URL: https://www.dllme.com/dll/files/disrupt_b64
Submission Tags: falconsandbox
Submission: On September 28 via api from US — Scanned from US

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 53 HTTP transactions. The main IP is 2606:4700:20::681a:b7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dllme.com.
TLS certificate: Issued by WE1 on September 7th 2024. Valid for: 3 months.
This is the only time www.dllme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 google.com
analytics.google.com — Cisco Umbrella Rank: 158
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 697
92 KB
10 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
td.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
544 B
10 dllme.com
www.dllme.com
109 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
329 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
10 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
106 KB
53 8
Domain Requested by
10 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 www.dllme.com www.dllme.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 pagead2.googlesyndication.com www.dllme.com
pagead2.googlesyndication.com
6 fonts.googleapis.com www.dllme.com
pagead2.googlesyndication.com
3 analytics.google.com 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google-analytics.com www.dllme.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com www.dllme.com
53 11

This site contains no links.

Subject Issuer Validity Valid
dllme.com
WE1
2024-09-07 -
2024-12-06
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.dllme.com/dll/files/disrupt_b64
Frame ID: 007CEAACD9ABB7FFA1E4627526BEBD5F
Requests: 44 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-D6BLLBN8KJ&gacid=1205511664.1727530345&gtm=45je49p0v893056059za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=326935231
Frame ID: ED04291D1DF9943D7BFDF54FB20D1742
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Frame ID: 3AB58B7940EC408670D96967C9AAA394
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727530345&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344589&bpp=3&bdt=619&idt=804&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6580259387428&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fsapi=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=824
Frame ID: 7B57C98B23D2ED15BEFD341EE8E6E9E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=90&slotname=2000779608&adk=3829263019&adf=683863926&pi=t.ma~as.2000779608&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344593&bpp=1&bdt=624&idt=839&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=850
Frame ID: B928EACF3B9F77623D77EACD839BDD41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=280&slotname=3624983147&adk=816304433&adf=1190589511&pi=t.ma~as.3624983147&w=336&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=3&format=336x280&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344594&bpp=1&bdt=625&idt=867&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=148&ady=618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=871
Frame ID: D51C1A6EDD907855E2E2E99EE9495A18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=280&slotname=3960434531&adk=2497587313&adf=3869922905&pi=t.ma~as.3960434531&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344595&bpp=1&bdt=626&idt=885&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x90%2C336x280&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1130&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=889
Frame ID: 293CA8A15F14773AEBF80A6DD603E93A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=280&slotname=5100318203&adk=322289949&adf=489996160&pi=t.ma~as.5100318203&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344596&bpp=1&bdt=627&idt=896&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x90%2C336x280%2C350x280&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1130&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&fsb=1&dtd=899
Frame ID: AFA7AE4DE43B07E42C2DA0B60CAF9DC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Frame ID: 485623E0D4941E7DB0193674C92B1686
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Frame ID: E506C78E408EC6F45C9B65F56D76EE1C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

disrupt_b64.dll : Free .DLL download.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

53
Requests

91 %
HTTPS

67 %
IPv6

8
Domains

11
Subdomains

13
IPs

1
Countries

678 kB
Transfer

1923 kB
Size

56
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://analytics.google.com/g/collect?v=2&tid=G-D6BLLBN8KJ&gtm=45je49p0v893056059za200&_p=1727530343996&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1205511664.1727530345&ul=en-us&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pae=1&_eu=AAg&_s=2&sid=1727530344&sct=1&seg=0&dl=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&dt=disrupt_b64.dll%20%3A%20Free%20.DLL%20download.&cu=USD&en=dllme_details&_c=1&epn.value=0&_et=7&tfd=1328 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1205511664.1727530345&dbk=7414973434245499014&dma=0&en=dllme_details&gtm=45je49p0v893056059za200&npa=0&tid=G-D6BLLBN8KJ&dl=https%3A%2F%2Fwww.dllme.com%3F

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request disrupt_b64
www.dllme.com/dll/files/
24 KB
6 KB
Document
General
Full URL
https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.30
Resource Hash
73e2466033f7ba8d96cdfed08ecd69da94d9727bb19b1b003d0cd5116c29517f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8ca419680ff6cb83-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Sep 2024 13:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbBvXwsb5Y1yMbVKyT21uAEKQEpbc8NtTiIkHvKEYRKk6gf5fl0fUy%2B5bDmv6h2VDfiPI6OIRuY%2BahvH0sq%2Bz8maRT3fnMMqsNfVm3xJJQft6cWr9qLlH%2Btc7xLq6V0mvo08Sp8DEHK4t%2B8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.30
js
www.googletagmanager.com/gtag/
319 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D6BLLBN8KJ
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2dacd5841873d1ccb10c2816cad230191917f2df4ffbcc9ae3467395d7eb4c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 13:32:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107992
x-xss-protection
0
server
Google Tag Manager
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8247854538443942
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
c2d612228b40b5156ed1861c325540f0d3a65c2b0c0f6ef4961ee266171b0a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.dllme.com
Referer
https://www.dllme.com/

Response headers

content-encoding
br
etag
12561973210796054101
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52846
x-xss-protection
0
server
cafe
main.css
www.dllme.com/assets/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.dllme.com/assets/css/main.css?x=1727489952
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3562ef6245c2cf6e9dd7b91fea1e1c72f18db9b1131bcf8309448da372b4d7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66f7679f-1992"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDcWznW0Bki3PAhw12p8csq3IbS9Mppk%2Bu9nXepOu2q61DiFooC9fAUzy%2BcxmInKgTj6be0Ufij%2BkURwlsz5Ma3YjMmmSknpDgQjtcdRVqJrrHWT8uKtnt6OsJCVrTA9vO4xwRySLRiduLA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196a0cedcb83-LAX
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/css
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
base.css
www.dllme.com/assets/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://www.dllme.com/assets/css/base.css?x=1727489952
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601a81a0f4bfdd88c2100500d62af8e767a06b4337c0d911981f267479103b4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66f7679f-4e30"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOjGy4jRfY54knic5ZxKskqYecqyol8cCE%2ByFxLqtDjo1Dqxil3VFVd3ZT02%2Fv3UXA5Wg9bgq%2FKqDh1%2FBn40zI4f9%2BXFAlXSgcTbtEkXfJ9nkG9gNJG%2F2vSxaIOASpj8OusQ4viYfksxsXM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196a0cf0cb83-LAX
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/css
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
logo_large.png
www.dllme.com/img/
2 KB
3 KB
Image
General
Full URL
https://www.dllme.com/img/logo_large.png
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18173dd9c745eee43c5a05589c0bc8e5515c54158a95a03fd5fdc9bd28959325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cf-bgj
imgq:100,h2pri
etag
"66f7679f-b29"
age
5202
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uktdBpihEmg%2Be5%2F48W70SYGU1m1ig9tJuuJYmhAfksBdHCB3kyfGS9OnVyWfIxOGfkruEpm0NkwU4BteFsHB1994OkwfkfFSP%2B0LM5EAM%2F%2Fa3swkIov1fxLz5xC8Ml3t%2Fu%2B2Zc%2FsOO5S%2Bto%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=2857
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
image/webp
content-disposition
inline; filename="logo_large.webp"
vary
Accept
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca4196a0cf5cb83-LAX
accept-ranges
bytes
content-length
2470
server
cloudflare
dll_icon.png
www.dllme.com/img/
3 KB
4 KB
Image
General
Full URL
https://www.dllme.com/img/dll_icon.png
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a08f51c1fa7caf716fc42957b4d57877383ae00bbb0efc8793f5e9a872904e86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cf-bgj
imgq:100,h2pri
etag
"66f7679f-1618"
age
5202
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlK6apCP8wpcPWAprDs2mGySe%2BDcsk%2Fdy%2B28jWsENK6UI4AOY9Hj8q3sCkRTKF2kx4tCxYnRBM93WU4AOnNF14XhNVMrNH8toOEHe%2BmVEvE0q1z2NP%2FKPXeSTOZKnsURaEynDBpYYwt8H1w%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=5656
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
image/webp
content-disposition
inline; filename="dll_icon.webp"
vary
Accept
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ca4196b98e3cb83-LAX
accept-ranges
bytes
content-length
3360
server
cloudflare
64-bit.svg
www.dllme.com/img/
9 KB
4 KB
Image
General
Full URL
https://www.dllme.com/img/64-bit.svg
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946468ffed011229cd92e156f420ae19f943e7c11d2f1c1a3c08d0f35df2073f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66f7679f-24a4"
age
897
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mS2lW1v6dFPPMjkWepT5ApvbJ36T1uv8M0Qa%2BFPV%2F1oax2iOgi2fHhz5Vd6oUw4Zf8ovrh7hSF%2F5jtHq4IseW206bYyijJj18Xv0eo0iZHUjmhypYatR6yCFiVu1EB%2FPNzt0qQzH96u%2Bio%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196a0cf6cb83-LAX
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
image/svg+xml
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
search.mjs
www.dllme.com/js/
1 KB
1007 B
Script
General
Full URL
https://www.dllme.com/js/search.mjs?1727489952
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c464ae0d5fb6251a0bc36d0bc14a2ae8bf7b5d6a1620546f3342535d843c5147

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.dllme.com
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66f7679f-581"
age
6888
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozdj3Hnr2HujHSw0BWxO%2B8RGc0FDT7epfqH6OuSeqKeN55augs8u6WDlVHeEPHl3VpT%2B2BkiJ7%2B35NB9eYcsJANMimGhv4Pzv3XRYQhDBZl%2FuU24bw1yIaGzC1XyOp7OBfLK7vodfUxYci8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196a0cf1cb83-LAX
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
application/javascript
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
details.mjs
www.dllme.com/js/
3 KB
1 KB
Script
General
Full URL
https://www.dllme.com/js/details.mjs?x=1727489952
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25dde052efc2098b5eb49e61683f148a7c9de82793c6b5959732c7163bd731dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.dllme.com
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66f7679f-ca5"
age
6767
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbgoFjV8yeV%2B%2BRPj9El7MmzRPA18baOAo6XZZ8o7%2BhzsKajq%2F%2B8Qccuaq27hG0FrgZQm8Y6CDu5vBZiA49f8UL8G4ed3xyPUEBgzfbc3MqTRu5V0clg96o4F0SS03BYUPese563qopjPQdM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196a0cf4cb83-LAX
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
application/javascript
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
www.dllme.com/assets/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.dllme.com/assets/css/font-awesome.min.css?v=2
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/dll/files/disrupt_b64

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66f7679f-792a"
age
5202
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZ1uKqSeVJDmL0%2BHztxnqUMsFOaZ1dBlX%2B1DMNIdtgk8%2FDxE%2Bj07q60FPABf29IZOPKf59ovThOmN9j64C3AlcNHwhrFUfoiJ948kiB%2FEogP9SK0YVy2TYcE25VCI0kzrXQV2jz9TVZR%2Bog%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196b98e5cb83-LAX
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/css
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,600,600italic,800
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e61d35d0bd2d1571e244091dff0b618ef8df89725a00a5b411caf5aab36d896d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:32:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fontawesome-webfont.woff2
www.dllme.com/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.dllme.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/assets/css/font-awesome.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.dllme.com
Referer
https://www.dllme.com/assets/css/font-awesome.min.css?v=2

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66f7679f-12d68"
age
5201
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7VIkt49a6FA4i6QkBpdmNIBaavu1iYevL7IGOBrG75DNXSBB8Api5FUGPMqyPHFE2KoxAlOXn0KyjGocDCXdJVDedBCuCLcAcxQ66502SveeKPoISLG6BalSEeZ7%2BsQTY3D6BMWFP2qTeo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ca4196c3adbcb83-LAX
accept-ranges
bytes
content-length
77160
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
font/woff2
last-modified
Sat, 28 Sep 2024 02:19:11 GMT
vary
Accept-Encoding
server
cloudflare
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/
90 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/slotcar_library_fy2021.js?bust=31087523
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8247854538443942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
cfb0f5aff31a6a3714a95e4962b7790f747425587b41d5ab8e2bb041effbc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
br
etag
7470324593205225271
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
32118
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/
408 KB
137 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8247854538443942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ff2b855b7a1cd4f6d1c4ce1b54ec1877d779603e118206b8e6cee1b2faef55a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
br
etag
5414311232336995811
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 28 Sep 2024 13:32:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
140370
x-xss-protection
0
server
cafe
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-D6BLLBN8KJ&gtm=45je49p0v893056059za200&_p=1727530343996&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1205511664.1727530345&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1727530344&sct=1&seg=0&dl=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&dt=disrupt_b64.dll%20%3A%20Free%20.DLL%20download.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1317
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6BLLBN8KJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dllme.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:25 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
544 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D6BLLBN8KJ&cid=1205511664.1727530345&gtm=45je49p0v893056059za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6BLLBN8KJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dllme.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:25 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame ED04
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-D6BLLBN8KJ&gacid=1205511664.1727530345&gtm=45je49p0v893056059za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=326935231
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6BLLBN8KJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:32:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-D6BLLBN8KJ&gtm=45je49p0v893056059za200&_p=1727530343996&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1205511664.1727530345&ul=en-us&...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1205511664.1727530345&dbk=7414973434245499014&dma=0&en=dllme_details&gtm=45je49p0v893056059za200&npa=0&tid=G-D6BLLBN8KJ...
0
0
Fetch
General
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1205511664.1727530345&dbk=7414973434245499014&dma=0&en=dllme_details&gtm=45je49p0v893056059za200&npa=0&tid=G-D6BLLBN8KJ&dl=https%3A%2F%2Fwww.dllme.com%3F
Requested by
Host: www.dllme.com
URL: https://www.dllme.com/dll/files/disrupt_b64
Protocol
H2
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
attribution-reporting-info
preferred-platform=os
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger
"https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1205511664.1727530345&dbk=7414973434245499014&dma=0&en=dllme_details&gtm=45je49p0v893056059za200&npa=0&tid=G-D6BLLBN8KJ&dl=https%3A%2F%2Fwww.dllme.com%3F"
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x179546aa26747cb0","source_keys":["1"]},{"key_piece":"0xc01099ff85974c60","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"7414973434245499014","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["1069991169"],"5":["09-28","09-27","09-26"]}}
date
Sat, 28 Sep 2024 13:32:25 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1205511664.1727530345&dbk=7414973434245499014&dma=0&en=dllme_details&gtm=45je49p0v893056059za200&npa=0&tid=G-D6BLLBN8KJ&dl=https%3A%2F%2Fwww.dllme.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:25 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8247854538443942
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dllme.com/

Response headers

zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/ Frame 3AB5
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:28:32 GMT
etag
13108003645644964576
expires
Sat, 12 Oct 2024 13:28:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7B57
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1727530345&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344589&bpp=3&bdt=619&idt=804&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6580259387428&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fsapi=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=824
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
85222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:32:26 GMT
expires
Sat, 28 Sep 2024 13:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B928
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=90&slotname=2000779608&adk=3829263019&adf=683863926&pi=t.ma~as.2000779608&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344593&bpp=1&bdt=624&idt=839&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=850
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46971
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:32:26 GMT
expires
Sat, 28 Sep 2024 13:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D51C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=280&slotname=3624983147&adk=816304433&adf=1190589511&pi=t.ma~as.3624983147&w=336&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=3&format=336x280&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344594&bpp=1&bdt=625&idt=867&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x90&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=148&ady=618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=871
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41472
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:32:26 GMT
expires
Sat, 28 Sep 2024 13:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 293C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=280&slotname=3960434531&adk=2497587313&adf=3869922905&pi=t.ma~as.3960434531&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344595&bpp=1&bdt=626&idt=885&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x90%2C336x280&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1130&ady=296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45491
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:32:26 GMT
expires
Sat, 28 Sep 2024 13:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AFA7
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8247854538443942&output=html&h=280&slotname=5100318203&adk=322289949&adf=489996160&pi=t.ma~as.5100318203&w=350&abgtt=6&fwrn=4&fwrnh=100&lmt=1727530345&rafmt=1&format=350x280&url=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1727530344596&bpp=1&bdt=627&idt=896&shv=r20240925&mjsv=m202409250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x90%2C336x280%2C350x280&nras=1&correlator=6580259387428&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1130&ady=596&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087428%2C31087440%2C95331689%2C95343328%2C31087523&oid=2&pvsid=2159759517506531&tmod=382807941&uas=0&nvt=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&fsb=1&dtd=899
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15343
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:32:26 GMT
expires
Sat, 28 Sep 2024 13:32:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/
172 KB
58 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/reactive_library_fy2021.js?bust=31087523
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ffe0f78635d336245504482df300a84eb0f98e77cf21e6b85dbce61c0732f830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
br
etag
7897472072900153612
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 28 Sep 2024 13:32:26 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
59043
x-xss-protection
0
server
cafe
ca-pub-8247854538443942
fundingchoicesmessages.google.com/i/
200 KB
66 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8247854538443942?href=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9d7129501f7bae1a96d98eb8f8fb783f588978530d947c25448a1a8d8824036
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sVPITPzWwdcPMKI8vuwxzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzEjkWXWD2B-P66S6zPgXjvx0usR4F46f3LrGuBuEjiCmsLEAvxcLzuerCdTWDC5sXzGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDCyNzPQMTOMLDAAuKEtj"
content-security-policy
script-src 'report-sample' 'nonce-sVPITPzWwdcPMKI8vuwxzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dllme.com/

Response headers

AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Su7l5d5DTJX3NOdJyr0CPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dllme.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw0ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiX3r_MuhaIhbg53nQ92M4m8OL3QVEll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgaWSmZ2AeX2AAAHG4Mw0"
content-security-policy
script-src 'report-sample' 'nonce-Su7l5d5DTJX3NOdJyr0CPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dllme.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWiE5RQtuQ7zwdQspSk1C-YVJw477k5iCb4GTRMYxLc_l1OA3H5qAPI86V6ver1AR7efHZcO_6RQGaBrBoHhIkElasjKIIBsfnvLMwngqe-T-KnkRmQQHMdikq5cpLuz_jOzU-agw==
fundingchoicesmessages.google.com/f/
65 KB
20 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWiE5RQtuQ7zwdQspSk1C-YVJw477k5iCb4GTRMYxLc_l1OA3H5qAPI86V6ver1AR7efHZcO_6RQGaBrBoHhIkElasjKIIBsfnvLMwngqe-T-KnkRmQQHMdikq5cpLuz_jOzU-agw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3NTMwMzQ3LDc0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZGxsbWUuY29tL2RsbC9maWxlcy9kaXNydXB0X2I2NCIsbnVsbCxbWzgsIkdFaF9Idld5ZDZRIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82079f9f0a5f4b03030f91dd7e15f0c7e2b936f473ff3d855c84d5e4e2c1eb72
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R6aBdEA91Fl9y1nRV7Z0Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:27 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0JBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzEjkWXWD2B-P66S6zPgXjvx0usR4F46f3LrGuBuEjiCmsLEAvxcLzuerCdTWBF59uJzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBpZGZnoGpvEFBgAwCEuH"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R6aBdEA91Fl9y1nRV7Z0Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
109 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzGK_0RCQy5_szte3NI2IALGljyaA/m=web_iab_us_states_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:32:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
1 KB
526 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0395dcd9a8f11e9e56f06c2d8ab0ab3da420a9903b24525ecd1152249f60f64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:32:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
4 KB
740 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:16:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
656 B
463 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39bf5868a37c55935798e0b56e05bca9d1d7cb49476a15f66f8f2f3b1c141833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 13:32:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
4 KB
717 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 11:35:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GnPJRDhINp9CXMxnSPMGjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dllme.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiX3r_MuhaIhbg53nQ92M4mcOLjXhEll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgaWSmZ2AeX2AAAF5DMtI"
content-security-policy
script-src 'report-sample' 'nonce-GnPJRDhINp9CXMxnSPMGjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dllme.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SGYo6YzjhpVi78MDOHF85w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dllme.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiX3r_MuhaIhbg53nQ92M4m0DDrqbCSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjGwNDLTMzCPLzAAAEESMmU"
content-security-policy
script-src 'report-sample' 'nonce-SGYo6YzjhpVi78MDOHF85w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dllme.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dDLA3d32n-UpGdCckJB1DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dllme.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw1ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiX3r_MuhaIhbg53nQ92M4msKLhm4SSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjGwNDLTMzCPLzAAAEhpMoM"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dDLA3d32n-UpGdCckJB1DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dllme.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eIc_EyBbspq5u03OMsv6Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dllme.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0gDi9BmsQUDsrnWR1R-Il0RcZD2UeJF178dLrEeBeOn9y6xrgViIm-NN14PtbAIXtrSKKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA0sjMz0D8_gCAwBA-jJp"
content-security-policy
script-src 'report-sample' 'nonce-eIc_EyBbspq5u03OMsv6Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dllme.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXa-WIehKMEu40eR2MTlvOmL3f6eMKLGxeglo64oA268s-JBrO4i-o_jPAK53LKmBuekePnbHBh6kfoOGUVsga6pOPYtMOhyz216deX8GQYWwnnalU2KfA7-4Ijp9B12tjGuStZRw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXa-WIehKMEu40eR2MTlvOmL3f6eMKLGxeglo64oA268s-JBrO4i-o_jPAK53LKmBuekePnbHBh6kfoOGUVsga6pOPYtMOhyz216deX8GQYWwnnalU2KfA7-4Ijp9B12tjGuStZRw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3NTMwMzQ3LDk2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTFdXSwiaHR0cHM6Ly93d3cuZGxsbWUuY29tL2RsbC9maWxlcy9kaXNydXB0X2I2NCIsbnVsbCxbWzgsIkdFaF9Idld5ZDZRIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzEzLCJbXCJEQkFCTH5CVlFxQUFBQUFnXCIsW1s3LFsxNzI3NTMwMzQ3LDgyNDA5NzAwMF1dXV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4276ee075fe85c71ca2cb53bdf132c77d8f67816b3bccfcce6401cdd07542e19
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cLg63tSwq3Dv0n9T5ek2KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQC3FzvOl6sJ1N4MfPiQpKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgaWRmZ6BqbxBQYAqkpGag"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cLg63tSwq3Dv0n9T5ek2KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/ Frame 4856
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:28:32 GMT
etag
13108003645644964576
expires
Sat, 12 Oct 2024 13:28:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/ Frame E506
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240925/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409250101/show_ads_impl_fy2021.js?bust=31087523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dllme.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 28 Sep 2024 13:28:32 GMT
etag
13108003645644964576
expires
Sat, 12 Oct 2024 13:28:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtg.woff2
fonts.gstatic.com/s/googlesanstext/v22/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
ba191bf3b5c39a50676e4ecae47adff7f404f9481890530cdbf64252fbb1a57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.dllme.com
Referer
https://fonts.googleapis.com/

Response headers

age
265564
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 11:46:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 11:46:24 GMT
last-modified
Wed, 31 Jul 2024 20:32:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16396
x-xss-protection
0
server
sffe
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.dllme.com
Referer
https://fonts.googleapis.com/

Response headers

age
281302
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 07:24:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 07:24:06 GMT
last-modified
Wed, 31 Jul 2024 20:31:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15996
x-xss-protection
0
server
sffe
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-D6BLLBN8KJ&gtm=45je49p0v893056059za200&_p=1727530343996&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1205511664.1727530345&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1727530344&sct=1&seg=0&dl=https%3A%2F%2Fwww.dllme.com%2Fdll%2Ffiles%2Fdisrupt_b64&dt=disrupt_b64.dll%20%3A%20Free%20.DLL%20download.&_s=3&tfd=4956
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D6BLLBN8KJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.dllme.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.dllme.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/plain
server
Golfe2
/
fundingchoicesmessages.google.com/f/AGSKWxUROPPXz8fRoJ6abXHQ7wvMQiRNm3VByhA-dOxjfuhUP8MPcMtUKYA_D0DadRZumv0HkK9-LYd7zIkWcE3ts278GUJ3i3qMBH_kwc4o6w_l_Cyks6oTAA8Mj7sk4Dgv5eYiCYVmiTeOTwwG2_8OWxh7CIlfz...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUROPPXz8fRoJ6abXHQ7wvMQiRNm3VByhA-dOxjfuhUP8MPcMtUKYA_D0DadRZumv0HkK9-LYd7zIkWcE3ts278GUJ3i3qMBH_kwc4o6w_l_Cyks6oTAA8Mj7sk4Dgv5eYiCYVmiTeOTwwG2_8OWxh7CIlfz178xQmYzZuiF7lWFgUzb8c7SwGVqIsy/_:-abp-properties(data:)/img/468_60_ad_125x125./ad_onclick._yahooads/
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_wall_executable/ed=1/rs=AJlcJMzGK_0RCQy5_szte3NI2IALGljyaA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
3aa7c3d350c98bdf977709dfdc557f2c7d33286866047456b82d2a79031611b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Mig8vzojVldWWZJ-fFuGBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B-IlERdZjyReZDVUuMTqDMSORZdYPYH4_rpLrM-BeO_HS6xHgXjp_cusa4G4SOIKawsQC_FwvOl6sJ1N4MaP3qnMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGlkZmegam8QUGAPEPRr8"
content-security-policy
script-src 'report-sample' 'nonce-Mig8vzojVldWWZJ-fFuGBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_us_states_wall_executable/ed=1/rs=AJlcJMzGK_0RCQy5_szte3NI2IALGljyaA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
17f0978642d8562f7d293e7934ae57e0cc01a4960b8d13475bca8146394ca1a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.dllme.com/

Response headers

content-encoding
br
etag
5538468100424109072
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 13:32:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52471
x-xss-protection
0
server
cafe
AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.GEh_HvWyd6Q.es5.O/am=QDA/d=1/rs=AJlcJMyM-XmXkyMBCPQ8zdQ4ofl36cWTSw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WQoXi5BVBZ-hVo_UPPUl7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.dllme.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 13:32:28 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw1JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiX3r_MuhaIhXg43nQ92M4m8GDr40nMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNLITM_APL7AAACdjTNX"
content-security-policy
script-src 'report-sample' 'nonce-WQoXi5BVBZ-hVo_UPPUl7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.dllme.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxU0GSTG83sGoIDPOQSfpG7ZWtLl9WBFr6WgaUgv5CYI7R1WCcAZfBDPrOFCvAc2CrslaP2OVDPo6bWnB8fzipjYqbt8ihpy1ZeUFTJ2OZbVrBwO2BtrS7Fh_K0NBydqpk45cTMm9g==
fundingchoicesmessages.google.com/f/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVFZoeytbkTB4P0B46TEXvoDsgQFoKSfHU7c4F3_CssDPGDFLYElRIRejXeSUE7uAhhNmsf6ybJSDfMeJkQGlMFmCHtVjSOw3Co88Jqbq_yaF3cgiMANhC-dDp_3xMiX3sOXX_17w==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/f/AGSKWxU0GSTG83sGoIDPOQSfpG7ZWtLl9WBFr6WgaUgv5CYI7R1WCcAZfBDPrOFCvAc2CrslaP2OVDPo6bWnB8fzipjYqbt8ihpy1ZeUFTJ2OZbVrBwO2BtrS7Fh_K0NBydqpk45cTMm9g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3NTMwMzQ4LDk2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTEsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmRsbG1lLmNvbS9kbGwvZmlsZXMvZGlzcnVwdF9iNjQiLG51bGwsW1s4LCJHRWhfSHZXeWQ2USJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxMywiW1wiREJBQkx-QlZRcUFBQUFBZ1wiLFtbNyxbMTcyNzUzMDM0Nyw4MjQwOTcwMDBdXV1dIl1dXQ

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| gtag object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmVhNWJhZmZmNGQzZDI4MGxvYWRlcl9qcw== string| NmVhNWJhZmZmNGQzZDI4MGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_pso_loaded_fonts boolean| 60387273-1914-44a2-ac25-bd2b1ef591df

56 Cookies

Domain/Path Name / Value
.dllme.com/ Name: _ga
Value: GA1.1.1205511664.1727530345
.www.google-analytics.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmRkjkbRrxzzAcjEVFJrfwvgcgb2a3Cggf1aX-LB7HH74WyrDOt6rANm3XTHBU
.dllme.com/ Name: __gads
Value: ID=2ae713b9c6ae7d52:T=1727530345:RT=1727530345:S=ALNI_MZj-UDPX0PztBwJz5EEZGMII9VL9g
.dllme.com/ Name: __gpi
Value: UID=00000f0873cceb29:T=1727530345:RT=1727530345:S=ALNI_MahV1ks6p6_-S2JQYCP2nLxd8jm6Q
.dllme.com/ Name: __eoi
Value: ID=bc1c0892a9cd2eaa:T=1727530345:RT=1727530345:S=AA-AfjbIpMlNa0X0qB2idPh5iI9f
.tribalfusion.com/ Name: ANON_ID
Value: aLnoeUpkijsDifqGdSrvUunFJmRsMboal86ZcPG9n
.casalemedia.com/ Name: CMID
Value: ZvgFa8AoI9wAAAZRAFzlzwAA
.casalemedia.com/ Name: CMPS
Value: 2328
.casalemedia.com/ Name: CMPRO
Value: 2328
.linkedin.com/ Name: bcookie
Value: "v=2&c98f5ea3-2c4e-4a97-8e51-3ebd0b4a38d0"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2891:u=1:x=1:i=1727530347:t=1727616747:v=2:sig=AQERnQiVQdfXbzjJImEOLaNhdSlD5Log"
.googleadservices.com/ Name: ar_debug
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B011D7EB-7B63-4C47-169F-3B5DA823F077%22%7D
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwPCZp77AQgHX1P7CHE4nYm2JEMIQDttCI-41frP5BrV0-yqlmwDQHGAsrMC4Q2
.contextweb.com/ Name: V
Value: OHVGzktohou9
.contextweb.com/ Name: VP
Value: part_OHVGzktohou9
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ce759d2a2f999558
.mxptint.net/ Name: mxpim
Value: R33646_11C907B88_2B126F72.1.66F8056B
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.mediago.io/ Name: __mguid_
Value: 4acc629183d5363028eu2100m1m6yr08
.inmobi.com/ Name: idsp_c
Value: ecb7e8d1-5ab8-43f2-826c-25db2234bb93
.owneriq.net/ Name: si
Value: Q7808167471362963301P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.ipredictive.com/ Name: cu
Value: f8620e45-b149-410d-9480-07e1774c45ad|1727530347361
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5ee85c3f-33b6-5af6-735c-6f6c1cec8cc4.XVxdKuuFnJAaqQmQA41%2BOm4sYgfS8BNirOxg%2BIglB1U
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5ee85c3f-33b6-5af6-735c-6f6c1cec8cc4.XVxdKuuFnJAaqQmQA41%2BOm4sYgfS8BNirOxg%2BIglB1U
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AXuhcPzO2WvZzXG9sHOyMxKL1zvg.cLHdvtGLaLdXs9WbxqMx8h8JQfPZ2druLNI5T4RcEOw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AXuhcPzO2WvZzXG9sHOyMxKL1zvg.cLHdvtGLaLdXs9WbxqMx8h8JQfPZ2druLNI5T4RcEOw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINP6C5bZG_PyMfHFoncdHsbe8k9lUqMWqcqZCt20K5mcEGcYBCDriuC3BjABOgS9RxseQgQgsYkY.OigwzLdduyJpfbxrfX1pf5giE%2BnoL1SXajbVGHyI0wE
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINP6C5bZG_PyMfHFoncdHsbe8k9lUqMWqcqZCt20K5mcEGcYBCDriuC3BjABOgS9RxseQgQgsYkY.OigwzLdduyJpfbxrfX1pf5giE%2BnoL1SXajbVGHyI0wE
.doubleclick.net/ Name: APC
Value: AfxxVi4gPvEND2nYmLt2SfSbHr6egOcHD9B_z6Dr7RK99aw6a-babw
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 2f3ca94b-24fd-4e9d-abe9-b698a9a010c9
beacon.lynx.cognitivlabs.com/ Name: ss
Value: LV83%2FWTG0RMBtcZeAf4%2F23O0QJhaOFJj1OWTW3lt8385pafh%2BfnVNFLylYIzsTf5RY3V%2F40j%2BvTf%2Bw4ii%2FqEFQ%3D%3D
.creativecdn.com/ Name: ts
Value: 1727530347
.creativecdn.com/ Name: g
Value: tWueLXLVk0FQFnqBDb1L_1727530347392
.ctnsnet.com/ Name: cid_7a5b5081887e4f8eb32e01534f31b62d
Value: 1
.uncn.jp/ Name: t
Value: v_9030676a-18fa-4107-9f09-72f62fced313
.dllme.com/ Name: FCCDCF
Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B13%2C%22%5B%5C%22DBABL~BVQqAAAAAg%5C%22%2C%5B%5B7%2C%5B1727530347%2C824097000%5D%5D%5D%5D%22%5D%5D%5D
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B011D7EB-7B63-4C47-169F-3B5DA823F077%22%7D
.adsrvr.org/ Name: TDID
Value: 9ac84d92-97fd-464d-a26b-bd90d3cd9112
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI3sD6_IDzrz0QBRgFIAEoAjILCOKjyaiX8689EAU4AQ..
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: cc6469d0-05b3-4b9f-8e84-ab42bc07c90b
.bidswitch.net/ Name: c
Value: 1727530348
.bidswitch.net/ Name: tuuid_lu
Value: 1727530348
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDe1sDQwMjQ0sbAwszQ1FuIz1HXWNQjwKs3XzXL2KgMASvBVeiQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDe1sDQwMjQ0sbAwszQ1FuIz1HXWNQjwKs3XzXL2KgMASvBVeiQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_3vFyGtobmRuamxgbGJhYWgKAOcCA60QAAAA
.adform.net/ Name: uid
Value: 1485892279301823217
.bidswitch.net/ Name: google_push
Value: AXcoOmRYOVwHO49_GVMwRZ9vKehyR4CJdNzTsQySD-6TO59xU4AyLDy8uN2gZmJesrVDBsxSShjkPZpEHN0MzaVroHzp99IRlnFc
.adx.opera.com/ Name: UID
Value: OPU5a6188a29e9c461ab9c7c9f1c5ad168f
.dllme.com/ Name: _ga_D6BLLBN8KJ
Value: GS1.1.1727530344.1.0.1727530349.55.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
td.doubleclick.net
www.dllme.com
www.google-analytics.com
www.googletagmanager.com
fundingchoicesmessages.google.com
142.250.80.14
142.251.32.99
142.251.40.130
142.251.40.226
2606:4700:20::681a:b7e
2607:f8b0:4004:c1f::9c
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80c::200e
2607:f8b0:4006:817::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::200e
17f0978642d8562f7d293e7934ae57e0cc01a4960b8d13475bca8146394ca1a6
18173dd9c745eee43c5a05589c0bc8e5515c54158a95a03fd5fdc9bd28959325
25dde052efc2098b5eb49e61683f148a7c9de82793c6b5959732c7163bd731dd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dacd5841873d1ccb10c2816cad230191917f2df4ffbcc9ae3467395d7eb4c9b
39bf5868a37c55935798e0b56e05bca9d1d7cb49476a15f66f8f2f3b1c141833
3aa7c3d350c98bdf977709dfdc557f2c7d33286866047456b82d2a79031611b6
4276ee075fe85c71ca2cb53bdf132c77d8f67816b3bccfcce6401cdd07542e19
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
601a81a0f4bfdd88c2100500d62af8e767a06b4337c0d911981f267479103b4e
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
73e2466033f7ba8d96cdfed08ecd69da94d9727bb19b1b003d0cd5116c29517f
82079f9f0a5f4b03030f91dd7e15f0c7e2b936f473ff3d855c84d5e4e2c1eb72
946468ffed011229cd92e156f420ae19f943e7c11d2f1c1a3c08d0f35df2073f
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
a08f51c1fa7caf716fc42957b4d57877383ae00bbb0efc8793f5e9a872904e86
a3562ef6245c2cf6e9dd7b91fea1e1c72f18db9b1131bcf8309448da372b4d7d
b9d7129501f7bae1a96d98eb8f8fb783f588978530d947c25448a1a8d8824036
ba191bf3b5c39a50676e4ecae47adff7f404f9481890530cdbf64252fbb1a57e
c2d612228b40b5156ed1861c325540f0d3a65c2b0c0f6ef4961ee266171b0a84
c464ae0d5fb6251a0bc36d0bc14a2ae8bf7b5d6a1620546f3342535d843c5147
cfb0f5aff31a6a3714a95e4962b7790f747425587b41d5ab8e2bb041effbc1a7
d0395dcd9a8f11e9e56f06c2d8ab0ab3da420a9903b24525ecd1152249f60f64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61d35d0bd2d1571e244091dff0b618ef8df89725a00a5b411caf5aab36d896d
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
ff2b855b7a1cd4f6d1c4ce1b54ec1877d779603e118206b8e6cee1b2faef55a6
ffe0f78635d336245504482df300a84eb0f98e77cf21e6b85dbce61c0732f830