down10.software Open in urlscan Pro
2606:4700:3031::ac43:93e6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://down10.software/download-snipping-tool/
Effective URL:
https://down10.software/download-snipping-tool/
Submission: On July 28 via manual (July 28th 2021, 8:52:22 am UTC) from IL

Summary HTTP 97 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 97 HTTP transactions. The main IP is 2606:4700:3031::ac43:93e6, located in United States and belongs to CLOUDFLARENET, US. The main domain is down10.software.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2021. Valid for: a year.

This is the only time down10.software was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3031::ac43:93e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	159.89.156.160 159.89.156.160	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	138.68.16.227 138.68.16.227	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
97	19

17 2606:4700:3031::ac43:93e6 (United States)

ASN13335 (CLOUDFLARENET, US)

down10.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.89.156.160 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

blog.down10.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.68.16.227 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: winpage-down4you.software

cdn.down10.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	down10.software down10.software blog.down10.software cdn.down10.software	867 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	238 KB
14	doubleclick.net googleads.g.doubleclick.net	59 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	159 KB
5	google.com 3 redirects adservice.google.com www.google.com	1 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	googletagservices.com www.googletagservices.com	140 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	googletagmanager.com www.googletagmanager.com	39 KB
97	13

	Domain	Requested by
17	down10.software	down10.software
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	down10.software pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cdn.down10.software	down10.software
6	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects down10.software
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	blog.down10.software	down10.software
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects down10.software
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	down10.software
97	18

This site contains links to these domains. Also see Links.

Domain
blog.down10.software
www.blazingtools.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-25` - `2022-05-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
blog.down10.software Sectigo RSA Domain Validation Secure Server CA	`2021-03-22` - `2022-03-22`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
cdn.down10.software Sectigo RSA Domain Validation Secure Server CA	`2021-03-18` - `2022-03-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://down10.software/download-snipping-tool/
Frame ID: 22B37B1F2E6EFCEAF75A021A4E356DB7
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210722/r20190131/zrt_lookup.html
Frame ID: EACAF5A6AFFD892C893E80A934B765A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&adk=1812271804&adf=3025194257&lmt=1627462324&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324092&bpp=3&bdt=189&idt=219&shv=r20210722&ptt=9&saldr=aa&abxe=1&nras=1&correlator=626539801678&frm=20&pv=2&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: DFD6454AA8FBBF17DED2EA6D39736FAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281
Frame ID: 55E7F92989E33BC9D4B8852F54935C15
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290
Frame ID: 78D54BDC98B0177C1BBF4A4C3AD1D461
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295
Frame ID: CC153FDFFB1FF70BB26ED5BB0755D861
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9433485D33A0F88C33AC4E63E4F765E3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 41B61BFF7E2AD75DC01A5C06DADDB0A2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js
Frame ID: 820187C452B74707BFC978CBDB915197
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7C26B160C84CC1567324B66315BF6368
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BD9E2E94806310648104E622216F5CBF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0832D5C26A3635424F3DB8A68AA06F50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

97
Requests

100 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

19
IPs

3
Countries

1598 kB
Transfer

3044 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.down10.software/
Title: Guides & Reviews

Search URL Search Domain Scan URL

URL: https://www.blazingtools.com/
Title: BlazingTools Software

Search URL Search Domain Scan URL

URL: https://blog.down10.software/how-to-fix-the-msvcp100-dll-error
Title: How to fix the MSVCP100.dll error?

Search URL Search Domain Scan URL

URL: https://blog.down10.software/how-to-fix-broken-windows-10-bootloader
Title: How to fix broken Windows 10 bootloader?

Search URL Search Domain Scan URL

URL: https://blog.down10.software/windows-recycle-bin-tricks-and-tips
Title: Windows Recycle Bin Tricks and Tips

Search URL Search Domain Scan URL

URL: https://blog.down10.software/fix-the-discord-mic-not-working-proven-2021-guide-the-best-methods-only
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9348.vD-3myRFu5_fPCXorNYfI5ZbNM5j7aWvZLGAZ9h1kEVW_kZNMvf_3aUC4NhTfIJl.ydva-EsI3eyhxR2GHSJs6jzD4_4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9348.dUnFdzkJYqNeHiYf8Mj67O056JAZbctLp_EEPSEE3JesoJfXyqKGkmmW-5HfGUSgoup_pS6F0L8USeBKi9vpBQ%2C%2C.YbugjyU2J4muc42dWfoebRRXOVw%2C

Request Chain 45

https://mc.yandex.com/watch/70973197?wmode=7&page-url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A605%3Acn%3A1%3Adp%3A0%3Als%3A1131994456867%3Ahid%3A580188862%3Az%3A120%3Ai%3A202107280105204%3Aet%3A1627462324%3Ac%3A1%3Arn%3A957979374%3Au%3A1627462324795403882%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627462322924%3Ads%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C161%2C1%2C%2C%2C%2C1141%3Adsn%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C172%2C0%2C%2C%2C%2C1142%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627462325%3At%3ASnipping%20Tool%20Free%20Download%20for%20Windows%2010%2C%207%2C%208%2F8.1%20%7C%20Down10.Software HTTP 302
https://mc.yandex.com/watch/70973197/1?wmode=7&page-url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A605%3Acn%3A1%3Adp%3A0%3Als%3A1131994456867%3Ahid%3A580188862%3Az%3A120%3Ai%3A202107280105204%3Aet%3A1627462324%3Ac%3A1%3Arn%3A957979374%3Au%3A1627462324795403882%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627462322924%3Ads%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C161%2C1%2C%2C%2C%2C1141%3Adsn%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C172%2C0%2C%2C%2C%2C1142%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627462325%3At%3ASnipping%20Tool%20Free%20Download%20for%20Windows%2010%2C%207%2C%208%2F8.1%20%7C%20Down10.Software

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

97 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
down10.software/download-snipping-tool/ 32 KB
8 KB 968ms
916ms Document
text/html 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/download-snipping-tool/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991135250c181990b24b41eff4cc78cfd4d996746fdc2dbe097df511911cb527

Request headers

:method: GET
:authority: down10.software
:scheme: https
:path: /download-snipping-tool/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: userId=9900015080; expires=Sun, 26-Sep-2021 08:52:03 GMT; Max-Age=5184000; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajn%2BgUHM7Z%2BhJr%2BbUsuFxw%2BtuBMBQQ5UWedowMJx5w8Us51Od%2FIBbTyh20kUNnF1GrlDvLqka7bUDNFeKuq2%2FWJ3AhzfvMcydOMCIARdcLdYzvtM1CuuSBfXiKGktMrMrrvEn6EFVhSN1ivrYeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 675cde7e9f2f4e0d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 fresco.css
down10.software/css_s/ 28 KB
5 KB 34ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/css_s/fresco.css?v=12
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 433a3bc0009b8a1cb24c10a5826e69b3f51ec5b471c6ba7e22ed72d43a9acda1

Request headers

:path: /css_s/fresco.css?v=12
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 07:22:34 GMT
server: cloudflare
age: 3373
etag: W/"7031-5bf48ad900280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2F51z2BQTRx4zRpe09I3dXbE7NnnVBXbSvd2dJprgVI3j2KvUF5ba1rW9K%2FrxvuOl4IemFQes4z9lBVWGk9Q2bInozatVwdXVc6D1lqSr7YX9z7JwDtwDo8oUnDKEuYJOC%2FkZFbjftaeg7o5%2B64%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 675cde848c08325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.css
down10.software/css_s/ 84 KB
18 KB 37ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/css_s/style.css?v=16.2
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9faf9d24bc8e80d2d436dbbf85374ac4355fd31bc7e6fa7bf4564a5f8431dc5b

Request headers

:path: /css_s/style.css?v=16.2
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jul 2021 11:34:45 GMT
server: cloudflare
age: 3373
etag: W/"14f30-5c80523d35f40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I95iv8%2BvFs1CgSaG1zg6Wub0nS51SuNMBrylURiVSSnn2tsqR54OVllfnKCmC5LhiL8o5w0FkxIbdPaQHl03hVI5Z%2FvlCq2qVey60UbOKVLIFjO2cm5rkSdblrEINoPbAX%2F7Tr2FRpgbu9bJWMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 675cde847c04325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 editor.css
down10.software/css_s/ 3 KB
1 KB 30ms
16ms Stylesheet
text/css 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/css_s/editor.css?v=12
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523c402aa4be19b31653669e87fd90f053404adaee1fc9014319dedc2c78baf8

Request headers

:path: /css_s/editor.css?v=12
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 07:22:19 GMT
server: cloudflare
age: 3373
etag: W/"c47-5bf48acab20c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHInoQ3eecFKNjADODnwSLTMTFhBToGsTkzqgrybcoIlYOqh776oK6tcUEhZ9DiRQjzvsOGGgVdgj1oxkVpDUN3TUDYilHDNFEytDwgewqDyJlucffDFaJYOZtdKRdZ6YLMFIPlK%2B562yZMHfK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 675cde848c0a325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 lazysizes.min.js Show response
down10.software/js/ 8 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/js/lazysizes.min.js
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

:path: /js/lazysizes.min.js
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 07:30:58 GMT
server: cloudflare
age: 3373
etag: W/"1ed1-5bf48cb9a7080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVv%2FTlW0lib1Fu7W4BhDZgFkQgvZ4z4p2c%2BRlWmoaKPSC3VH3bedXzjVG2TcOcX7C07iP4YMJa2g7f0wBoTXOpLoRrblPyra96ttT3whgHgYBOKULMyYTkF33WZho8K2bbOFbHXbFTDDfTFZfy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 675cde84ac4a325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109757237-1

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df3b967463b9f48f46f94c11a2dc568dd6b4ab2d91d604af3d3f8d8f19a04ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40199
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jul 2021 08:52:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecca0f863a2fac8c6c57e14c4605684f57243920be71a5c2a4cb122f1caee4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49275
x-xss-protection: 0
server: cafe
etag: 17184474714297256568
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:52:03 GMT

GET
H3-29 200 logo.svg
down10.software/images_s/ 6 KB
3 KB 23ms
22ms Image
image/svg+xml 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/images_s/logo.svg
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67b8727972546b8115e513756059d6157a3958ef435f7996fe538a9a042377e

Request headers

:path: /images_s/logo.svg
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Apr 2021 20:42:18 GMT
server: cloudflare
age: 3373
etag: W/"1821-5beef446cde80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FNYjZZlASgkeBBOdLKRiZd%2BlzlLg5B4QvioBnxGftR1cV7ObirMJ3xxW3Pr2uVLMd%2FwxGCocK6zoKhqay3DCn5U3KJVTnaS%2B62xfXyVXWZazn4j8d4%2Fh%2FqRi4bfE72jpkNScG4Zgj8PbIrk5Lw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 675cde84bc5a325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 thumbnail.png
down10.software/data/download-snipping-tool/thumbnail/ 16 KB
17 KB 15ms
13ms Image
image/png 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/data/download-snipping-tool/thumbnail/thumbnail.png
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7962b09fffc06c94a4856fc5e6f3fdb65c03cf3b17fcaf0b7ad13043b3d9e3

Request headers

:path: /data/download-snipping-tool/thumbnail/thumbnail.png
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16809
last-modified: Wed, 17 Mar 2021 22:17:33 GMT
server: cloudflare
etag: "41a9-5bdc2d980e8b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKJUhj7g0EUYQAof6rUUA1xU0A3Pl6NJlGLzt3iHiQjArNXT%2FdpJhyYF6OEigoQH2aJBbezrUaiqJcknAB0DryrnNjgTjesNZl4oxfwVUKja4i3pDjsX2zlnZRRHGCeG5cXHXYaoMBTQ2J0%2FBUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 675cde84bc5d325c-FRA

GET
H3-29 200 screenshot1.jpg
down10.software/data/download-snipping-tool/screenshot/ 16 KB
16 KB 24ms
22ms Image
image/jpeg 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/data/download-snipping-tool/screenshot/screenshot1.jpg
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88fd5f5416995decb383947d3c5796984f1c29327b8095452776fbb39b7f41d

Request headers

:path: /data/download-snipping-tool/screenshot/screenshot1.jpg
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15969
last-modified: Wed, 17 Mar 2021 22:17:34 GMT
server: cloudflare
etag: "3e61-5bdc2d9857c94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rINDUawjZlNKXG4yY%2Bct%2Bp2uqjhBCdrlnFXPY6zWRs3trFnsOwzTobJew29YXMQB1bbmh093bBCV1ZyYJlv3JFBxULBaK1hpG5F19NhjIrYX4kvhge983jSkWxVIihat2aXnS2YeF2zhz7XQSqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 675cde84bc61325c-FRA

GET
H/1.1 200
OK 10.png
blog.down10.software/wp-content/uploads/2021/03/ 6 KB
6 KB 542ms
172ms Image
image/png 159.89.156.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.down10.software/wp-content/uploads/2021/03/10.png
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.89.156.160 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c9f288b3c9c78907f8adf1fd919894c5aae7e80229cceb6bcd55c6018121958

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Tue, 23 Mar 2021 12:27:28 GMT
Server: nginx
ETag: "6059deb0-16ce"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5838
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK how-to-fix-broken-windows-10-bootloader_preview_730.jpg
blog.down10.software/wp-content/uploads/2021/06/ 197 KB
198 KB 713ms
332ms Image
image/jpeg 159.89.156.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.down10.software/wp-content/uploads/2021/06/how-to-fix-broken-windows-10-bootloader_preview_730.jpg
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.89.156.160 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 99309e993c929a82a466d26021100ec470f591b2da0c96539163beabdb95d05b

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Fri, 18 Jun 2021 12:41:10 GMT
Server: nginx
ETag: "60cc9466-315d1"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 202193
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK windows-recycle-bin-tricks-and-tips_preview_730.jpg
blog.down10.software/wp-content/uploads/2021/06/ 172 KB
173 KB 730ms
332ms Image
image/jpeg 159.89.156.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.down10.software/wp-content/uploads/2021/06/windows-recycle-bin-tricks-and-tips_preview_730.jpg
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.89.156.160 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 477060b73661e5025ee2218c2ea3f665470c95b4e7f9b9332cfc90f2fe3dc6bb

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Tue, 22 Jun 2021 21:58:32 GMT
Server: nginx
ETag: "60d25d08-2b1be"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 176574
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 25.jpg
blog.down10.software/wp-content/uploads/2021/03/ 15 KB
15 KB 737ms
331ms Image
image/jpeg 159.89.156.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.down10.software/wp-content/uploads/2021/03/25.jpg
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.89.156.160 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ceff97cb7824d927a74228ecf5cf9222706055d474c9a6732e4246bf8b078edb

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Tue, 23 Mar 2021 13:47:43 GMT
Server: nginx
ETag: "6059f17f-3c14"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 15380
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 app.js Show response
down10.software/js/ 316 KB
77 KB 23ms
23ms Script
application/javascript 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/js/app.js
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5355002fc74b6e9688e6d87ce258df989f9f2f58992fef18dde26219982d692

Request headers

:path: /js/app.js
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jul 2021 10:46:39 GMT
server: cloudflare
age: 3373
etag: W/"4eff5-5c80477ce81c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEHxspWxD9xdpANHH34gxjPwiofngvAPATjzkZG12CNuhra2FsixLvh7%2FUMG%2BblKOgpxLsFytvduWNDjjE5xSaiTcYdzAYvrMD4uuLDqN8pxpsqKaBDSRVZlokOv1hov4P0l%2FpHQVt6IcQP%2BNSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 675cde84ac35325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 225 KB
72 KB 137ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3622803b5ff8a7d9c8f8441aa9b7b64ff3b65230e3a80a3ace31656c7502c860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 15:41:31 GMT
etag: "60fe83e9-11d7d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73085
expires: Wed, 28 Jul 2021 09:52:04 GMT

GET
H3-29 200 roboto-regular.woff2
down10.software/css_s/fonts/ 19 KB
20 KB 23ms
22ms Font
application/octet-stream 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/css_s/fonts/roboto-regular.woff2
Requested by: Host: down10.software
URL: https://down10.software/css_s/style.css?v=16.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4411c8c8a8f431687b7827cc2997d0fade85e1eddb2043ad3dd9b5a119751a7

Request headers

sec-fetch-mode: cors
origin: https://down10.software
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: userId=9900015080
:path: /css_s/fonts/roboto-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: down10.software
referer: https://down10.software/css_s/style.css?v=16.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://down10.software
Referer: https://down10.software/css_s/style.css?v=16.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 02:21:29 GMT
server: cloudflare
age: 2676
etag: "4cb4-5bc480ad5bc40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Vey8JvJ1G%2BafSIkWf83LYcLnV5zAO%2BqDEYJ2Lu80pchI1iiiu6ACLjlfjnKGcEWkPUN5f8xa5909SO37ewWLqyuJji%2FEQDjJXSdSsit4uqfT2MpMIz0dOLgd5neX8g9KFn108beJ99mCRs8908%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 675cde84bc69325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19636

GET
H3-29 200 roboto-bold.woff2
down10.software/css_s/fonts/ 19 KB
20 KB 19ms
19ms Font
application/octet-stream 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/css_s/fonts/roboto-bold.woff2
Requested by: Host: down10.software
URL: https://down10.software/css_s/style.css?v=16.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed295a8f5e4a8100392721d5a8f17ff6ea735745f6a2ed4739c997603b3be601

Request headers

sec-fetch-mode: cors
origin: https://down10.software
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: userId=9900015080
:path: /css_s/fonts/roboto-bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: down10.software
referer: https://down10.software/css_s/style.css?v=16.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://down10.software
Referer: https://down10.software/css_s/style.css?v=16.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 02:21:06 GMT
server: cloudflare
age: 2676
etag: "4d3c-5bc480976c880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuVwEt6sB%2F11CXHQ0m9LSySL1qru1J3e3SnV1FDfCpx7lU%2BhDNrInkFuBT6YH64mpZG%2BY%2B1BvziYfZFPtcCvHYv9JDIZXBw%2F79VUZhdge8ou8O4U3jzSsiUuV6XbhrrWCdTdr3FfP5MWq3XVe%2B4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 675cde84bc6d325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19772

GET
H3-29 200 roboto-light.woff2
down10.software/css_s/fonts/ 19 KB
20 KB 21ms
21ms Font
application/octet-stream 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://down10.software/css_s/fonts/roboto-light.woff2
Requested by: Host: down10.software
URL: https://down10.software/css_s/style.css?v=16.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e8e43184b2d28d210d0669e38c562f3f995edc9827fda433aef08e8c1b9420

Request headers

sec-fetch-mode: cors
origin: https://down10.software
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: userId=9900015080
:path: /css_s/fonts/roboto-light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: down10.software
referer: https://down10.software/css_s/style.css?v=16.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://down10.software
Referer: https://down10.software/css_s/style.css?v=16.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:03 GMT
cf-cache-status: HIT
last-modified: Sat, 27 Feb 2021 02:21:14 GMT
server: cloudflare
age: 2676
etag: "4c14-5bc4809f0da80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmw01cqdXGqnVd0NTF2qmMMuMusUR61lJJwZMKlKoXSGJcX9gYKKEdiCe6tatkXpgVAUh35QJgFqqlvL9E%2FO9Hqi5dtftsBmL6%2BHQyNo2yp39bRQwFeAHDhlxhvVbKgwhQlo6hwL%2FVIoemSRmoo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 675cde84bc71325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19476

GET
H3-29 200 ico-arrow-down.png
down10.software/img/ 1 KB
2 KB 13ms
12ms Image
image/png 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/img/ico-arrow-down.png
Requested by: Host: down10.software
URL: https://down10.software/css_s/style.css?v=16.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f61cef437824d8dcd0119a2ab0478ea5d8b204e6c86c04f568a4c864784fac

Request headers

:path: /img/ico-arrow-down.png
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/css_s/style.css?v=16.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/css_s/style.css?v=16.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3374
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1266
last-modified: Thu, 25 Apr 2019 16:03:35 GMT
server: cloudflare
etag: "4f2-5875cf5da03c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaQ2GqQ5RLBXhnzlaURhtbs3vsy0pDfaCnxuBJmaFeMd%2F6CXRj%2BnakRxgpyuMgcDrtnRYiQF6jjJKXYv%2Fg7Guac43Q9NrH0QtjQi3RFhIvwCJJ1AZkRSGDDhqze8Lt7iRa4XzWsV9jjqVvevsS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 675cde852cf6325c-FRA

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210722/r20190131/ 250 KB
93 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210722/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5424304598793022&plah=down10.software&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4ac644803de23d3f8e60d6eb1bfec6c182214bb78c2cba1e0efeefe0bb95234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95207
x-xss-protection: 0
server: cafe
etag: 9667253005186430178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:52:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210722/r20190131/ Frame EACA 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210722/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210722/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Jul 2021 02:59:38 GMT
expires: Wed, 11 Aug 2021 02:59:38 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 21146
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 delete.gif
down10.software/img/ 752 B
1 KB 18ms
17ms Image
image/gif 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/img/delete.gif
Requested by: Host: down10.software
URL: https://down10.software/css_s/style.css?v=16.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32cd2462f0572cc6d63fba76837141950a47108f0015cee8f116f69002d1019f

Request headers

:path: /img/delete.gif
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/css_s/style.css?v=16.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/css_s/style.css?v=16.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2755
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 752
last-modified: Sat, 13 Mar 2021 17:28:21 GMT
server: cloudflare
etag: "2f0-5bd6e57d23740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FU7IDA5IhN3tqkFkOcdABw98JXt9bGd6Ygf0abyl6jiCk2vwERFLZP3ws9Zx2TDfT5Tqdou3cks9JU9BEDp4lRtusMC604Rwfec1QwsoUCh28Tgsn1n5SyKDBNUG3VAs5UJX9ZS23r%2BpL1yQWdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 675cde85fe18325c-FRA

GET
H3-29 200 star.gif
down10.software/img/ 2 KB
2 KB 29ms
28ms Image
image/gif 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/img/star.gif
Requested by: Host: down10.software
URL: https://down10.software/css_s/style.css?v=16.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9350693c52cd0672e538634624079bb27b5a0d5b0cfcef89c4ce9481e399caa6

Request headers

:path: /img/star.gif
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/css_s/style.css?v=16.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/css_s/style.css?v=16.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2728
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1560
last-modified: Sat, 13 Mar 2021 17:28:21 GMT
server: cloudflare
etag: "618-5bd6e57d23740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be4BdrxCKtF1ocmOoguflUuaaVdGeogFuiAfg%2BSxTDmN3GjQpCjcR%2BV%2BW5lAxbfDtgJTDkWqZppylRACRRY9tW%2Bx%2FGlvitrMs5lkyt2Z7a2xuZhQ5ptYS2sKI2SFnKNI0iLxfhU2j%2FTT%2F3ItzC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 675cde85fe1c325c-FRA

GET
H/1.1 200
OK autodesk-maya.png
cdn.down10.software/img/icons/ 13 KB
13 KB 538ms
174ms Image
image/png 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/autodesk-maya.png

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

72472c4b6aa702a9d390eecc08383641276a19512db9494ea86c694860a57b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 14:28:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "320b-5a72ed5c1579d"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12811

GET
H/1.1 200
OK shadowexplorer.png
cdn.down10.software/img/icons/ 22 KB
22 KB 540ms
175ms Image
image/png 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/shadowexplorer.png

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

b8441a42e7518a9d7783c676d0a9c3069f09f6a75deb387f72335405767f487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 14:43:01 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5887-5a72f0b773bc5"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22663

GET
H/1.1 200
OK pdf2jpg.png
cdn.down10.software/img/icons/ 27 KB
27 KB 564ms
198ms Image
image/png 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/pdf2jpg.png

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

b247fbcd0d5281411c879769cb06c02f3c8d269b461b5bd6b9c5148bb164e04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 14:29:30 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6bea-5a72edb297fb3"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27626

GET
H/1.1 200
OK indian-radio.png
cdn.down10.software/img/icons/ 12 KB
13 KB 541ms
173ms Image
image/png 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/indian-radio.png

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

52600e89a8d2a020bd48cce3d71f1f818f966965b82dc972838821426d432766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 15:21:55 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "30b7-5a72f96995d81"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12471

GET
H/1.1 200
OK gilisoft-mp3-cd-maker.webp
cdn.down10.software/img/icons/ 2 KB
2 KB 715ms
171ms Image
image/webp 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/gilisoft-mp3-cd-maker.webp

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

2c467083614a43ca3415e57b1e894b87bf727adac10f3d57d6dbc539293c3043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 15:19:37 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7ee-5a72f8e5e6e1b"
Strict-Transport-Security: max-age=31536000; preload
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2030

GET
H/1.1 200
OK windows-password-cracker.jpg
cdn.down10.software/img/icons/ 73 KB
74 KB 534ms
174ms Image
image/jpeg 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/windows-password-cracker.jpg

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

137128a8f358b22b9164a1675d4152e41ee5065475c7ee256e93c293a78051e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 15:33:22 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "125ec-5a72fbf8ab26e"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 75244

GET
H3-29 200 cleanmem-1-4-1.png
down10.software/yepdown/soft/icons/ 25 KB
25 KB 188ms
186ms Image
image/png 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/yepdown/soft/icons/cleanmem-1-4-1.png
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0de8a7dbeabe45f162ef255e48281da28d64fe54b6800e7f32ef022ddb8f97

Request headers

:path: /yepdown/soft/icons/cleanmem-1-4-1.png
pragma: no-cache
cookie: userId=9900015080
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Apr 2021 11:58:38 GMT
server: cloudflare
etag: "62b7-5bfc53beea630"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlkzL3F8xoVY1%2FsGDZRjB7HwYj1xsuChQBA6Gyr5I27Kpx9zqaOjPSQGKBDUgziiMG9Wrv32kcBDmgwLhDaOXd3h%2FWBKbFs64KRSSNIPG9zcW7O1rKYPm21zvV4FR%2FP8WgxweAKh4j613ecwvdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 675cde861e4e325c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25271

GET
H/1.1 200
OK fifa-world-cup-2006-manager.jpg
cdn.down10.software/img/icons/ 12 KB
13 KB 536ms
176ms Image
image/jpeg 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/fifa-world-cup-2006-manager.jpg

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

efa8c12501d94e12740dd3cbb5e1ed9481c863328449117a7866068aa934e80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 15:10:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "30bd-5a72f6e80483e"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12477

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109757237-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2442
date: Wed, 28 Jul 2021 08:11:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 28 Jul 2021 10:11:22 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1704854212&t=pageview&_s=1&dl=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&ul=en-us&de=UTF-8&dt=Snipping%20Tool%20Free%20Download%20for%20Windows%2010%2C%207%2C%208%2F8.1%20%7C%20Down10.Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=728329286&gjid=845931513&cid=1688142300.1627462324&tid=UA-109757237-1&_gid=1671322895.1627462324&_r=1&gtm=2ou7q0&z=1197549489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://down10.software
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9348.vD-3myRFu5_fPCXorNYfI5ZbNM5j7aWvZLGAZ9h1kEVW_kZNMvf_3aUC4NhTfIJl.ydva-EsI3eyhxR2GHSJs6jzD4_4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9348.dUnFdzkJYqNeHiYf8Mj67O056JAZbctLp_EEPSEE3JesoJfXyqKGkmmW-5HfGUSgoup_pS6F0L8USeBKi9vpBQ%2C%2C.YbugjyU2J4muc42dWfoebRRXOVw%2C

75 B
75 B

48ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9348.dUnFdzkJYqNeHiYf8Mj67O056JAZbctLp_EEPSEE3JesoJfXyqKGkmmW-5HfGUSgoup_pS6F0L8USeBKi9vpBQ%2C%2C.YbugjyU2J4muc42dWfoebRRXOVw%2C

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9348.dUnFdzkJYqNeHiYf8Mj67O056JAZbctLp_EEPSEE3JesoJfXyqKGkmmW-5HfGUSgoup_pS6F0L8USeBKi9vpBQ%2C%2C.YbugjyU2J4muc42dWfoebRRXOVw%2C
date: Wed, 28 Jul 2021 08:52:04 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
659 B 78ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=down10.software&callback=_gfp_s_&client=ca-pub-5424304598793022

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210722/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5424304598793022&plah=down10.software&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

23af4e01332196428c5144d044ce4056660c33d9a9084b61b19dc326c8152a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&tn=DIV&id=preloader&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&tn=DIV&id=preloader&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=down10.software

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 08:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=down10.software

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 08:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFD6 0
19 B 128ms
114ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&adk=1812271804&adf=3025194257&lmt=1627462324&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324092&bpp=3&bdt=189&idt=219&shv=r20210722&ptt=9&saldr=aa&abxe=1&nras=1&correlator=626539801678&frm=20&pv=2&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5424304598793022&output=html&adk=1812271804&adf=3025194257&lmt=1627462324&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324092&bpp=3&bdt=189&idt=219&shv=r20210722&ptt=9&saldr=aa&abxe=1&nras=1&correlator=626539801678&frm=20&pv=2&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 09:07:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:52:04 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
last-modified: Tue, 27 Jul 2021 15:41:31 GMT
etag: "60fe83e9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jul 2021 09:52:04 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55E7 68 KB
23 KB 718ms
718ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82b71ff9fd7d7264a25210c53d5932402271332bb863a28d14f3f8b1dc6b92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Jul 2021 08:52:05 GMT
server: cafe
content-length: 23878
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 09:07:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78D5 59 KB
15 KB 898ms
898ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

249f89144783d24ceeb282e2f583ae9399681c2e4db22feebfea66671dfaa5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Jul 2021 08:52:05 GMT
server: cafe
content-length: 15843
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 09:07:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC15 50 KB
15 KB 752ms
752ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c32824c6bf25834fd0ea67ae5f57e82dda019395ded0b6f77755e7e58d5a573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Jul 2021 08:52:05 GMT
server: cafe
content-length: 14985
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 09:07:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.com/watch/70973197/
Redirect Chain

https://mc.yandex.com/watch/70973197?wmode=7&page-url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1095%3A...
https://mc.yandex.com/watch/70973197/1?wmode=7&page-url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1095%...

316 B
398 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/70973197/1?wmode=7&page-url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A605%3Acn%3A1%3Adp%3A0%3Als%3A1131994456867%3Ahid%3A580188862%3Az%3A120%3Ai%3A202107280105204%3Aet%3A1627462324%3Ac%3A1%3Arn%3A957979374%3Au%3A1627462324795403882%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627462322924%3Ads%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C161%2C1%2C%2C%2C%2C1141%3Adsn%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C172%2C0%2C%2C%2C%2C1142%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627462325%3At%3ASnipping%20Tool%20Free%20Download%20for%20Windows%2010%2C%207%2C%208%2F8.1%20%7C%20Down10.Software

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

065cc7ca7e5f80861876a46bfce512e5ef3d2f8b2e2ee9817136762519b25d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 28-Jul-2021 08:52:04 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://down10.software
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Wed, 28-Jul-2021 08:52:04 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:04 GMT
last-modified: Wed, 28-Jul-2021 08:52:04 GMT
location: /watch/70973197/1?wmode=7&page-url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A605%3Acn%3A1%3Adp%3A0%3Als%3A1131994456867%3Ahid%3A580188862%3Az%3A120%3Ai%3A202107280105204%3Aet%3A1627462324%3Ac%3A1%3Arn%3A957979374%3Au%3A1627462324795403882%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627462322924%3Ads%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C161%2C1%2C%2C%2C%2C1141%3Adsn%3A33%2C18%2C916%2C1%2C0%2C0%2C%2C172%2C0%2C%2C%2C%2C1142%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627462325%3At%3ASnipping%20Tool%20Free%20Download%20for%20Windows%2010%2C%207%2C%208%2F8.1%20%7C%20Down10.Software
strict-transport-security: max-age=31536000
access-control-allow-origin: https://down10.software
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 28-Jul-2021 08:52:04 GMT

GET
H/1.1 200
OK proxy-vampire.jpg
cdn.down10.software/img/icons/ 54 KB
54 KB 347ms
174ms Image
image/jpeg 138.68.16.227
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.down10.software/img/icons/proxy-vampire.jpg

Requested by

Host: down10.software
URL: https://down10.software/download-snipping-tool/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

138.68.16.227 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

winpage-down4you.software

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

1a7336a3f38ac114f0f2586fc0ad4371c3247af8a3c0585089474d3ed255ee2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Jul 2021 08:52:04 GMT
Last-Modified: Wed, 03 Jun 2020 15:12:05 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "d7e4-5a72f7374f5b8"
Strict-Transport-Security: max-age=31536000; preload
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 55268

GET
H3-29 200 defaultwin.png
down10.software/yepdown/soft/icons/ 17 KB
18 KB 25ms
25ms Image
image/png 2606:4700:3031::ac43:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://down10.software/yepdown/soft/icons/defaultwin.png
Requested by: Host: down10.software
URL: https://down10.software/download-snipping-tool/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe998eefcd08427b77314f35d0b441dedcdc0f93e4d940efe8a3a00d09b9e128

Request headers

:path: /yepdown/soft/icons/defaultwin.png
pragma: no-cache
cookie: userId=9900015080; _ga=GA1.2.1688142300.1627462324; _gid=GA1.2.1671322895.1627462324; _gat_gtag_UA_109757237_1=1; _ym_uid=1627462324795403882; _ym_d=1627462324; _ym_isad=2; __gads=ID=fb94823d451a05f8-2223388477c900a5:T=1627462324:RT=1627462324:S=ALNI_MavIOwE4PQdCcJtSX3aKIP5t4o61w
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: down10.software
referer: https://down10.software/download-snipping-tool/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://down10.software/download-snipping-tool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:04 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1644
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17788
last-modified: Mon, 12 Apr 2021 11:59:53 GMT
server: cloudflare
etag: "457c-5bfc54064512e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABWFmBcFQS3qWM7zq263JpNtl0IUnT68HRIiPN67%2FrzypR%2FQhImnjQOm1KZiZ1PB3FSKXDlc8T8x5M22MoDhxFlBGzWGt%2Fi5uNED6iBbNu9SdiAxUN%2Fju9ORYdgq0v32egN65wz2pnHf9di9H5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 675cde886a4e325c-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 55E7 3 KB
674 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 07:11:07 GMT
server: ESF
date: Wed, 28 Jul 2021 08:52:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame 55E7 1 KB
937 B 32ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:47:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/ Frame 55E7 18 KB
8 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:43:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame 55E7 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:52:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55E7 124 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame 55E7 14 KB
6 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21c4c1d88243261eb2fd48411775d741f47432264a4e4b3a019b799bb4ff3aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
server: cafe
etag: 13235568289965241273
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:50:04 GMT

GET
H2 200 638cf57158770915db314ccd85b2248b.js Show response
www.gstatic.com/mysidia/ Frame 55E7 26 KB
11 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638cf57158770915db314ccd85b2248b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 08:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 08:17:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 08:53:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55E7 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpVajtBoBYYX_F9Gz-wbf0pS4Aancn-ZjyLnZkPYMv-EeEAEgmvKHZmCVAqABm-Cp4wLIAQGoAwHIA8sEqgTHAU_QSYRP5AYrDxBliEOOPhZ-sCC8mdfc5WcTqxLfIMSP7PFwNBd4CLeb_n0swF0TEUVHBCyn1GAOI5EDj9GsReAXqQaEKyWka1lo61hye5doTj9pjdQYWRHnAGMlfOQ7yOj4pw6hnjwHTYk79VhsUM7g6JOS4ZHJKhRU62YzQvx6RVS58pFSoAGwqblw6eZjz24-EcvHg_F-A4hwD-NMP6S7fXGmd-ywPjEHnoVoOF2G1JCeHxMWzqYwG3Ff9rpCZZHpqydNZKfABIX0nJydA5IFBAgEGAGSBQQIBRgEgAfNn9acAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDEvtYV0ggJCIDhgHAQARgfgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTU0MjQzMDQ1OTg3OTMwMjI&sigh=nyj-o61wFrI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Jul 2021 08:52:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9433 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=280&slotname=6311463538&adk=384268746&adf=3291496001&pi=t.ma~as.6311463538&w=731&fwrn=4&fwrnh=100&lmt=1627462324&rafmt=1&psa=0&format=731x280&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324095&bpp=4&bdt=191&idt=274&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nDZx8kFPtK&p=https%3A//down10.software&dtd=281

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Jul 2021 08:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 55E7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 303fc1ffd70a809e58e8afb188b2c012ebb40b68158980abfd8718b21468def7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 55E7 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 109787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:22:18 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 55E7 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 68743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:46:22 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CC15 3 KB
578 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 07:16:10 GMT
server: ESF
date: Wed, 28 Jul 2021 08:52:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame CC15 1 KB
857 B 23ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:47:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/ Frame CC15 18 KB
7 KB 21ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:43:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame CC15 2 KB
1 KB 20ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:52:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC15 124 KB
37 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame CC15 14 KB
6 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21c4c1d88243261eb2fd48411775d741f47432264a4e4b3a019b799bb4ff3aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
server: cafe
etag: 13235568289965241273
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:50:04 GMT

GET
H3-29 200 638cf57158770915db314ccd85b2248b.js Show response
www.gstatic.com/mysidia/ Frame CC15 26 KB
11 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638cf57158770915db314ccd85b2248b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 08:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 08:17:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 08:53:47 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5195555088061754110/ Frame CC15 1 KB
1 KB 17ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5195555088061754110/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f046b73e3148a5d2a1ee22dedc9285d1a527b0c5b6b8735149522e087bbbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 19:52:14 GMT
x-content-type-options: nosniff
age: 46791
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1121
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 22:22:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:52:14 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CC15 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEenCtBoBYbuKGc7ZzQbCgYzICu7ZottioLO7-sMNpJWmtYIPEAEgmvKHZmCVAqABxZGMlALIAQGoAwGqBMoBT9BORL4Z_FK1W9T9sObnGAXFH6NFQRR7-T_S5qXPkq9WgkmYegQTAQ564mV9RqSrDph88HR1aqnSFt5Nc2G4uFzg-TMmYtlN1Em2WWiCjTsJBtUcHRDHnCsLnjFHSCka8E3OyzeJJLV-XXY9n_-trGDC3ucI_n3fHaUBXOIthU3i4k3gdoJa3JE6g2v-xGMhrc4BWfOV10nZAz2VSziB1UtHThlAnjK7LDeJ00q8Hj_-vgPCk1tDvMboN02fapV73--vI65HfG5N9MAEmYurwq4DkgUECAQYAZIFBAgFGASAB6Pu8-sBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJnTJNIICQiA4YBwEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi01NDI0MzA0NTk4NzkzMDIy&sigh=-B6r9GpUTY4&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Jul 2021 08:52:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41B6 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=250&slotname=3493728505&adk=677114267&adf=477002037&pi=t.ma~as.3493728505&w=300&lmt=1627462324&rafmt=12&psa=0&format=300x250&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324101&bpp=2&bdt=197&idt=293&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280%2C731x90&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1031&ady=270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WM3kCMQ0jS&p=https%3A//down10.software&dtd=295

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Jul 2021 08:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9433
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:05 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 28-Jul-2021 09:52:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:05 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js Show response
pagead2.googlesyndication.com/bg/ Frame 8201 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

276eda8e913121321ea70e7cda0b7304a549607ba090e90f1e131a5e1ad90f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 12:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13275
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 15:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 12:54:01 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 78D5 3 KB
578 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 07:12:23 GMT
server: ESF
date: Wed, 28 Jul 2021 08:52:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame 78D5 1 KB
857 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:47:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/ Frame 78D5 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:43:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame 78D5 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:52:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78D5 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/ Frame 78D5 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210722/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21c4c1d88243261eb2fd48411775d741f47432264a4e4b3a019b799bb4ff3aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
server: cafe
etag: 13235568289965241273
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 08:50:04 GMT

GET
H3-29 200 638cf57158770915db314ccd85b2248b.js Show response
www.gstatic.com/mysidia/ Frame 78D5 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638cf57158770915db314ccd85b2248b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 08:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 08:17:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 08:53:47 GMT

GET
DATA 200
OK truncated
/ Frame CC15 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fda3e2d86884052be8ea0e2ee98d6ede2804dab25970ca31300208b59a048e66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 78D5 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CieaStBoBYcyDGYmg-waD5ZSAA-7ZottioLO7-sMNpJWmtYIPEAEgmvKHZmCVAqABxZGMlALIAQGoAwGqBM8BT9Da24XBU7G4jsgDCehMTanxa-1IszA2ZwFBJoOLY9T8Nesz67gFIovRG13t3yn_QABf0W50u-d6ApeZpy1XVHhBs4s6f4188IDe4XCxZ_utf93mXtjQiYSqB9yh-UPbcIOrWqMihhBZut0nWfPkiHEz87WkphVn_BjzwvVZKMMcAFRz2bxZDudh2YTiOYG0ky1Os1fdhEAn254rMe3iuPorjgg_mNNu6syRgOdV4Lobbwk2g1npzDw-A-DjPkhPzJWrvQ0Mcq3S4LOReMPMwASZi6vCrgOSBQQIBBgBkgUECAUYBIAHo-7z6wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQzuaGAdIICQiA4YBwEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi01NDI0MzA0NTk4NzkzMDIy&sigh=-xu8hyXDebc&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 28 Jul 2021 08:52:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5195555088061754110/ Frame 78D5 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5195555088061754110/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f046b73e3148a5d2a1ee22dedc9285d1a527b0c5b6b8735149522e087bbbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 19:52:14 GMT
x-content-type-options: nosniff
age: 46791
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1121
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 22:22:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:52:14 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CC15 21 KB
21 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 109787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:22:18 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CC15 21 KB
21 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 68743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:46:22 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7C26 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5424304598793022&output=html&h=90&slotname=3563394158&adk=2387656628&adf=2922463599&pi=t.ma~as.3563394158&w=731&lmt=1627462324&rafmt=12&psa=0&format=731x90&url=https%3A%2F%2Fdown10.software%2Fdownload-snipping-tool%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627462324099&bpp=2&bdt=196&idt=286&shv=r20210722&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C731x280&nras=1&correlator=626539801678&frm=20&pv=1&ga_vid=1688142300.1627462324&ga_sid=1627462324&ga_hid=1704854212&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3448517960751934&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r25bsvV7oP&p=https%3A//down10.software&dtd=290

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Jul 2021 08:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 78D5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6290bf2b214fcc7edcb3ebfc6c13cd32973580e7919b82e184d6197801fe072b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 78D5 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 109787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:22:18 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 78D5 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 68743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:46:22 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:05 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 28-Jul-2021 09:52:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:05 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7C26
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:05 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 28-Jul-2021 09:52:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Jul 2021 08:52:05 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210722&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56824993aef3c564df7d23e1300f653219887520fe25f2e9b66e664fca58726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Jul 2021 08:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8370
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 08:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:52:05 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BD9E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 28 Jul 2021 08:38:56 GMT
expires: Thu, 28 Jul 2022 08:38:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0832 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6150cd918801cb1a7a9009b08293565f1642b22b75e92a64349d6e7adfe0c295

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wj/FwlVl5BYgZEoec6ixVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://down10.software/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://down10.software/

Response headers

expires: Wed, 28 Jul 2021 08:52:05 GMT
date: Wed, 28 Jul 2021 08:52:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-wj/FwlVl5BYgZEoec6ixVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js Show response
pagead2.googlesyndication.com/bg/ Frame BD9E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J27ajpExITIepw582gtzBKVJYHugkOkPHhMaXhrZD3o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

276eda8e913121321ea70e7cda0b7304a549607ba090e90f1e131a5e1ad90f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 12:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13275
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 15:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 12:54:01 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210722&jk=3448517960751934&bg=!goGlgcXNAAb7_-tu-_87ACkAdvg8WmPT3WGJHplrkN9CA7og5xV_eWkrkZQDi0MW7s7qL3Roqt-gSgIAAABsUgAAAAxoAQcKAP0QKGl0ERsz3L_IQyVlkx0DnDNU-C35bCJCnzq4VIjcwXxu4-RQoBt8DtvSCsxhBQ3TLQ0oesWFSzAlpVqcco8sg0RYiItH4EQps9C_D1u_OvhC_cfKRVpvloPHQumhkWQaiyQLuQnNFTrqswHWzqSlMMKM3E_6tUXTexJ4qx4lpx5k3xJjR9JLSDx4frvQuSoODsehtFt-xXBi_Oaj4H8lb230PKRVJvIZVJDmcXrJ_bGjZSwFOviPPz0yNH7UsAftDvTOjAdLQ4JQ-wGXkrP6tKv5gOqw8ei27CK4_W5NunXqr3yl7gwAqUSDbiSgXAGumsqxmyWjFBAkK-fBmQJ2phWhhhVy4t2ESIBAA02J20qZJwfa9XaPsu9ororNSgaNM0VY8UWQTsdxpfeGnJtPBIS-M-PTQgodvBZGeq0uTfAcEKe8BIW2eF3HTQRBV5jliVHBX7wKnP2q3qKl6Or2gGQBf77Mu9BccJKRlb6tu_gGtQV-v-xf7TudxO0mRgHSRCG8dXeM8c58biHP8tXcRWcWiT_jAfuT1SK7oqHArS_SjUuQjRP3QBd6qB_OshrDzAWFm0SjzBK39AITj0HeSo7bGq6CdRhAuvG-EduFBqUj9qdErYsqhzU5ITbp9cQ85Q43hIjfsHd9irEO2aXJJkrecXVDaQvmhjKbxtkmlNdUTDFFAAvfV1vqLeJjqlBMzWnIBW50yRv79GpimWb-OQIuQQdB7_zB6qHprTRYho4qZ1WYctzKpyVqceLdzYA_KXOTUYy63ZiwNfd4slKhaNX3rVSD3U55nQAke_i11wcoBXeEumwitHlfHhc9lAhsYQquP8CJJmQHyW45UGrV52kTfpt_83VL85cQhzxCbFf2219Hy_ghIAuFE6nvKHh9g1oMCS7ZQKr09pWhSVQhADv2sJmqJFY7YKn7qxRBVOo5TMHq_p20vdPb6gagFswm5lk2tXTRMXOH6VaCJdFdoKMyxlitVDqW1-HnaJ_gEjnKsGgeU3JQwTDrkNOdnNAf6c9Sf8FMoREg5LGZD5MRdai9buzbQ6ls1XQMJeTDcHXQyxr5E6joQsJnLBTb3JcCj4YYMGumfjHiuoutnCZsTQT31OKKi6_7OGAd_PubX4rRFz9v3VPZqY1_dMmIvvuboFztwk2en4rBeUQDXSL0VK5VJ2aO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://down10.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 55E7 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsundE6mopgR-FgLEGDKKPbbzRyXjB_0A2eqJlyvtPQXCVUGdsxhIMYnuaJahEZhZODaN0tiHwgtI0pZSNA1nzDKvisT-5GKet6trA-O5T92mXluyUVR4KEe8UYzdA&sai=AMfl-YRy1CbKz8Fn5_s62viduuV_UN2L3qZp3jnzgn7j-gfBi72BdLvgnOcEnb1MMUmg2T9CfqWzgXjX8Be3&sig=Cg0ArKJSzDdf521WFPUwEAE&id=lidar2&mcvt=1000&p=270,270,550,1001&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210726&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=384268746&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627462324381&dlt=718&rpt=71&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CC15 42 B
64 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHhNgrS3N94PhfT40yxqlTBxclXRzq5hEdduNuvh01NooHMjmIEgWthrHsKyHG0uQzFTxl5S45q_gL4XXETjzdZ65TQdPLKt9zavgQ3FjhgLESSPnfKB8xoVRV3Q&sai=AMfl-YRDoICwDhNTEW9ZC_fIENXhT-y1WBaL3zfirSiVsG_PYf6GFPe37p_G-dQkXPKME6_nviBkbre3-oEO&sig=Cg0ArKJSzJxFxnAacmgbEAE&id=lidar2&mcvt=1001&p=270,1031,520,1331&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210726&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=677114267&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627462324398&dlt=832&rpt=63&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78D5 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssCZQSc0o2l6u2AXJauapTku4LESsF0gJbpxZRzGlR4I0P3Rl5NUZZtc2jEnBvsZIotiP_QqsF9ixjZ2fqEnvdh5IJvRFOC9vrpv-1mUPsWnbBDlOXC97H8epPow&sai=AMfl-YSmtx_3vYbHoZbc3NeHu7adZKCyeZGDajBZ-jkqi3XU8Y7NYGcLzQkVMAcZfrI1JyFECRqvvIoH_Flu&sig=Cg0ArKJSzEyiJDCB90wUEAE&id=lidar2&mcvt=1001&p=808,270,898,1001&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210726&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2387656628&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627462324391&dlt=909&rpt=68&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 08:52:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:04:25	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 20:04:23	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 05:25:58	Name: IDE Value: AHWqTUkFUJKbradwPJ9AqZf-Ec-Hld2_jANIrwMxHp0N1vI6UwdyvWfi6ia07buAtsk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
blog.down10.software
cdn.down10.software
down10.software
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
138.68.16.227
142.250.184.226
159.89.156.160
2606:4700:3031::ac43:93e6
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a02:6b8::1:119
065cc7ca7e5f80861876a46bfce512e5ef3d2f8b2e2ee9817136762519b25d3f
137128a8f358b22b9164a1675d4152e41ee5065475c7ee256e93c293a78051e3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7336a3f38ac114f0f2586fc0ad4371c3247af8a3c0585089474d3ed255ee2e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
21c4c1d88243261eb2fd48411775d741f47432264a4e4b3a019b799bb4ff3aa5
23af4e01332196428c5144d044ce4056660c33d9a9084b61b19dc326c8152a79
249f89144783d24ceeb282e2f583ae9399681c2e4db22feebfea66671dfaa5db
276eda8e913121321ea70e7cda0b7304a549607ba090e90f1e131a5e1ad90f7a
2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e
2c467083614a43ca3415e57b1e894b87bf727adac10f3d57d6dbc539293c3043
2f7962b09fffc06c94a4856fc5e6f3fdb65c03cf3b17fcaf0b7ad13043b3d9e3
303fc1ffd70a809e58e8afb188b2c012ebb40b68158980abfd8718b21468def7
30f046b73e3148a5d2a1ee22dedc9285d1a527b0c5b6b8735149522e087bbbb8
32cd2462f0572cc6d63fba76837141950a47108f0015cee8f116f69002d1019f
3622803b5ff8a7d9c8f8441aa9b7b64ff3b65230e3a80a3ace31656c7502c860
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
433a3bc0009b8a1cb24c10a5826e69b3f51ec5b471c6ba7e22ed72d43a9acda1
477060b73661e5025ee2218c2ea3f665470c95b4e7f9b9332cfc90f2fe3dc6bb
4c9f288b3c9c78907f8adf1fd919894c5aae7e80229cceb6bcd55c6018121958
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
523c402aa4be19b31653669e87fd90f053404adaee1fc9014319dedc2c78baf8
52600e89a8d2a020bd48cce3d71f1f818f966965b82dc972838821426d432766
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6150cd918801cb1a7a9009b08293565f1642b22b75e92a64349d6e7adfe0c295
6290bf2b214fcc7edcb3ebfc6c13cd32973580e7919b82e184d6197801fe072b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72472c4b6aa702a9d390eecc08383641276a19512db9494ea86c694860a57b37
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
82b71ff9fd7d7264a25210c53d5932402271332bb863a28d14f3f8b1dc6b92f0
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8c0de8a7dbeabe45f162ef255e48281da28d64fe54b6800e7f32ef022ddb8f97
9350693c52cd0672e538634624079bb27b5a0d5b0cfcef89c4ce9481e399caa6
991135250c181990b24b41eff4cc78cfd4d996746fdc2dbe097df511911cb527
99309e993c929a82a466d26021100ec470f591b2da0c96539163beabdb95d05b
9c32824c6bf25834fd0ea67ae5f57e82dda019395ded0b6f77755e7e58d5a573
9faf9d24bc8e80d2d436dbbf85374ac4355fd31bc7e6fa7bf4564a5f8431dc5b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56824993aef3c564df7d23e1300f653219887520fe25f2e9b66e664fca58726
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b0f61cef437824d8dcd0119a2ab0478ea5d8b204e6c86c04f568a4c864784fac
b247fbcd0d5281411c879769cb06c02f3c8d269b461b5bd6b9c5148bb164e04d
b4ac644803de23d3f8e60d6eb1bfec6c182214bb78c2cba1e0efeefe0bb95234
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7e8e43184b2d28d210d0669e38c562f3f995edc9827fda433aef08e8c1b9420
b8441a42e7518a9d7783c676d0a9c3069f09f6a75deb387f72335405767f487d
c5355002fc74b6e9688e6d87ce258df989f9f2f58992fef18dde26219982d692
ceff97cb7824d927a74228ecf5cf9222706055d474c9a6732e4246bf8b078edb
d67b8727972546b8115e513756059d6157a3958ef435f7996fe538a9a042377e
d88fd5f5416995decb383947d3c5796984f1c29327b8095452776fbb39b7f41d
df3b967463b9f48f46f94c11a2dc568dd6b4ab2d91d604af3d3f8d8f19a04ba4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4411c8c8a8f431687b7827cc2997d0fade85e1eddb2043ad3dd9b5a119751a7
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ecca0f863a2fac8c6c57e14c4605684f57243920be71a5c2a4cb122f1caee4c6
ed295a8f5e4a8100392721d5a8f17ff6ea735745f6a2ed4739c997603b3be601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa8c12501d94e12740dd3cbb5e1ed9481c863328449117a7866068aa934e80f
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
fda3e2d86884052be8ea0e2ee98d6ede2804dab25970ca31300208b59a048e66
fe998eefcd08427b77314f35d0b441dedcdc0f93e4d940efe8a3a00d09b9e128

down10.software Open in urlscan Pro 2606:4700:3031::ac43:93e6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

97 Requests

100 %HTTPS

83 %IPv6

13 Domains

18 Subdomains

19 IPs

3 Countries

1598 kBTransfer

3044 kBSize

3 Cookies

6 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

down10.software Open in urlscan Pro
2606:4700:3031::ac43:93e6 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

100 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

19
IPs

3
Countries

1598 kB
Transfer

3044 kB
Size

3
Cookies

97 HTTP transactions
3 data transactions