028e1599d33c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a355b-4d8-5b6fcc7284f3f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1240
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK icon_yes_g.png
down.mdiaload.com/images/ 1 KB
1 KB 59ms
21ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/images/icon_yes_g.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 816be92d18a72a17107eb09979eafaffb4bfdf5e153dfebf7d02ed34a881c60f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a3554-463-5b6fcc7284f3f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1123
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK icon_no_w.png
down.mdiaload.com/images/ 1 KB
1 KB 59ms
21ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/images/icon_no_w.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 97803f020d873288a2062aa9523b7fadfe40ada657480ce6f959e4ad21b9965d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a353b-477-5b6fcc7284b57"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1143
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK icon_yes_w.png
down.mdiaload.com/images/ 1 KB
1 KB 59ms
20ms Image
image/png 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down.mdiaload.com/images/icon_yes_w.png
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 96691a470ea69f5f2b421a066045f0ae990867b0837d15666b304cdf68182f0d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a35da-444-5b6fcc728570f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1092
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
down.mdiaload.com/ds1/js/ 36 KB
37 KB 77ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/bootstrap.min.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34b8-90bb-5b6fcc7282c17"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 37051
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK clipboard.min.js Show response
down.mdiaload.com/ds1/js/ 10 KB
11 KB 58ms
20ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/clipboard.min.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34c2-29a5-5b6fcc7282fff"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 10661
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK feather.min.js Show response
down.mdiaload.com/ds1/js/ 64 KB
64 KB 59ms
21ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/feather.min.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: 34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34c5-ff31-5b6fcc7282fff"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 65329
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK main.js Show response
down.mdiaload.com/ds1/js/ 820 B
1 KB 60ms
21ms Script
text/javascript 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/js/main.js?v=3
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/download4947993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34b7-334-5b6fcc7282c17"
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 820
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H/1.1 200
OK hsn_style.less Show response
down.mdiaload.com/ds1/css/ 26 KB
26 KB 40ms
20ms XHR
text/plain 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/hsn_style.less
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: b58b4b94546b139a50231d1195b8fc2d6b4b1caee6f223767de3e7c779ffe767

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/download4947993
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34d2-664e-5b6fcc7282fff"
Content-Type: text/plain; charset=utf-8
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 26190
Expires: Tue, 28 Mar 2023 02:49:11 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 82ms
17ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:39:39 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 258016772

GET
H2 200 ub.js Show response
copyrightcontent.org/unblocker/ub/ 442 KB
169 KB 360ms
208ms Script
text/plain 2606:4700::6812:1bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://copyrightcontent.org/unblocker/ub/ub.js?ai=5f96c19b62cebc2fe6804a1c&pp=aHR0cHM6Ly9kb3duLm1kaWFsb2FkLmNvbS9kb3dubG9hZDQ5NDc5OTM=&unblockerPaymentToken=
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1385713a2f10e043a4d739acec20d707f5a346b508a98cb662988b48a400913f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 79f55db79c873cd4-CDG
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H3 200 css Show response
fonts.googleapis.com/ 8 KB
629 B 145ms
64ms XHR
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16340e3752e5178f7ce8c6042efe2a071cb3e308dbe36ae99f4bfc5a8725f60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 02:46:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 02:49:11 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 435ms
95ms Script
text/html 149.56.240.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4286545&@f16&@g1&@h1&@i1&@j1677379751544&@k0&@l1&@mT%C3%A9l%C3%A9chargement&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-105764232&@b3:1677379752&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534297.ip-149-56-240.net
Software: /
Resource Hash: 37cdaf355920b149b2f31e56cc8128982762d56e5cb3e36e07e8ba73e3637a33

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:11 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
570 B 173ms
150ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12449982&u1=AA84764BA5F44FCCE279ADAB149515DE&java=1&security=55bff4ac&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//down.mdiaload.com/download4947993&t=T%C3%A9l%C3%A9chargement&invisible=1&sc_rum_e_s=539&sc_rum_e_e=545&sc_rum_f_s=0&sc_rum_f_e=521&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://down.mdiaload.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 79f55db78ffaf130-CDG
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 94ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TK2KX2E65Q&gtm=45je32m0&_p=1546133787&cid=1211910305.1677379752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677379751&sct=1&seg=0&dl=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&dt=T%C3%A9l%C3%A9chargement&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TK2KX2E65Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 02:49:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v16.5.0.js Show response
live.demand.supply/ 73 KB
23 KB 30ms
29ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.5.0.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bd376cf54a9fc49dab79cb65210386282cdf45a9100666e2914748d51472f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GSTTF7TCPWH61KA4YMCJKNQT
date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 368584
cf-polished: origSize=74953
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"06747e1b2b2d2a8f0204a78806842584-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 79f55db7da3399b1-CDG

GET
H2 200 ZG93bi5tZGlhbG9hZC5jb20v Show response
live.demand.supply/p4/v16-2-0/ 937 B
587 B 300ms
299ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/ZG93bi5tZGlhbG9hZC5jb20v
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea55ed7a4adeeeeb7abfb09295fef24269384997a0fb705379683db9eedc811f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 79f55db7da3599b1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 59ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=373&cs=c&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:11 GMT
cf-cache-status: HIT
age: 650525
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55db7fc6d2a5c-CDG

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 344ms
108ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d4c629484b1e3e138c9f0fbcb670bf03c9a9f9adc8ceec4fd1944cb9bcad54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26563
x-xss-protection: 0
server: sffe
etag: "1494 / 747 of 1000 / last-modified: 1677280057"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Feb 2023 02:49:11 GMT

GET
H2 200 ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz Show response
live.demand.supply/p4/v16-2-0/ 1 KB
671 B 383ms
381ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889f87dee2dc6f315be0cea3a57ceed40155c162c9a56d0594e5d1c46fff2eaa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 79f55db7da3899b1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
641 B 51ms
28ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GPRBX8CBQW4T82MKVW9FX3GY
date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1141659
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 79f55db80c6e2a5c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 262ms
27ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:16:57 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 20:02:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1935
etag: W/"0d9f2b192f61b596888847da998647d3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: miZ2ajCBwfGzrSv29kEIi7VYIRUyQ0CyVtlTl8u2r53PLsV8W_3ICw==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 159ms
136ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GT5G9ZM5CWEYEP27VK8SGG1T
date: Sun, 26 Feb 2023 02:49:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"f33b49c0534006dc009fa45fb7fee1ee-ssl-df"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 79f55db80c6f2a5c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 197ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down.mdiaload.com/
Origin: https://down.mdiaload.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 13:48:40 GMT
x-content-type-options: nosniff
age: 133231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 13:48:40 GMT

GET
H3 200 mdiaload.com_fluid_lb+sq_l:s Show response
live.demand.supply/cp/ 29 B
390 B 146ms
146ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mdiaload.com_fluid_lb+sq_l:s?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2b30e09f0b2a3880e63609de6aa9872be9727aa8da07d0a18b98135e55c47b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 79f55db87caa2a5c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 mdiaload.com_fluid_lb+sq_l:s Show response
live.demand.supply/cp/ 29 B
391 B 148ms
148ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mdiaload.com_fluid_lb+sq_l:s?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2b30e09f0b2a3880e63609de6aa9872be9727aa8da07d0a18b98135e55c47b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 79f55db87cac2a5c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 mdiaload.com_fluid_lb+sq_l:s Show response
live.demand.supply/cp/ 29 B
392 B 146ms
146ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mdiaload.com_fluid_lb+sq_l:s?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2b30e09f0b2a3880e63609de6aa9872be9727aa8da07d0a18b98135e55c47b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 79f55db87cad2a5c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
501 B 25ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GPMJBFKX9TZAN602YKQPVVQH
date: Sun, 26 Feb 2023 02:49:11 GMT
cf-cache-status: HIT
age: 1904116
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55db87cae2a5c-CDG

GET
H2 200 ub.css
copyrightcontent.org/unblocker/ub/ 20 KB
4 KB 178ms
178ms Stylesheet
text/css 2606:4700::6812:1bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://copyrightcontent.org/unblocker/ub/ub.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7bb4b851037180e6fa1c96e0339ffac7e0d4af83090f87c34185b35035f504c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 79f55db93d2c3cd4-CDG
vary: Accept-Encoding
content-type: text/css

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 28ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&pdc=1.0412708282470704&ucv=null&e=tcp&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:11 GMT
cf-cache-status: HIT
age: 650525
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55db9ad212a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&pdc=1.0412708282470704&ucv=null&e=tcp&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:11 GMT
cf-cache-status: HIT
age: 650525
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55db9ad232a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&pdc=1.0412708282470704&ucv=null&e=tcp&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:11 GMT
cf-cache-status: HIT
age: 650525
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55db9bd242a5c-CDG

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 31ms
30ms XHR
application/json 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdown.mdiaload.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1bcf654e12405ab5e0683d20293052957fc8118ce5d89e1b393e8d41c018ff75

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:31:26 GMT
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 1065
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1527
x-amz-cf-id: NOWSIFk_UbMgvJt5yPAN4hXUlU99oUvwuYxSZgBpM34kxpJZ_QyyyQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 74ms
26ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Sun, 26 Feb 2023 00:02:00 GMT
x-amz-cf-pop: FRA56-P6
age: 10033
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 949xhIertHVicphU6AelDkqPwUtr4Gzmdq1niW9s0NMZ2P8DEqc4Cw==

GET
H2 200 mdiaload.com_fluid_lb+sq_l:s Show response
api.demand.supply/v16-2-0/a/ 306 B
690 B 210ms
136ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/mdiaload.com_fluid_lb+sq_l:s?&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1012fb944c3af08c945c70b2f47a397b7bcada3eb951328c23218734bf34410c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"132-OC9MUGXhemvmyyVBkjUM9levTUM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 79f55dba6d072a38-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mdiaload.com_fluid_lb+sq_l:s Show response
api.demand.supply/v16-2-0/a/ 306 B
467 B 211ms
137ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/mdiaload.com_fluid_lb+sq_l:s?&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1012fb944c3af08c945c70b2f47a397b7bcada3eb951328c23218734bf34410c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"132-OC9MUGXhemvmyyVBkjUM9levTUM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 79f55dba7d082a38-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mdiaload.com_fluid_lb+sq_l:s Show response
api.demand.supply/v16-2-0/a/ 306 B
469 B 212ms
138ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/mdiaload.com_fluid_lb+sq_l:s?&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1012fb944c3af08c945c70b2f47a397b7bcada3eb951328c23218734bf34410c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
etag: W/"132-OC9MUGXhemvmyyVBkjUM9levTUM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 79f55dba7d092a38-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 82ms
24ms Script
application/javascript 2.19.44.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.44.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-44-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 26 Feb 2023 03:04:12 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 98ms
26ms Script
text/javascript 18.66.97.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 15:20:11 GMT
content-encoding: gzip
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 41342
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: OlqsFLY7yNKUarJCa9IB-lcJxAcNyEi-54VGejnVUtqrSFdA5qsglA==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 85ms
26ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: down.mdiaload.com
URL: https://down.mdiaload.com/download4947993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: GTDK5RW63JB3DVC6
age: 2388
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79f55dba6bd6d6c6-CDG
x-amz-id-2: svoLF4doVvJ+6P2r0OMEkwz+Uw2uucbuRwy27tCEtooO1DJ0iZOxaOj8rkWwf6nIeoK4eniP8tw=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
450 B 94ms
94ms XHR
text/plain 34.225.45.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-45-79.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 26 Feb 2023 02:49:12 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 319ms
93ms Preflight 34.225.45.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-45-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://down.mdiaload.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 26 Feb 2023 02:49:12 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 pubads_impl_2023022102.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
129 KB 41ms
41ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 22:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132325
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:18:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Feb 2024 22:56:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 184 B
150 B 143ms
62ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f99b0d134ccb997141d1b8b50f7f5e6fc5ef35683104a552f9da64918c4e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125
x-xss-protection: 0
expires: Sun, 26 Feb 2023 02:49:12 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
465 B 187ms
56ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&pid=fHDLRMC4dWPal&cb=0&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22mdiaload.com_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: JH6PADGPWCVZSVAX1CW1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: p2M5B8fbK-eKQOIPp5N6vb0AdoDMzfmPBWLuUZKdxDjq1NY-frKOOQ==

GET
H3 200 mdiaload.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 21 B
382 B 145ms
145ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/mdiaload.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 79f55dba6d712a5c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 113ms
24ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

92b4733fd350ef635f944c6faa3734c82cda0e2db8599eae3041d0c1a55b43a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://down.mdiaload.com
date: Sun, 26 Feb 2023 02:49:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 142ms
31ms XHR
application/json 52.51.12.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.12.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-12-6.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 91b00b5dd7f4e508d3c8d0d1934b69e7bfa30c04db8cb3e08b61e14d3ed227ea

Request headers

Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 02:49:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache
x-server: 10.45.3.168
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 181ms
62ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 179ms
61ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
852 B 261ms
261ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=2787386041172726&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2C91caf237-4806-44c4-8f96-c356154cbab2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=708473052&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D21&eri=1&cust_params=amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1677379752239&lmt=1677379752&dlt=1677379751255&idt=939&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af79cf8f2e10eacf52810f5a075343a3eedbaddfbbbc764d16a19d7c6ec6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 822
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B73A 6 KB
3 KB 538ms
34ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down.mdiaload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 02:49:12 GMT
expires: Mon, 26 Feb 2024 02:49:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023022102.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023022102.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8557d05e80e77b3aeecc01f3ab65a9c15aedffd9eeca0aa79431ba95560683fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 22:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13787
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:18:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Feb 2024 22:59:46 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
502 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=mdiaload.com_fluid_lb%2Bsq_l%3As&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GPMJBFKX9TZAN602YKQPVVQH
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 1904117
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbb9e022a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
499 B 100ms
100ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=mdiaload.com_fluid_lb%2Bsq_l%3As&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GPMJBFKX9TZAN602YKQPVVQH
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 1904117
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbb9e042a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
500 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=mdiaload.com_fluid_lb%2Bsq_l%3As&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GPMJBFKX9TZAN602YKQPVVQH
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 1904117
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbb9e052a5c-CDG

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 33ms
32ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNVRAWWEVV0FNCNA1W6NSR50
date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1187707
etag: W/"1d4502a12de3cc5a1f0e398c3e53f4ab-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 79f55dbba8e4d55c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
497 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=mdiaload.com_auto_728x90_sticky_display_bottom&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GPMJBFKX9TZAN602YKQPVVQH
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 1904117
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbbae072a5c-CDG

POST
H/1.1 200 1113.json Show response
id5-sync.com/g/v2/ 216 B
627 B 101ms
24ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1113.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a6b7f3663f33655b0091ae4077fcc444693c05a3bb3d2c00bd25abd8644c43f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://down.mdiaload.com
date: Sun, 26 Feb 2023 02:49:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 661 B
381 B 329ms
328ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=2841426135402000&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Ccc3c09eb-e6cc-46f9-86bf-d068263aef28&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=334587840&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26rfi%3D30%26stt%3Dbhs%26bsc%3D21&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677379752271&lmt=1677379752&dlt=1677379751255&idt=939&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58d089f7163975e2d2fab1378198d924fe2fbd70c47fd4238a8b36d270d3f9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 351
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 123ms
60ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: copyrightcontent.org
URL: https://copyrightcontent.org/unblocker/ub/ub.js?ai=5f96c19b62cebc2fe6804a1c&pp=aHR0cHM6Ly9kb3duLm1kaWFsb2FkLmNvbS9kb3dubG9hZDQ5NDc5OTM=&unblockerPaymentToken=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49362
x-xss-protection: 0
server: cafe
etag: 1450322433857786988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 02:49:12 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 61ms
61ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&pid=fHDLRMC4dWPal&cb=1&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22mdiaload.com_fluid_lb%2Bsq_l%3As%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 97KCHMWVDY6EJ7Q4K5TQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XmJevToB1-Ol23S5Wn3WXb8OZbo_DrbYGt5Y1Sqs56PeOdZcIGIMsQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
462 B 60ms
59ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&pid=fHDLRMC4dWPal&cb=2&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22mdiaload.com_fluid_lb%2Bsq_l%3As%22%2C%22s%22%3A%5B%22320x100%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 3X89GXT4SQFYECKZ0172
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: x66j8gdUPl37fsnrLB7-la311J6SQToVsBmkTcD6Ml666OFCMsXYcw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 58ms
57ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&pid=fHDLRMC4dWPal&cb=3&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22mdiaload.com_fluid_lb%2Bsq_l%3As%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 7RDAS38ZNB5GMYDGTZSZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: wippO8I45I8O3be58Jr2etD0MvAUhf4RdADP22vEm0OhqcCdG0NyLw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 661 B
383 B 311ms
311ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=4009659552803228&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Caf7cf413-5580-4994-9dc9-49c747c42d61&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=4065504548&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677379752360&lmt=1677379752&dlt=1677379751255&idt=939&adxs=288&adys=339&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1381b9f24868cf54f19427f6bc27abd4036b0b37e23b5758a692f11a0b2ebcf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 661 B
383 B 352ms
351ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=1396134621488821&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Caf7cf413-5580-4994-9dc9-49c747c42d61&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=3264018251&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677379752369&lmt=1677379752&dlt=1677379751255&idt=939&adxs=288&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966fb4e45cb1de58592e16a3d20d5ba59f639e5a8df31293c47be33aa2ce6848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 661 B
379 B 350ms
350ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=1206979513583975&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Caf7cf413-5580-4994-9dc9-49c747c42d61&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=330x280&ifi=5&adks=3176814024&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677379752377&lmt=1677379752&dlt=1677379751255&idt=939&adxs=632&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc8b0d11cc80049b6ef828c8bdd6dce1eca01d9c13216f194f7234bc0694571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js
copyrightcontent.org/e/ 0
0 76ms
34ms Fetch
application/javascript 2606:4700::6812:1bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://copyrightcontent.org/e/e.js?s=0&e=ub&dr=mdiaload.com&ai=5f96c19b62cebc2fe6804a1c&d=desktop&c=FR
Requested by: Host: copyrightcontent.org
URL: https://copyrightcontent.org/unblocker/ub/ub.js?ai=5f96c19b62cebc2fe6804a1c&pp=aHR0cHM6Ly9kb3duLm1kaWFsb2FkLmNvbS9kb3dubG9hZDQ5NDc5OTM=&unblockerPaymentToken=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GSTRZWHVPTVSS7EKRDGFXCW9
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
server: cloudflare
age: 370139
etag: "fb4a0f28f99ffaae5412a46ed8f0c52d-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbcdb47d2a3-CDG
content-length: 2

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_auto_interstitial_desktop&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 650526
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbd3ebe2a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_auto_728x90_sticky_display_bottom&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 650526
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbddefd2a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 650526
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbe4f2a2a5c-CDG

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 72ms
70ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 73ms
72ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
240 B 706ms
706ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=1278538643061653&eid=44714449&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Ce70f2dfd-6cd0-4761-8311-8b6451448068&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=6&adks=1013458917&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie=ID%3D0e982125b24c2e8a%3AT%3D1677379752%3AS%3DALNI_Mbx2AaqBrhE_HclgzNNUPyEyFjSHw&gpic=UID%3D00000bbc230c0143%3AT%3D1677379752%3ART%3D1677379752%3AS%3DALNI_MYQYZz4kCvbl0LxBxblMhwvRCGlgQ&abxe=1&dt=1677379752680&lmt=1677379752&dlt=1677379751255&idt=939&adxs=288&adys=339&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2906522e06ab1d40d33d2ac1d8b4518e8e209d735bd7d30b18cf94e5afcf4ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 650526
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbe9f472a5c-CDG

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
240 B 306ms
305ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=3057123124579088&eid=44714449&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Ce70f2dfd-6cd0-4761-8311-8b6451448068&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=7&adks=1630422873&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie=ID%3D58a00d41e3913b4d%3AT%3D1677379752%3AS%3DALNI_MaRR_p7aPHntFpa_dkc0SvPdS7pFA&gpic=UID%3D00000bbc2340b6c2%3AT%3D1677379752%3ART%3D1677379752%3AS%3DALNI_MalNn_YLyJEgCdVelTLFnKozoSuvA&abxe=1&dt=1677379752729&lmt=1677379752&dlt=1677379751255&idt=939&adxs=288&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84145710ca0b6453821dc8da133f59005dc7a1d2d6eefd1bac04e33f8d104743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
502 B 30ms
29ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:12 GMT
cf-cache-status: HIT
age: 650526
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dbebf552a5c-CDG

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
240 B 295ms
293ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=2077335211019767&eid=44714449&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Ce70f2dfd-6cd0-4761-8311-8b6451448068&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=330x280&ifi=8&adks=2246994096&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie=ID%3D85157aa8ba8c17ad%3AT%3D1677379752%3AS%3DALNI_ManhM8GMEYi-jZu0b2Nvlav8g56LA&gpic=UID%3D00000bbc2359bb36%3AT%3D1677379752%3ART%3D1677379752%3AS%3DALNI_MbX3OAz-qBV3AdpWfQs2qIi3qv5hg&abxe=1&dt=1677379752754&lmt=1677379752&dlt=1677379751255&idt=939&adxs=632&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91a980cca45d4da411508fea599c03da84aff266326b13e53b9c81ee43df8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 40ms
39ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9af2322826684cc1aebc493fac627ca486f212f21f3f0a29a94a1e162216d31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11318
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 232ms
129ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 02:49:13 GMT

GET
H/1.1 200
OK hsn_style.less Show response
down.mdiaload.com/ds1/css/ 26 KB
26 KB 58ms
19ms XHR
text/plain 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/hsn_style.less
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: b58b4b94546b139a50231d1195b8fc2d6b4b1caee6f223767de3e7c779ffe767

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/download4947993
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:12 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34d2-664e-5b6fcc7282fff"
Content-Type: text/plain; charset=utf-8
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 26190
Expires: Tue, 28 Mar 2023 02:49:12 GMT

GET
H3 200 css Show response
fonts.googleapis.com/ 8 KB
629 B 63ms
62ms XHR
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16340e3752e5178f7ce8c6042efe2a071cb3e308dbe36ae99f4bfc5a8725f60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 02:41:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 02:49:13 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc098592a5c-CDG

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 67ms
66ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
66ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
233 B 267ms
267ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=1845703769693199&eid=44714449&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Cbf050180-8095-466a-8b78-21e13783de43&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=9&adks=620476777&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie=ID%3D85157aa8ba8c17ad%3AT%3D1677379752%3AS%3DALNI_ManhM8GMEYi-jZu0b2Nvlav8g56LA&gpic=UID%3D00000bbc2359bb36%3AT%3D1677379752%3ART%3D1677379752%3AS%3DALNI_MbX3OAz-qBV3AdpWfQs2qIi3qv5hg&abxe=1&dt=1677379753050&lmt=1677379753&dlt=1677379751255&idt=939&adxs=288&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631b4804dac10aaed327216a7e25d5a0e6643436317516db944ba737c01859a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc098602a5c-CDG

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
236 B 281ms
281ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=67292403156264&eid=44714449&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Cbf050180-8095-466a-8b78-21e13783de43&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=330x280&ifi=10&adks=2942628982&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie=ID%3D85157aa8ba8c17ad%3AT%3D1677379752%3AS%3DALNI_ManhM8GMEYi-jZu0b2Nvlav8g56LA&gpic=UID%3D00000bbc2359bb36%3AT%3D1677379752%3ART%3D1677379752%3AS%3DALNI_MbX3OAz-qBV3AdpWfQs2qIi3qv5hg&abxe=1&dt=1677379753058&lmt=1677379753&dlt=1677379751255&idt=939&adxs=632&adys=591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d484ee3dea74b1eb7d438e4d2dbde0df8e9c20810ad98b578acd9fa6c62105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2BA 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down.mdiaload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 141626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:47 GMT
expires: Sat, 24 Feb 2024 11:28:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0E10 783 B
1 KB 269ms
169ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e7a630f6d99d62e488e5240c05f734b5bf4e573c2129532b322cb6be1717c26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WLyFcqwwjO4a_K6yyLbXDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://down.mdiaload.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-WLyFcqwwjO4a_K6yyLbXDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 02:49:13 GMT
expires: Sun, 26 Feb 2023 02:49:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame A2BA 36 KB
14 KB 79ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 21:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Feb 2024 21:44:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2BA 0
10 B 39ms
38ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Sgi-Xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 30ms
29ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc249152a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&pn=1&sn=3&pc=1.0412708282470704&ds=false&bv=0&e=wdp&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc249172a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 24ms
24ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc2692e2a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&pn=1&sn=3&pc=1.0412708282470704&ds=false&bv=0&e=wdp&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc2692f2a5c-CDG

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E10 0
0 60ms
60ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022102&jk=2786460518624776&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:13 GMT
cf-cache-status: HIT
age: 650527
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc2b9502a5c-CDG

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 61ms
61ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
62ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=down.mdiaload.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
234 B 596ms
596ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2786460518624776&correlator=3638995002606122&eid=44714449&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=44890869%3A22675996902%2Cca-pub-3831894559014614-tag%2Cbf050180-8095-466a-8b78-21e13783de43&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=11&adks=3648696863&sfv=1-0-40&prev_scp=ti%3Da5197ea4-18b0-4aee-811a-260d86955827%26pof%3D1%26bsc%3D21&eri=1&sc=1&cookie=ID%3D85157aa8ba8c17ad%3AT%3D1677379752%3AS%3DALNI_ManhM8GMEYi-jZu0b2Nvlav8g56LA&gpic=UID%3D00000bbc2359bb36%3AT%3D1677379752%3ART%3D1677379752%3AS%3DALNI_MbX3OAz-qBV3AdpWfQs2qIi3qv5hg&abxe=1&dt=1677379753397&lmt=1677379753&dlt=1677379751255&idt=939&adxs=288&adys=339&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1211910305.1677379752&ga_sid=1677379752&ga_hid=1546133787&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db5075ed6f8518f86e014f4e0d246bcb283598e0c001a2414bf1e245946d038f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 02:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022102&jk=2786460518624776&bg=!paalpvLNAAZYlHKzeJQ7ADkAdvg8Wtd9p5LvmD-7hVyrzKkmaVX-LYmPIpFV0fnpltsh32cNSOYB4tLNxcI-NwYO711nwe7BwhECAAAAWFIAAAADaAEHmQKj-9uzwdK41WKFG18jnjSc8-An1VXQprnUBhSb41Mjw9ABjwiF0VeRzHy21rvV2Q3pj-bYVhZwsjQNfRcpB-GbIE_vDQ_xyJKWRI_k516-vbEcUXSfD-Y-Sg0oiJBledLhly9TYAce_-MLbKJssbMzRto5n0HtMtFPUe6qh38pBPaeXK9KucVYiUdVMSLl-1Fv_irgouT0_29wkExTwMvSPKt4B7mSDdv3dsfaX6iJ7LGegP3XL6h9QHhugIgEPX-xD1mWOtld76ZFssqMrk7GDXeHYaPr6vnBY6JtLtr25MkcDCnkZg5XLsBsG4hoBw9eZmVJEobM_-LhwKCjcFVvOG-Kkq14e6s3IeEiyRqogWza8sptIlS4mQxgLg5j6lwKIp3y17SSMyCdxGrE-ZAqBvKJ6-njdBBgWuC6GV45iNMx87hKwwfb6H0gHa4lUr-pNAToTNrTSwSivhk4wEykgOVcz6Y_Z9_vwTphMFmQ70OmD5iXgwSszvyzyP4gIWFkxSF0vXRs3gCuvqT1ThHYTdJIuK3UwM5xdUwBwuKg167vdL-6oByBi8Dct5n0UumTdkflmAniku3YBgG66zdyI_rq4SGHtZJ66EeUZp6O2gNQHqlrA7Byh6-QjMSXx6IqdTLXsCoANSwm4OGHarzXFHz_7nEMS7oKKseXA-L0F4c2aeRE4PK-azel2Pya9lCz3WYRIMQDaRKAAeajKmgLQj_JMwR4GSJR-lFY6nB0FLWqwZGJ3V79O3HVYXMkrEI8jLzV_H1usRJEFfbRMTXQeLnNKLcAVs4whbeSgt94j85rbKhG77Fc3UME5IkW8jBI5h49FCyDosX_WchFJLXWcy29irjX38hPklAuVj9xzDNnhdHfK5EeLr0gSNFGlHySpWdZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&e=nai&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:14 GMT
cf-cache-status: HIT
age: 650528
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc68b0f2a5c-CDG

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=mdiaload.com_fluid_lb%2Bsq_l%3As&pn=1&sn=3&pc=1.0412708282470704&ds=false&bv=0&e=wdp&dsReferer=ZG93bi5tZGlhbG9hZC5jb20vZG93bmxvYWQ0OTQ3OTkz
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id: 01GNQ736XK39GHSEYKDZR9GFKP
date: Sun, 26 Feb 2023 02:49:14 GMT
cf-cache-status: HIT
age: 650528
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 79f55dc68b112a5c-CDG

GET
H/1.1 200
OK hsn_style.less Show response
down.mdiaload.com/ds1/css/ 26 KB
26 KB 59ms
20ms XHR
text/plain 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/hsn_style.less
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: b58b4b94546b139a50231d1195b8fc2d6b4b1caee6f223767de3e7c779ffe767

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/download4947993
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:14 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34d2-664e-5b6fcc7282fff"
Content-Type: text/plain; charset=utf-8
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 26190
Expires: Tue, 28 Mar 2023 02:49:14 GMT

GET
H3 200 css Show response
fonts.googleapis.com/ 8 KB
629 B 62ms
62ms XHR
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16340e3752e5178f7ce8c6042efe2a071cb3e308dbe36ae99f4bfc5a8725f60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 02:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 02:45:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 02:49:14 GMT

GET
H/1.1 200
OK hsn_style.less Show response
down.mdiaload.com/ds1/css/ 26 KB
26 KB 59ms
20ms XHR
text/plain 163.172.33.167
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://down.mdiaload.com/ds1/css/hsn_style.less
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.172.33.167 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-33-167.rev.poneytelecom.eu
Software: Apache/2.2.15 /
Resource Hash: b58b4b94546b139a50231d1195b8fc2d6b4b1caee6f223767de3e7c779ffe767

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/download4947993
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 02:49:15 GMT
Last-Modified: Mon, 21 Dec 2020 17:27:52 GMT
Server: Apache/2.2.15
ETag: "a34d2-664e-5b6fcc7282fff"
Content-Type: text/plain; charset=utf-8
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 26190
Expires: Tue, 28 Mar 2023 02:49:15 GMT

GET
H3 200 css Show response
fonts.googleapis.com/ 8 KB
629 B 63ms
63ms XHR
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/3.9.0/less.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16340e3752e5178f7ce8c6042efe2a071cb3e308dbe36ae99f4bfc5a8725f60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/css
Referer: https://down.mdiaload.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 02:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 02:35:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 02:49:16 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 24ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TK2KX2E65Q&gtm=45je32m0&_p=1546133787&cid=1211910305.1677379752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677379751&sct=1&seg=0&dl=https%3A%2F%2Fdown.mdiaload.com%2Fdownload4947993&dt=T%C3%A9l%C3%A9chargement&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TK2KX2E65Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://down.mdiaload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 02:49:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://down.mdiaload.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.down.mdiaload.com/	1969-12-31 23:59:59	Name: lang Value: french
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstCfa4286545 Value: 1677379751544
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstCla4286545 Value: 1677379751544
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstCmu4286545 Value: 1677379751544
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstPn4286545 Value: 1
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstPt4286545 Value: 1
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstCnv4286545 Value: 1
down.mdiaload.com/	1970-01-20 18:41:55	Name: HstCns4286545 Value: 1
.down.mdiaload.com/	1970-01-20 19:32:19	Name: sc_is_visitor_unique Value: rx12449982.1677379752.AA84764BA5F44FCCE279ADAB149515DE.1.1.1.1.1.1.1.1.1
live.demand.supply/	1970-01-20 19:32:19	Name: demandSupplyTi Value: a5197ea4-18b0-4aee-811a-260d86955827
.demand.supply/	1970-01-20 09:56:21	Name: __cf_bm Value: UvmevVde0yZLSNGrPEZQlZfowkU8HyLjl82OrRiTevM-1677379751-0-AXLyfLn5c+ZFxAIe3RY1IUL4KtWN31fjrpFaxtmJ3fyfWuk7KU8BQEhkFdzOi+/Mm3cizskOAyA6udZwlDkAfhQ=
.mdiaload.com/	1970-01-20 19:32:19	Name: _ga Value: GA1.1.1211910305.1677379752
.mdiaload.com/	1970-01-20 19:32:19	Name: _ga_TK2KX2E65Q Value: GS1.1.1677379751.1.0.1677379751.0.0.0
.statcounter.com/	1970-01-20 19:32:19	Name: is_unique Value: sc12449982.1677379751.0
.statcounter.com/	1970-01-20 19:32:19	Name: is_visitor_unique Value: 1677379751401469759
.copyrightcontent.org/	1970-01-20 09:56:21	Name: __cf_bm Value: s2P0F5LnnD2rH8AWy7Ix5.IYOz6sLlswmQPBROStLro-1677379751-0-AeAOM/SXwdIEW/qGOmflz9szkNfgfIL9CAaCjPuOBMyPRKNtLLwrdaKIea8oI+j6JasFCq79hMV5/sUePAsiv3s=
.mdiaload.com/	1970-01-20 09:56:19	Name: lotame_domain_check Value: mdiaload.com
.mdiaload.com/	1970-01-20 19:17:55	Name: __gads Value: ID=85157aa8ba8c17ad:T=1677379752:S=ALNI_ManhM8GMEYi-jZu0b2Nvlav8g56LA
.mdiaload.com/	1970-01-20 19:17:55	Name: __gpi Value: UID=00000bbc2359bb36:T=1677379752:RT=1677379752:S=ALNI_MbX3OAz-qBV3AdpWfQs2qIi3qv5hg
.doubleclick.net/	1970-01-20 19:17:55	Name: IDE Value: AHWqTUmKyjMeUO_0sugs-PiaYl97KflEyyT-OjScG6cLOShYoQU0e6nRLOjKLZUonO4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
adservice.google.com
adservice.google.fr
api.demand.supply
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.statcounter.com
c430cf90e23a98a61b34b138804182e7.safeframe.googlesyndication.com
cdn.id5-sync.com
cdnjs.cloudflare.com
copyrightcontent.org
down.mdiaload.com
fonts.googleapis.com
fonts.gstatic.com
id5-sync.com
lb.eu-1-id5-sync.com
live.demand.supply
pagead2.googlesyndication.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
s10.histats.com
s4.histats.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.statcounter.com
104.20.219.77
108.138.4.10
108.138.4.150
141.95.98.64
149.56.240.129
162.19.138.119
163.172.33.167
18.66.97.109
2.19.44.144
2001:4860:4802:32::36
2606:4700:10::6816:3456
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6811:180e
2606:4700::6812:1bb1
2a00:1450:4001:802::2001
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:831::2002
2a00:1450:400d:802::2002
2a00:1450:400d:803::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::200a
2a00:1450:400d:80d::2004
34.225.45.79
46.105.201.240
52.51.12.6
01bd376cf54a9fc49dab79cb65210386282cdf45a9100666e2914748d51472f5
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a4d1fb78420332147b4bae4592ce9d65aa38f2c0e5de5b8d089028e1599d33c
0f2646bcf62d063abc28b2cda3cc1672e8541df4a207c46dda462a699bfa43de
1012fb944c3af08c945c70b2f47a397b7bcada3eb951328c23218734bf34410c
11d484ee3dea74b1eb7d438e4d2dbde0df8e9c20810ad98b578acd9fa6c62105
1381b9f24868cf54f19427f6bc27abd4036b0b37e23b5758a692f11a0b2ebcf0
1385713a2f10e043a4d739acec20d707f5a346b508a98cb662988b48a400913f
16340e3752e5178f7ce8c6042efe2a071cb3e308dbe36ae99f4bfc5a8725f60b
19012142d3d038fe81fb35b42175aff2359a1d60f3fff59ccd64a9716c86eef7
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
1bcf654e12405ab5e0683d20293052957fc8118ce5d89e1b393e8d41c018ff75
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1f3c741cc2a0975148b5daf3086fdcf62f5b59debe152ca1b73145c55dd011a7
216749f1364d4b328bc67b01b652db2ebdb2fdffee63ff89eba405f53f3920a1
240b0767745e76f8c6105f4205b5a454d36bab47536608867cff75403bcf7c0c
27c5969dc8d515e42b01193ec6ff64e2ff6b74ee39af199445978bb8afa25810
2906522e06ab1d40d33d2ac1d8b4518e8e209d735bd7d30b18cf94e5afcf4ab6
29f99b0d134ccb997141d1b8b50f7f5e6fc5ef35683104a552f9da64918c4e11
2a9d66071757a83f266a74ae068016fb7073b59f421c7efeb05d0f75746cf35a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
34eff09d3a94fa86b4f3e5af9cf391515e8e2caa3ebb6d7fe6ed13e5778ff8e0
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
37cdaf355920b149b2f31e56cc8128982762d56e5cb3e36e07e8ba73e3637a33
37ddc3df628de7dbb35e49b0eef020d9fe1613acbbfc77418bb7e69566395aa5
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
58d089f7163975e2d2fab1378198d924fe2fbd70c47fd4238a8b36d270d3f9d3
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5c83d64fd31a699a81efd8430a7100f1aeb83024f88b252273c9f5de31309e13
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631b4804dac10aaed327216a7e25d5a0e6643436317516db944ba737c01859a7
64a7a0e3612b87d5088ceb8daf269c7cd96acfd33b2c380ebaaa43fe3d69553a
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
67c123eb92c5add45ce587c51234b10e51ab61fec36fa0b28180792b27f212e2
70d0be5326c09006ec7d46aa2850376a4a3524c07851e05120bfe34f41e73b1b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7e7a630f6d99d62e488e5240c05f734b5bf4e573c2129532b322cb6be1717c26
816be92d18a72a17107eb09979eafaffb4bfdf5e153dfebf7d02ed34a881c60f
84145710ca0b6453821dc8da133f59005dc7a1d2d6eefd1bac04e33f8d104743
84af79cf8f2e10eacf52810f5a075343a3eedbaddfbbbc764d16a19d7c6ec6c9
8557d05e80e77b3aeecc01f3ab65a9c15aedffd9eeca0aa79431ba95560683fd
889f87dee2dc6f315be0cea3a57ceed40155c162c9a56d0594e5d1c46fff2eaa
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8fddefee30e9add90d386691b53ad927687454aea7272dbd424dfecdc1cebfed
91b00b5dd7f4e508d3c8d0d1934b69e7bfa30c04db8cb3e08b61e14d3ed227ea
92b4733fd350ef635f944c6faa3734c82cda0e2db8599eae3041d0c1a55b43a4
96691a470ea69f5f2b421a066045f0ae990867b0837d15666b304cdf68182f0d
966fb4e45cb1de58592e16a3d20d5ba59f639e5a8df31293c47be33aa2ce6848
97803f020d873288a2062aa9523b7fadfe40ada657480ce6f959e4ad21b9965d
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9af2322826684cc1aebc493fac627ca486f212f21f3f0a29a94a1e162216d31e
9fc8b0d11cc80049b6ef828c8bdd6dce1eca01d9c13216f194f7234bc0694571
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
a6b7f3663f33655b0091ae4077fcc444693c05a3bb3d2c00bd25abd8644c43f4
a6d4c629484b1e3e138c9f0fbcb670bf03c9a9f9adc8ceec4fd1944cb9bcad54
a91a980cca45d4da411508fea599c03da84aff266326b13e53b9c81ee43df8b3
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b58b4b94546b139a50231d1195b8fc2d6b4b1caee6f223767de3e7c779ffe767
b7490e604fd858905ef8292010d3ce65976b8bee3cbc3da30999b790fc62da0b
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c786317f3ce40a59075ef4565d91c109416258e9e1e860e09e698983ef7beebc
c7bb4b851037180e6fa1c96e0339ffac7e0d4af83090f87c34185b35035f504c
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
cada881d954e6a8a50ec48fc4fa9e505baec1086cdadef2fad0ffbf14f11000d
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d970b5c6138015be569be57ee8233f16aa8d06b634ab4469243d9e518ae7b973
db5075ed6f8518f86e014f4e0d246bcb283598e0c001a2414bf1e245946d038f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea55ed7a4adeeeeb7abfb09295fef24269384997a0fb705379683db9eedc811f
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
f382e813be8c6ad80486f146702b1481931380946e6ec7214dfa64b8f9363033
fc2b30e09f0b2a3880e63609de6aa9872be9727aa8da07d0a18b98135e55c47b
fe894077580a26a7bb0005cc423f8c9b22041593ec03bce3e9061dca7d7b5f1f

down.mdiaload.com Open in urlscan Pro 163.172.33.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

57 %IPv6

20 Domains

29 Subdomains

28 IPs

6 Countries

1334 kBTransfer

2616 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

down.mdiaload.com Open in urlscan Pro
163.172.33.167 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

57 %
IPv6

20
Domains

29
Subdomains

28
IPs

6
Countries

1334 kB
Transfer

2616 kB
Size

20
Cookies

130 HTTP transactions
0 data transactions