urlscan.io logo urlscan.io
SecurityTrails logo

fdown.net Open in urlscan Pro
172.67.70.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fdown.net/
Effective URL: https://fdown.net/
Submission: On June 26 via manual from NZ — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 7 domains to perform 65 HTTP transactions. The main IP is 172.67.70.216, located in United States and belongs to CLOUDFLARENET, US. The main domain is fdown.net. The Cisco Umbrella rank of the primary domain is 33221.
TLS certificate: Issued by E1 on May 29th 2024. Valid for: 3 months.
This is the only time fdown.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

33    172.67.70.216 (United States)

ASN13335 (CLOUDFLARENET, US)
fdown.net
1    2404:6800:4006:814::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
5    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
pagead2.googlesyndication.com
5    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
googleads.g.doubleclick.net
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2404:6800:4003:c1c::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
www.google.co.nz
2    2404:6800:4006:810::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2404:6800:4006:810::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2404:6800:4006:80f::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.com
11    142.250.67.14 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
33 fdown.net
fdown.net — Cisco Umbrella Rank: 33221
261 KB
16 google.com
analytics.google.com — Cisco Umbrella Rank: 174
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
www.google.com — Cisco Umbrella Rank: 5
77 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
297 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
250 B
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
14 KB
1 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 28952
63 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
97 KB
65 7
Domain Requested by
33 fdown.net 1 redirects fdown.net
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com fdown.net
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 analytics.google.com www.googletagmanager.com
2 challenges.cloudflare.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 www.google.co.nz
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com fdown.net
65 11

This site contains links to these domains. Also see Links.

Domain
downvideo.net
twdown.net
chrome.google.com
fbdown.com
Subject Issuer Validity Valid
fdown.net
E1		 2024-05-29 -
2024-08-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.co.nz
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
www.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://fdown.net/
Frame ID: 82E2C9243B9D9225C94D912A8B1299BE
Requests: 55 HTTP requests in this frame

Frame: https://fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 7DE5347A13303533B0E7D1B42B9AF8F3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 406908AFB6B9FA8C34412BDDC1284079
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719375456&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffdown.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_7~30_23~27_9~29_18&aiixl=32_9~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719375456353&bpp=5&bdt=1063&idt=457&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=572433593814&frm=20&pv=2&ga_vid=930942720.1719375457&ga_sid=1719375457&ga_hid=327177565&ga_fc=0&u_tz=720&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084689%2C95334509%2C95334526%2C95334564%2C95334571%2C95334830%2C95335897%2C31084857%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2276278143285918&tmod=2031597782&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=476
Frame ID: 9CD3AF610640780CDA60DF86E9C127D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&slotname=3440549079&adk=4249367247&adf=1487462760&pi=t.ma~as.3440549079&w=730&abgtt=3&fwrn=4&fwrnh=100&lmt=1719375456&rafmt=1&format=730x280&url=https%3A%2F%2Ffdown.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719375456358&bpp=3&bdt=1068&idt=486&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=572433593814&frm=20&pv=1&ga_vid=930942720.1719375457&ga_sid=1719375457&ga_hid=327177565&ga_fc=0&u_tz=720&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084689%2C95334509%2C95334526%2C95334564%2C95334571%2C95334830%2C95335897%2C31084857%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2276278143285918&tmod=2031597782&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=497
Frame ID: F53AE369CFDBDD6529A6081576E12A9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 746AF786DEBAE9A32737D5E18D7CBD07
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 191C8EC6394747D938689A5188228FFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 03786604F2C3021613D81F4C29024A7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 854F7A701C731548E9955CF588F85CE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Facebook Video Downloader Online - Download Facebook Videos

Page URL History Show full URLs

  1. http://fdown.net/ HTTP 307
    https://fdown.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

95 %
HTTPS

50 %
IPv6

7
Domains

11
Subdomains

13
IPs

4
Countries

746 kB
Transfer

1859 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fdown.net/ HTTP 307
    https://fdown.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Request Chain 30
  • https://fdown.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fdown.net/
Redirect Chain
  • http://fdown.net/
  • https://fdown.net/
36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a95e36f526475aeb4a0828792592ee43476d7e516bb777e23070cba401fde9

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
899a636e8ec75d34-SYD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 04:17:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QqePweNRUG29XLGhZOO5QtpjJqoi7UZQDsURkCO6cF4jRvywfGkN98B8gJ1RMjSyW5ujQRh81t67670YdndpNgp2aOcOoihFxFUdHGaEP7KhfvA4rpJwcQvsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://fdown.net/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
fdown.net/css/ 		117 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fdown.net/css/bootstrap.min.css
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7606e85408cc35686abd635f98ed668b36bc7c80b032a0d42b17ec3d9ed68de2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Jun 2023 11:56:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2072
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1vx40XHKvsEfSgSWmh9gvS7gsGkWKUAIPuR%2FhMh7je%2BorzOlbhwWMsMtNCBVckDBnbBf8jOxJOot9MVoE2OmVzGNqNNBAyYuiUmAOCYtFJZhjxe2IvyVflg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
899a6373cde75d34-SYD
alt-svc
h3=":443"; ma=86400
style.css
fdown.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fdown.net/css/style.css
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18a93befebedf6f0635dd4605dd5f8739a4065475eab759b90575bb8df33d466

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 04 Aug 2023 14:13:19 GMT
server
cloudflare
age
804
cf-polished
origSize=2419
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OMDPL5sCxcA3YCojwXPGNoO7N2h2FTmnWn0dyFNcpK0xpT6ZLWHVnzdY3jZ5dFKZDNHh1IUqCiV94aSoxkOMz5fD%2F8AnfKknGoKQ0V3NKT3CKurqHlBNqRyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
899a6373cdeb5d34-SYD
alt-svc
h3=":443"; ma=86400
logo-facebook-video-downloader.png
fdown.net/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/logo-facebook-video-downloader.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee86a352602077cabc15bc2206f8a4e3dceb8066b626ba5a981b406f3d4f81a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2070
cf-polished
origSize=16215
alt-svc
h3=":443"; ma=86400
content-length
13111
cf-bgj
imgq:100,h2pri
last-modified
Tue, 14 Sep 2021 12:19:35 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mml0ajCFZZ%2FqiKFfmhtYWKngbY%2BuuLSMYgTAhNy0MGZQBglq3NIXxYc8kHVJEo07DrvDlrRdSbW8%2BTqHE4MfIbmCs8YATOtcHnULYGkKHt5QQMdEBSaj0RslQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373cded5d34-SYD
chrome.png
fdown.net/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/chrome.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f13a667dc62f7c88eb71bf252d7879beb20b50dc72f8f40948fbba45038cc1d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2516
cf-polished
origSize=3456
alt-svc
h3=":443"; ma=86400
content-length
2668
cf-bgj
imgq:100,h2pri
last-modified
Thu, 19 Jan 2017 21:15:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFVPxzVI85Tr9KZYxr1hXZsjsHjGYsfBSzpVB2Y2CyufbKb6cXYeslBhKqcsXSOPcLyTwNuFSVwoe0gcGPJwrARdHNYFWpC4edWKb4vnqJjQikTjP%2FiKx2iWsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373cdef5d34-SYD
en.png
fdown.net/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/en.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38252fd05e4ab4e2b556031127e6244477d680fe83de25a5b7ed2a5d1e2007b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
802
cf-polished
origSize=3097
alt-svc
h3=":443"; ma=86400
content-length
2317
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Apr 2019 16:19:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogb3sNqZsU26X%2FFEThlmz0KR6TpSTXYh7wz0mKgOYt0z%2F3wokWKLsVEnmHYnbjyf7bIjnR8oglAmx0WC3a2mCEU3MJIS76gRDOtGF%2FYbmnzDVlYO%2Fz0pm1i1cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee085d34-SYD
es.png
fdown.net/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/es.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ee3b27d322467736d77fb81e4e8d8ba84ce0f1dbb4b95ae2f97c67213e21ad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1244
cf-polished
origFmt=png, origSize=1737
content-disposition
inline; filename="es.webp"
alt-svc
h3=":443"; ma=86400
content-length
1210
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Apr 2019 16:19:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3rrAi0cgmQWY0aQHheWusb75AYzttd1zreRUuiuuyoLpQj%2Bsa3ugCpl2GB%2Be%2FqAt1XKkiBpJsjaJbR%2BSy%2FTX6YqDLdxIC7eRviAkZfnCOcyyFDW0fw6SKI9Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee0a5d34-SYD
pt.png
fdown.net/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/pt.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b950ad159de13ec473984f63ad28362a67fa23a670836cafdd393016a88720

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
802
cf-polished
origFmt=png, origSize=3463
content-disposition
inline; filename="pt.webp"
alt-svc
h3=":443"; ma=86400
content-length
2612
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Apr 2019 16:19:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDndtAAh%2BVV9nk09mhCqfzFVs4oAjGM7kBKxuwGz1E9ACx9vQQvoMmiUldkW7B3tzGkKYU8CkyPQx92L8zaMI4CHsPg40uiHelYC%2B42ZEJQBNS3M89ddWFqxQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee0c5d34-SYD
de.png
fdown.net/img/ 		312 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/de.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e448ba8d144bd89b890d6d8dd3ddf6034195558c3ddc1bb33b172b2cb4eefe98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5792
cf-polished
origFmt=png, origSize=816
content-disposition
inline; filename="de.webp"
alt-svc
h3=":443"; ma=86400
content-length
312
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Apr 2019 16:19:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZvsDDZ2snW5a3UWnP1%2FSO7L5mtc%2BazqoI6iILav19vAPfi3u%2BI7a2BToL4HJ%2BI8Nly11yoyKiI73G5%2B6mWt69Gm5xA5RRhbWOB%2FG98S0FPMjFeiJ0v4k9RvuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee0e5d34-SYD
fr.png
fdown.net/img/ 		374 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/fr.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
639a221781d4b16685fdeece57014d6e9cd3ab5ece9e045da03dc411ee33c103

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801
cf-polished
origSize=819
alt-svc
h3=":443"; ma=86400
content-length
374
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Apr 2019 16:19:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJRVcQWhcgmm%2BR5vcEtzp68II0PUwvzqU4l6M8PmfwEBEuCnjr1sm3008yvLrEhJRDztE7N48jzZ2V%2B%2FCEW%2Bdz87BLOZ4e7TvBACsBZEAeuD9tdS0pxAOUoLvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee115d34-SYD
it.png
fdown.net/img/ 		288 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/it.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90029b49c86cea2f8f1d3b563ed49a045a7e668e598d02f0b7530035a40467cd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="it.webp"
alt-svc
h3=":443"; ma=86400
content-length
288
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Apr 2019 16:19:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ckDwmKhPBwYVShqY7uplGhzZ2g1WBcovowRbTdcru6nnWsZt4PsbEWjGBm82ebFAXPF2BoDiqE3klifEJ0acpB9F80ob3GVGY6KMPs7NWZ1sAo7GwnDOiRTmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee155d34-SYD
fbdown.png
fdown.net/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/fbdown.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655b679e1bf8ecaa5dfba2ddcfe13104cf8f5ce725b4038162790726d5c38c5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3159
cf-polished
origFmt=png, origSize=26517
content-disposition
inline; filename="fbdown.webp"
alt-svc
h3=":443"; ma=86400
content-length
14758
cf-bgj
imgq:100,h2pri
last-modified
Tue, 14 Sep 2021 12:19:47 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWiUkS6nLOjQRSjqazWAz74VpzRIveBgWjHtBugRuzeWK45YxRvsestMaFyMycqFUNdU89tBMSOuF9OnPdlQ1Cq6QWHzV%2BnGJQYUvIHQFSwFBKONql3xVNHlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6373ee185d34-SYD
fontcc.css
fdown.net/css/ 		225 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fdown.net/css/fontcc.css?v=2
Requested by
Host: fdown.net
URL: https://fdown.net/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052acb754fd04e3ca5e968f4ad3f2bc8898416570bd3d51f6f2919c1611f0849

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/css/bootstrap.min.css
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 25 Dec 2020 17:34:33 GMT
server
cloudflare
age
2071
cf-polished
origSize=268
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDG3%2BNbXBatK9yjXfXsZv0nra3LroTz8XccOHBUaEIN0nqMffxh2e4jxxGXFrqG6hHjPRC62lEU6PTjAmatJ8cFHDbO%2BuI5F4xlEfhuTBXYj%2Bv1ZLNeS1s6vhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=691200
cf-ray
899a6374af145d34-SYD
alt-svc
h3=":443"; ma=86400
glyphicons-halflings-regular.woff2
fdown.net/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fdown.net/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: fdown.net
URL: https://fdown.net/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/css/bootstrap.min.css
Origin
https://fdown.net
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2017 21:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
968
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39G0Ok6cEbIHkQLEVSxCSwfRHxCDktxypkzfCix4ZUj6CT3x1%2BdQvNqdgUCwDaa5WCXE%2FozmZSWLl%2FGpwjAGQFUxBxhoX5tOBe53tw9A9kdLYjxB6yWDw%2F9HKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63753fc05d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
18028
RooneyBold.woff
fdown.net/css/fontcc/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fdown.net/css/fontcc/RooneyBold.woff
Requested by
Host: fdown.net
URL: https://fdown.net/css/fontcc.css?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cca0e02267d9be3a57b5c8a646cf2d397f2d25e8618868212e16950b5254771

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/css/fontcc.css?v=2
Origin
https://fdown.net
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Dec 2020 17:29:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1923
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODCCHe46uxAemJR3DMVYBm0mk5X3ZmWjC4SqlvpkiQMsqJM%2F3Eozs4x8j703zv0tvW1HFCSIugS862efVkQCF2Eng6CZuUg8g487lFgAopiZnkGjfSKZc9FsOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63753fc35d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
55831
RooneyRegular.woff
fdown.net/css/fontcc/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fdown.net/css/fontcc/RooneyRegular.woff
Requested by
Host: fdown.net
URL: https://fdown.net/css/fontcc.css?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f303d73059745e5512f2106dda0fdc74544d4f150df3504b664c456e7af8f58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/css/fontcc.css?v=2
Origin
https://fdown.net
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
last-modified
Fri, 25 Dec 2020 17:29:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1923
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVo%2BEmg2%2BrTOpM7JnOGOhx95ngfoRRDOcfmAaEd6tJogKi%2Ba3A2rqOt0ti%2F%2BS2jUIYvwQ9w8kS3VP7AWI%2FYhqXdnxwhzu%2BBDQI%2F6Y%2Fz72SNLRYi9LCk2kVGKtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63753fc55d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
56561
windows.png
fdown.net/img/ 		152 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/windows.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9580922ee66f527c11a67dd812ee554bd0999c0bfc08d23e766f68c9756b3a82

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
358
cf-polished
origFmt=png, origSize=470
content-disposition
inline; filename="windows.webp"
alt-svc
h3=":443"; ma=86400
content-length
152
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Aug 2018 19:42:43 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmSpOaTqryqLLnAB7fMYW%2BgL%2Ff9H86NbI3A8rTSQzH0%2FjXcdvKzQLiSEdcZMS%2FgKshoT1UVPTVOGIMb2wNW2QkLab8VRfcnElr9VKY3XtE1jVj%2BVxuQtjzfl9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63753fd05d34-SYD
ios.png
fdown.net/img/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/ios.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
675bd22dfc27f7f5c76d796a5da6817cf577aaefb783d3dd1b2ed89ce47f7cd5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
291
cf-polished
origFmt=png, origSize=1443
content-disposition
inline; filename="ios.webp"
alt-svc
h3=":443"; ma=86400
content-length
876
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Aug 2018 19:42:44 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2BN7vjeHykXFw4jIwPGYHyLcQvA7MSCeBogLjuhU08COnl77VaU%2F5xjEYbWfzvqiDjjTwjHqC0wPeFGdV6e1OANYfPDzH0aOMTl0s%2BCcG1sbKpeW%2Bqwi5u20Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63753fd25d34-SYD
santa-claus.png
fdown.net/img/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/santa-claus.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce5732113fff99931a93b250f84626f735f9ffda33e0a0157ec55256b7c8e537

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274
cf-polished
origFmt=png, origSize=1429
content-disposition
inline; filename="santa-claus.webp"
alt-svc
h3=":443"; ma=86400
content-length
886
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Dec 2019 22:45:31 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g1ACDnlqZovH%2B7AjIS%2B%2Bs4ZgWXNc9uMw1ITAIEu4sXKfMzyra0NywttmxuJWHsuAcGnYbjbVFecR97am5ehgu8rR3YzgRVjxJfqbG6zzixdpmZWCUCmzixvtOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63754fe25d34-SYD
br.png
fdown.net/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/br.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f41272e96dd3b140dab2d4180d027730fc95fd70a17821247906febce4ab717

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
358
cf-polished
origFmt=png, origSize=3954
content-disposition
inline; filename="br.webp"
alt-svc
h3=":443"; ma=86400
content-length
2578
cf-bgj
imgq:100,h2pri
last-modified
Thu, 25 Apr 2019 15:49:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24%2BkNqYl0YFVnBcra%2BGicge4BxFuh4jqfykabTpvYRKRSVUvonTEA9tKyeoKDGKhJub%2FqLMEmg5snMLb7ZMluTsyW9QUuc2lFW4SgeAc7AU1Fuosykqo2SGWig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63754fe95d34-SYD
apple.png
fdown.net/img/ 		284 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/apple.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ccc48d1627f8d7fd534c6f3121c1aae100460b581bde8d46112c63823bee136

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303
cf-polished
origFmt=png, origSize=675
content-disposition
inline; filename="apple.webp"
alt-svc
h3=":443"; ma=86400
content-length
284
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Jun 2017 23:46:48 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TX7w7wtqWhd1Jruzhm%2BkQl6c1u6DfD67ikNFBnS4xIvusNzCj%2FcQ8zSHYIhUb6GPXbBZzHoVEL6FsUyC0GbMHUHOI5oSzCxy9dY4lUho%2FsWCi3fZml7AF8Darw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6376c9f25d34-SYD
android.png
fdown.net/img/ 		519 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/android.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3165ad11e7c865da327622d80ea8eab00af22d9a589d9c4ab72f41fd2a0aba97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303
cf-polished
origSize=637
alt-svc
h3=":443"; ma=86400
content-length
519
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Jun 2017 23:46:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4%2F6MXt5kxWKfucZIP11K%2FNg3zMkP2sHZ1s8UpXECsI9S5zPc%2Fx5nfiESl0PU252aNkf2LwsxI0jCn6VavSKb5%2FWaV%2BaiLYkkwnmJOe49W416%2FxSmaJIh%2FLOVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6376c9f95d34-SYD
firefox.png
fdown.net/img/ 		796 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdown.net/img/firefox.png
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec41a19d60bebd53e6b6d9f7d0ccb17e58498c7e9226ff9da7bb34b0a6e72765

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303
cf-polished
origFmt=png, origSize=1262
content-disposition
inline; filename="firefox.webp"
alt-svc
h3=":443"; ma=86400
content-length
796
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Jun 2017 23:46:45 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSeNdKGMtOqqxKfZkm0S8Nb7zwzngMrNA3V1SYXCgpk1Qz2vj3wT2NSm%2Byezp3cRda68Fq%2BZuN2X2jdRXKSO3N73%2FLHqaYHbxkIm5jvLJnlY4TWZkh1VQWeiEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a6376c9ff5d34-SYD
rocket-loader.min.js
fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: fdown.net
URL: https://fdown.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jun 2024 21:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6679df40-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2a9K9oxe1ML4Mcch0iGPFoCnE0aJEL2ZPdmKlsLGrtFa%2F0Df9akFBiUM%2Foef%2FZGv8N6%2F9p7Bro97W0L0TxpQZQuAx0RmMG3w%2Bc8a7LUO1uNoWVxYeLi7lFQeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
899a6376ca035d34-SYD
expires
Fri, 28 Jun 2024 04:17:35 GMT
scripts.js
fdown.net/js/ 		0
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fdown.net/js/scripts.js
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 19 Jan 2017 21:15:20 GMT
server
cloudflare
age
2516
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RB6l402HcEUquqfa0YOUiAovdFNevRyI7HsiKuCanliy%2FMfiV4ftvkYiPdijeTSYoeKr4erJFp40YQTpqfzuzw2Rz5gqoeFRrwxTScpdGRTASvtBPwj%2FwcUpCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63774acb5d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
bootstrap.min.js
fdown.net/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdown.net/js/bootstrap.min.js
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2017 21:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
803
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WH%2FxrbE%2Fg38qzlZvHbXLqJ3ZO3HD023DZpZRmJ1DUMeNighU7Ou1vMENCuyc7XGLs6esi6M%2B%2B4GWdNM0C7Ej25zEXjWEqgRXJkSG7Jw0ks9iwAW%2F4Ej0Ao6krQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
899a63774acc5d34-SYD
alt-svc
h3=":443"; ma=86400
fbdown_home_min.js
fdown.net/js/ 		809 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fdown.net/js/fbdown_home_min.js
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebabb707041a952a93bc1ba0f0dd46bf51c162057cf59a67354ff6ac9415cfe9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Aug 2018 20:15:08 GMT
cf-bgj
minify
server
cloudflare
age
857
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMz5HrsfA45VsMt1yH9nU40M3ln%2F6y03F1ryu%2BRXyI4xwIWiyhC7jFjhRZbf%2Bh0Xukv4HidONCQdhGGSAvHKNvG0LpaVDu0oeIduUtg9NPKnjVsQykral4MHBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
899a63774acd5d34-SYD
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		285 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-82ERN9JZD3
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8d08bd6524b6439c0c22a8bea2839a071267de4774132d2514544b5b4ace5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99252
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 04:17:36 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c7e29c8c8b6e/api.js
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 04:17:36 GMT
content-encoding
br
last-modified
Wed, 19 Jun 2024 17:35:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
899a637a4d4f5d36-SYD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 26 Jun 2024 04:17:35 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c7e29c8c8b6e/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
899a6377c9c35d36-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
9ffa908b53bcc0201ac9492bf1630082863fce1098dc7a41d7c529eab5cf8db0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52976
x-xss-protection
0
server
cafe
etag
17276455082714475438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 26 Jun 2024 04:17:36 GMT
jquery.min.js
fdown.net/js/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdown.net/js/jquery.min.js
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2017 21:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
803
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2B5EW%2FVes7lxV8%2Bvn9KXqrQBcFUnBBZiAYHhS%2BtzHskIfeb8VDOYN%2BKKDW%2FTmnOT7JYvBaeoytMYCmVZnnAhJpikaycjJY651spGtSFYefoTWAv0SkiYfHLjKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
899a63774ace5d34-SYD
alt-svc
h3=":443"; ma=86400
main.js
fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 7DE5
Redirect Chain
  • https://fdown.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdown.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Protocol
H3
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78b9703e715697e2f2ab07665bda1e8c49e0f5c02b5c9ae09cbb72a25e52b8f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOvZ%2BAnyNCHFFSCd%2BPbSTHprwdWjQvaF%2BoS6hnUm5k5OR%2FMlpnGV11x6UkCEQQOG6ESXckW6hZSvlK8LkzNtgCl5qzHqbt0bMwUhoV1F%2F5j2jNGVYGwNPQcjXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
899a6377bb775d34-SYD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 26 Jun 2024 04:17:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6gcSd6gl%2FcHd8fdvMY%2BrBTyFvHWXVD8oMTWulVmsAmGKa13ePfYD905cmdp%2BmuWsQGaL%2F1m5NXEQ%2FUJT2%2FUwSxUvXcnLuWiaFnJHlkcOG7uOMjstRWoJL4ZNw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
cache-control
max-age=300, public
cf-ray
899a63774acf5d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.png
fdown.net/img/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fdown.net/img/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4c07949967cd563fb8521f9d3ca44eb4cf360f07cd44bcbcae9e1182ca97f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
903
cf-polished
origFmt=png, origSize=1316
content-disposition
inline; filename="favicon.webp"
alt-svc
h3=":443"; ma=86400
content-length
1108
cf-bgj
imgq:100,h2pri
last-modified
Wed, 13 Jan 2021 22:28:10 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9iOto5MMQjwYqclJcPR35vG6igcxjCA5BQyCtA%2BSjhcqyy5xgSK9asmqOxF2sekiGsjEYxikX0mAnmHlDrn1toro6N7CxZTyLQQrDCPC3UhAvdAb9zWrWSmFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
899a63775ae35d34-SYD
899a636e8ec75d34
fdown.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7DE5 		0
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fdown.net/cdn-cgi/challenge-platform/h/b/jsd/r/899a636e8ec75d34
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jun 2024 04:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BcxHS2wDqQUA4VB5UxPdThZ9yk3dHOxw30i7RFLQagfl1Xb8AVBBupyqy37Gujer%2ByaFLNlLY7%2Fu27jhXTepzQQiuGhx8yjPt1cWKV0xwdHAs1sJgq4rYvb5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
899a6379bdda5d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
899a636e8ec75d34
fdown.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7DE5 		0
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fdown.net/cdn-cgi/challenge-platform/h/b/jsd/r/899a636e8ec75d34
Requested by
Host: fdown.net
URL: https://fdown.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 26 Jun 2024 04:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWo1gUvX0eFmh9zvqN7yKluAVVgLKkKoDluX1Q031BwpeHm1SHFdnVDPYi0H8B5wBZzRHfpM%2BRFi1ztIfhe2ceNDfs6PzBimEStulEUgQxR3H0cP7yfTfOLEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
899a637a3e625d34-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/ 		425 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
898ade2bd846c58229569d56643950af69f268acea4dfb8dbf9883e7f2b88104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146793
x-xss-protection
0
server
cafe
etag
5219649169626136206
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jun 2024 04:17:36 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 4069 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
29761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 20:01:36 GMT
etag
9187630395144177108
expires
Tue, 09 Jul 2024 20:01:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9CD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719375456&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffdown.net%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_7~30_23~27_9~29_18&aiixl=32_9~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719375456353&bpp=5&bdt=1063&idt=457&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=572433593814&frm=20&pv=2&ga_vid=930942720.1719375457&ga_sid=1719375457&ga_hid=327177565&ga_fc=0&u_tz=720&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084689%2C95334509%2C95334526%2C95334564%2C95334571%2C95334830%2C95335897%2C31084857%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2276278143285918&tmod=2031597782&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=476
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
92252
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 04:17:37 GMT
expires
Wed, 26 Jun 2024 04:17:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
0627b0cc26e5de38fe74c194040ab7f6a8537ccee7e66f4930d40bdee9e0bd39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12825
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F53A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&slotname=3440549079&adk=4249367247&adf=1487462760&pi=t.ma~as.3440549079&w=730&abgtt=3&fwrn=4&fwrnh=100&lmt=1719375456&rafmt=1&format=730x280&url=https%3A%2F%2Ffdown.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719375456358&bpp=3&bdt=1068&idt=486&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=572433593814&frm=20&pv=1&ga_vid=930942720.1719375457&ga_sid=1719375457&ga_hid=327177565&ga_fc=0&u_tz=720&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=368&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C31084689%2C95334509%2C95334526%2C95334564%2C95334571%2C95334830%2C95335897%2C31084857%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2276278143285918&tmod=2031597782&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=497
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44783
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 04:17:37 GMT
expires
Wed, 26 Jun 2024 04:17:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-82ERN9JZD3&gtm=45je46o1v9129780787za200&_p=1719375455940&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=930942720.1719375457&ul=en-nz&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719375456&sct=1&seg=0&dl=https%3A%2F%2Ffdown.net%2F&dt=Facebook%20Video%20Downloader%20Online%20-%20Download%20Facebook%20Videos&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2526&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-82ERN9JZD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 04:17:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-82ERN9JZD3&cid=930942720.1719375457&gtm=45je46o1v9129780787za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-82ERN9JZD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 04:17:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-82ERN9JZD3&cid=930942720.1719375457&gtm=45je46o1v9129780787za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=582770301
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 04:17:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Jun 2024 04:17:37 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/ 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/reactive_library_fy2021.js?bust=31084857
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
20d63dbcc126818e52bc87240fec52427040fce903d2a0dcf5ba3494ac8a5833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58346
x-xss-protection
0
server
cafe
etag
285865704210231204
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Jun 2024 04:17:37 GMT
ca-pub-9232253514792453
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9232253514792453?href=https%3A%2F%2Ffdown.net&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d37353e5e8c10a4e81392ed1b1ea608088709c38f2b1c217d8f5e3a18fe843a7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0ctXpft8XR1aLn5vTG0LsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0ctXpft8XR1aLn5vTG0LsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLheLTm3WY2gQOr1m9lVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDMy0TMwii8wAAABozoi"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 746A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
60265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 11:33:13 GMT
expires
Wed, 25 Jun 2025 11:33:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 191C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2004 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zn5akj8CWysJHMOBYGZVLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Zn5akj8CWysJHMOBYGZVLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Jun 2024 04:17:38 GMT
expires
Wed, 26 Jun 2024 04:17:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxWHTTlPKO_49p9bIvGg0b5SgT9w2kA7sGKPwmjRBSLy8Ee1BVZNlabW9dMw9OyIYL-LAZkES0tolH7Tu7pXOJvnE3WfC8tlnEoHpl5IS4lNe4QP8K2IWlLUMVtO130h0jJZ9eJzjw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWHTTlPKO_49p9bIvGg0b5SgT9w2kA7sGKPwmjRBSLy8Ee1BVZNlabW9dMw9OyIYL-LAZkES0tolH7Tu7pXOJvnE3WfC8tlnEoHpl5IS4lNe4QP8K2IWlLUMVtO130h0jJZ9eJzjw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Mzc1NDU4LDg3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mZG93bi5uZXQvIixudWxsLFtbOCwiUTlDY1ZPZFBSakUiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sMTgsMl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7710f82d194ccc075b7409bf620a35eeeba9de9f0de88c62888560675f28c820
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-odNUveFE9dsMEe9mGKH63w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-odNUveFE9dsMEe9mGKH63w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLheLTm3WY2gQsHOy4wK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6BkYxRcYAAACtDo3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 0378 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
29761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 20:01:36 GMT
etag
9187630395144177108
expires
Tue, 09 Jul 2024 20:01:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/ Frame 854F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_fy2021.js?bust=31084857
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://fdown.net/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
29761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 20:01:36 GMT
etag
9187630395144177108
expires
Tue, 09 Jul 2024 20:01:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-82ERN9JZD3&gtm=45je46o1v9129780787za200&_p=1719375455940&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=930942720.1719375457&ul=en-nz&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1719375456&sct=1&seg=0&dl=https%3A%2F%2Ffdown.net%2F&dt=Facebook%20Video%20Downloader%20Online%20-%20Download%20Facebook%20Videos&en=ad_impression&ep.query_id=CJ2669q0-IYDFQysrAIdCagHjA&_et=1671&tfd=4579&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-82ERN9JZD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 04:17:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
adnews.
fundingchoicesmessages.google.com/f/AGSKWxVpMA76-odUbv_v1GszGEbw40PdB4eUBXwgEJMbuBivYejma--8-q92bc5IZ4R8cJdsZtMzJI8mkgoCm1d-7Gbrzshn1YgyS2yJLz_AaX_YevcWRUzEwMxh-Bwp9-1iPiTNMkRI9buRN7mGjzNyFOKyolSHT... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVpMA76-odUbv_v1GszGEbw40PdB4eUBXwgEJMbuBivYejma--8-q92bc5IZ4R8cJdsZtMzJI8mkgoCm1d-7Gbrzshn1YgyS2yJLz_AaX_YevcWRUzEwMxh-Bwp9-1iPiTNMkRI9buRN7mGjzNyFOKyolSHT-GDb_5yUvRyH_zN6qV5-v_FfngN0UTb/_/480x030_/houseads./ads/article./digg_ads_/adnews.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz9KHj56k5D805aG16DFt-iO6oh0A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
3197c28794bce0ca59f22e784c487d9924fb47124e27604380f7f3b0e1c11071
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4UB6mUvxkCTOCapgHJk3oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-4UB6mUvxkCTOCapgHJk3oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtHikmJw15BiUAzbyXTe6Q7TdSCW-PqSSQ2IndJnsAYAsU_9DNYoIG69eY51MhB_fnyO9TcQJ_07z1oAxEsiLrIeSLzIevDxRdaTQCzEw_F4zbvNbAIfPvROZVbSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAzMtEzMIovMAAArgY7jQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz9KHj56k5D805aG16DFt-iO6oh0A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
044d43cacd75f8eb7c79dfdd513e260690513768722e4102bc4484f7908eb289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 03:55:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
1302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25753
x-xss-protection
0
server
cafe
etag
4050747878643589421
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Jun 2024 04:55:57 GMT
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KINVvQxayG3VNRE5pGnAAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-KINVvQxayG3VNRE5pGnAAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFkzbvNbAIzjl1hVXJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmZGJnoGZvEFBgA0PCuS"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fhDnXL4b74NAYlgBLhhXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-fhDnXL4b74NAYlgBLhhXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFkzbvNbAIrdp9mUXJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmZGJnoGZvEFBgAy6iuN"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ip6mB9Uk2E5GJAm0cNFl_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ip6mB9Uk2E5GJAm0cNFl_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQtwcT9a828wm8GPTJn4ll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgZmSiZ2AWX2AAAD3bK7k"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jVTsLGr8w-tRwe5UfL71SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-jVTsLGr8w-tRwe5UfL71SA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFkzbvNbAIHlnbzKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTAzMjEz0Ds_gCAwAjNStW"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW48pZVAcxAsU_NZfXtLNT36OPV7Q7_73BeeOHCwQdU7FRlenJC1YVNcY0AOf0pxkfp6PX8A8Fvb7GqWRpR_Yi50bdzF0n2X6AMc-xhD5C6C6Lwcmb0dFu9NbxPbWjHDFfmjRPo0Q==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW48pZVAcxAsU_NZfXtLNT36OPV7Q7_73BeeOHCwQdU7FRlenJC1YVNcY0AOf0pxkfp6PX8A8Fvb7GqWRpR_Yi50bdzF0n2X6AMc-xhD5C6C6Lwcmb0dFu9NbxPbWjHDFfmjRPo0Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Mzc1NDU5LDkzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmRvd24ubmV0LyIsbnVsbCxbWzgsIlE5Q2NWT2RQUmpFIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjhdLDE4LDJdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
a855d36181b222016564c919500aed943a3cd3766fe4907bf5d19d5ede93c46e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oNbpXTC0l19WLeh2IDUMrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-oNbpXTC0l19WLeh2IDUMrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLmeLLm3WY2gQfvT_EraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGZnoGRjFFxgAAMxYOfQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r1uDitOyEA8yVXW4g6Fb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-r1uDitOyEA8yVXW4g6Fb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfFkzbvNbAIf7j5KVXJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmZGJnoGZvEFBgByyyxv"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVSa8sJgakKlGx7ADCYFcPWouQ5_UiP7cNnI4P9hdo34yxNQcAO1KVDZB5O2OpPCF1eKCBUDJE0PoFXASqTkxPs5XS9ZLMz34_0SBzmlq1weAUlUx9yDBrxHe1jxZhpF5bTcAGRWw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVSa8sJgakKlGx7ADCYFcPWouQ5_UiP7cNnI4P9hdo34yxNQcAO1KVDZB5O2OpPCF1eKCBUDJE0PoFXASqTkxPs5XS9ZLMz34_0SBzmlq1weAUlUx9yDBrxHe1jxZhpF5bTcAGRWw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Mzc1NDYwLDEyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmRvd24ubmV0LyIsbnVsbCxbWzgsIlE5Q2NWT2RQUmpFIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjhdLDE4LDJdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
9c2e76647d21e48b1293fc74fa9fd11644a1b9a614163cb475e2e880f85fa16c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JOnI7PbJec7qLSlfGxBghQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-JOnI7PbJec7qLSlfGxBghQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLmeLLm3WY2gQN9J7OUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMjEz0DIziCwwAyD051A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUUg8-NuzqzHKfyy73me-Ik6r-HGNvz9L5exqm3MRC5u0-ooY2paiS1ff5B15JtfSWUbdhunR1Ck4-qqlM5U06w-_u820IkHc7t9iGv1ohsr-v7A4nwToVxGLNku7VnwM_tumnKLw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUUg8-NuzqzHKfyy73me-Ik6r-HGNvz9L5exqm3MRC5u0-ooY2paiS1ff5B15JtfSWUbdhunR1Ck4-qqlM5U06w-_u820IkHc7t9iGv1ohsr-v7A4nwToVxGLNku7VnwM_tumnKLw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5Mzc1NDYwLDMwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9mZG93bi5uZXQvIixudWxsLFtbOCwiUTlDY1ZPZFBSakUiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sMTgsMl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
9925542717338c39e0f70400dbe55cbac77bd451a67375f587b17c670ec532ba
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pkXTnHUn5AVySKMFHzPPgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pkXTnHUn5AVySKMFHzPPgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLheLLm3WY2gRWb3p5iVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDMy0TMwii8wAAANEzpm"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXT0na_td9zWd7RLrLNVwlW_CQvkU-jMpy0WIBgASGNdXIT3fkDxCcRPfhjoS9pdT-zBsPStjehyzIxaxoOPvqDTiUIDTSy25iPDDzFsTguyvzZYtOyOqUnfjUpdZFeXhHlm4jnbQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXT0na_td9zWd7RLrLNVwlW_CQvkU-jMpy0WIBgASGNdXIT3fkDxCcRPfhjoS9pdT-zBsPStjehyzIxaxoOPvqDTiUIDTSy25iPDDzFsTguyvzZYtOyOqUnfjUpdZFeXhHlm4jnbQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PnX-w-3Gw0OEB_r3IWn2Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PnX-w-3Gw0OEB_r3IWn2Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_FkzbvNbAIrtj6fz6TkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjEz0DMziCwwAc7AsNw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIszjHnj8TjMiHzZgRPlretsM1vT_Ro0dfIeGXikgWq7aBbRCAN4u9JGyhAo420_bYNHOrM1_cn9w_xM1LR0KqxBeKGqTcQ6W2mUDgslwBFvMXfrJ9d0h_L9VYeyUe_UZeHdrnUg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMwL7Yz_0j1I3XNsBc71c182olXg_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dNfCl8GAA62qca6RN2eZjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fdown.net/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Jun 2024 04:17:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-dNfCl8GAA62qca6RN2eZjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_FkzbvNbAIvPk1cwKTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMjEz0DMziCwwAg8QsaA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fdown.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=2276278143285918&bg=!4eKl4q3NAAb64txl2uI7ADQBe5WfOKekPmDTsbcYYSblnlVAFJjUGUq1Owjk3hhA5r59X1PjoPPpZFmopaIgfR--ZOh3AgAAAEFSAAAABGgBB34ANpixZoPktb-t9w98-V-ehremNyM8JzjEacIMcTCb8B9YHXTgKyIM02rYh-IqaVDEFTww-lqtJZkC3t48w0cZJT-9uwsZAPD7zobbFyus53xJBQt2hhlhjuiPEPPCED8Id-9m_1qudsQ-B2W-RHsL04gRzEclAOqJECoO4vNjG9FNz2TbMZexjWDXvaXcDnjxRgxpiw_o9rC4wQsxFsV0S__0SpocssZiEMf1C4foKBonlwAmrUoShKuOP23HpKd9oPGZNCA_kJG8NB5ExOZqd8W2_vuZagZIDXZnJp1MSUlhlArPJN5RIosjfPO7FwNYGWc9NBQ2yDvLTr6Fsx0vulieIOwosBtwnjV9Kc1eBKtFQFT9wXrzUeaKcf3jIcQBByWjF0tAPddli-u-08JUXN6BR5Ocit2EpEqPhN1BXp1jnHhMUjxLafzZAkNot8kfcIs7McMBIo29CSkxX5LHiNXu586DFuJ5XYkRUT56qOQZgwbx8v-SxXMdE2hbNpOWdH8H8HhRUVQLMnThKB7hu6mV-fzG5llKlV3h1AfxMGqkIUWuIK0DP5H9pYlLsH6midqVePzsOUo1zQDvGzUY_gXstIG98As1V2NYu6-6FRqEYpZOV8BSRKsqIcXdc_QJXfYOBseroIZCqCvDMcNnni2JvaSVwagQtrlHe5Y8GSwg2i-3t-J0Rdtd6DCNhKEvt7sUUnXqeO6OfqgbtPp91c8lDv-_2jBiQ26v-j7UPweZnuo-jMC1kAgssCYUTaDYX_qlPt8qsKz9hE0RyxeVIlK79Rk_DRAQ9ZGhZ3pioeKxV_LwCYqUrposumtFTyK4ATOCP7pvEpFtM9DIuhI6l4zzCICispo9C6Rk8hvyv5srVl7mF8CIIAMzJVPgVjE4VGKEmNJy5F40S4xkMXCtp9nDpm_yt0n7PZQjjUV6gNMWhSdjfvEd1MxwlxeJ6qBWoaAbvkt8EuXCjt9D1QFaezMV8MTjGZ84oe9CbWawPwEu4Hbee70utcXvz-jPYOAlW1asnqZln029w4vNgHTZ-kNWZyTEW1fn

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 undefined| event object| fence object| sharedStorage object| __cfQR function| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle boolean| isIphone boolean| isIpod boolean| isIpad boolean| isIos function| progressShow boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| turnstile function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag object| GoogleGcLKhOms object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NjFlNjEyYzMwZmU5NmQ0MWxvYWRlcl9qcw== string| NjFlNjEyYzMwZmU5NmQ0MWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_image_requests object| _google_rum_ns_ undefined| google_rum_values boolean| 4b3a516e-c0d0-4e67-8024-6f348582f69c

16 Cookies

Domain/Path Name / Value
.fdown.net/ Name: cf_clearance
Value: 7jsHAgYMrFKrVj10d79wZumQ4f6FHVlDKmzi4TRMFEI-1719375456-1.0.1.1-C4y_XlaCkCEih5hSfQ0kYdlG9TImOBM6yg_ABJOj2V7tD7wy.AGUVZK03nti3NExNQQ4o8WwXYCS6_1TYP8AXA
.fdown.net/ Name: _ga
Value: GA1.1.930942720.1719375457
.fdown.net/ Name: __gads
Value: ID=72fded3e39e21f78:T=1719375457:RT=1719375457:S=ALNI_MbnEOG0CkzcPYF4z2n1vcARRIVO7g
.fdown.net/ Name: __gpi
Value: UID=00000e6485a4d2bb:T=1719375457:RT=1719375457:S=ALNI_MZNPHpbByIsO1W81o3OjFYTfOJIaQ
.fdown.net/ Name: __eoi
Value: ID=73b11343383991a8:T=1719375457:RT=1719375457:S=AA-AfjajQ2stwjutPotGqlrI_Uud
.doubleclick.net/ Name: IDE
Value: AHWqTUnGDV278JvbgvSTSlAz_75Tj1px_UgLreOpaTV35EAs4Cdr8LTfBmX4wmjqQYU
.googleadservices.com/ Name: ar_debug
Value: 1
.fdown.net/ Name: _ga_82ERN9JZD3
Value: GS1.1.1719375456.1.0.1719375459.57.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZnuWY4sFVpkAAB3KAa.aUwAA
.casalemedia.com/ Name: CMPS
Value: 4683
.casalemedia.com/ Name: CMPRO
Value: 4683
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.fdown.net/ Name: FCNEC
Value: %5B%5B%22AKsRol_KJP5_2c7ObQ1GWGK1CkKAtO09TMGV0AwDjGijav78HhI3TrPZ_RiI__PeYXX87B6VyhHCsIuaSFOnvI_1udD1O4mLMZTcqjeTZLoVvpfEXNZ-7oQnPs8ZtkVTA63IqdDOHlsD9ws7fop-298Jfq_ybD_a0A%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
challenges.cloudflare.com
fdown.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.co.nz
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.3.184
142.250.67.14
142.250.76.98
142.251.221.66
142.251.221.67
172.67.70.216
2001:4860:4802:38::181
2404:6800:4003:c1c::9d
2404:6800:4006:80f::2004
2404:6800:4006:810::2001
2404:6800:4006:810::200e
2404:6800:4006:814::2008
044d43cacd75f8eb7c79dfdd513e260690513768722e4102bc4484f7908eb289
052acb754fd04e3ca5e968f4ad3f2bc8898416570bd3d51f6f2919c1611f0849
0627b0cc26e5de38fe74c194040ab7f6a8537ccee7e66f4930d40bdee9e0bd39
18a93befebedf6f0635dd4605dd5f8739a4065475eab759b90575bb8df33d466
1ccc48d1627f8d7fd534c6f3121c1aae100460b581bde8d46112c63823bee136
20d63dbcc126818e52bc87240fec52427040fce903d2a0dcf5ba3494ac8a5833
3165ad11e7c865da327622d80ea8eab00af22d9a589d9c4ab72f41fd2a0aba97
3197c28794bce0ca59f22e784c487d9924fb47124e27604380f7f3b0e1c11071
38252fd05e4ab4e2b556031127e6244477d680fe83de25a5b7ed2a5d1e2007b5
38ee3b27d322467736d77fb81e4e8d8ba84ce0f1dbb4b95ae2f97c67213e21ad
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639a221781d4b16685fdeece57014d6e9cd3ab5ece9e045da03dc411ee33c103
655b679e1bf8ecaa5dfba2ddcfe13104cf8f5ce725b4038162790726d5c38c5c
675bd22dfc27f7f5c76d796a5da6817cf577aaefb783d3dd1b2ed89ce47f7cd5
6f303d73059745e5512f2106dda0fdc74544d4f150df3504b664c456e7af8f58
6f41272e96dd3b140dab2d4180d027730fc95fd70a17821247906febce4ab717
7606e85408cc35686abd635f98ed668b36bc7c80b032a0d42b17ec3d9ed68de2
7710f82d194ccc075b7409bf620a35eeeba9de9f0de88c62888560675f28c820
78b9703e715697e2f2ab07665bda1e8c49e0f5c02b5c9ae09cbb72a25e52b8f8
7cca0e02267d9be3a57b5c8a646cf2d397f2d25e8618868212e16950b5254771
898ade2bd846c58229569d56643950af69f268acea4dfb8dbf9883e7f2b88104
8ee86a352602077cabc15bc2206f8a4e3dceb8066b626ba5a981b406f3d4f81a
90029b49c86cea2f8f1d3b563ed49a045a7e668e598d02f0b7530035a40467cd
9580922ee66f527c11a67dd812ee554bd0999c0bfc08d23e766f68c9756b3a82
9925542717338c39e0f70400dbe55cbac77bd451a67375f587b17c670ec532ba
9c2e76647d21e48b1293fc74fa9fd11644a1b9a614163cb475e2e880f85fa16c
9ffa908b53bcc0201ac9492bf1630082863fce1098dc7a41d7c529eab5cf8db0
a855d36181b222016564c919500aed943a3cd3766fe4907bf5d19d5ede93c46e
a8d08bd6524b6439c0c22a8bea2839a071267de4774132d2514544b5b4ace5b9
b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e
c5b950ad159de13ec473984f63ad28362a67fa23a670836cafdd393016a88720
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce5732113fff99931a93b250f84626f735f9ffda33e0a0157ec55256b7c8e537
d37353e5e8c10a4e81392ed1b1ea608088709c38f2b1c217d8f5e3a18fe843a7
dc4c07949967cd563fb8521f9d3ca44eb4cf360f07cd44bcbcae9e1182ca97f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448ba8d144bd89b890d6d8dd3ddf6034195558c3ddc1bb33b172b2cb4eefe98
ebabb707041a952a93bc1ba0f0dd46bf51c162057cf59a67354ff6ac9415cfe9
ec41a19d60bebd53e6b6d9f7d0ccb17e58498c7e9226ff9da7bb34b0a6e72765
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13a667dc62f7c88eb71bf252d7879beb20b50dc72f8f40948fbba45038cc1d6
f6a95e36f526475aeb4a0828792592ee43476d7e516bb777e23070cba401fde9
fdf9b58fcf84b6c75c42ba56855fb02e0a990771aa1932c18a0fa73ef640000a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c