www.dredown.com Open in urlscan Pro
104.27.179.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dredown.com/
Effective URL:
https://www.dredown.com/
Submission: On March 09 via manual (March 9th 2020, 5:26:44 am UTC) from AU

Summary HTTP 125 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 27 domains to perform 125 HTTP transactions. The main IP is 104.27.179.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dredown.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 7th 2019. Valid for: 10 months.

This is the only time www.dredown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	104.27.179.27 104.27.179.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
19	104.19.130.80 104.19.130.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:a00:17:a95a:6580:21	16509 (AMAZON-02) (AMAZON-02)
3	198.134.112.241 198.134.112.241	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
9	188.72.202.158 188.72.202.158	35415 (WEBZILLA) (WEBZILLA)
8	88.85.82.156 88.85.82.156	35415 (WEBZILLA) (WEBZILLA)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.9.78 104.18.9.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	54.209.108.129 54.209.108.129	14618 (AMAZON-AES) (AMAZON-AES)
5	34.196.230.232 34.196.230.232	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	78.140.191.103 78.140.191.103	35415 (WEBZILLA) (WEBZILLA)
6	89.19.36.40 89.19.36.40	9002 (RETN-AS) (RETN-AS)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	188.42.160.59 188.42.160.59	35415 (WEBZILLA) (WEBZILLA)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	78.140.190.68 78.140.190.68	35415 (WEBZILLA) (WEBZILLA)
3	188.42.224.97 188.42.224.97	35415 (WEBZILLA) (WEBZILLA)
1	52.218.217.225 52.218.217.225	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
125	28

28 104.27.179.27 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.dredown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.130.80 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a00:17:a95a:6580:21 (United States)

ASN16509 (AMAZON-02, US)

d141wsrw9m4as6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.134.112.241 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

www.modulepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl15304395.passeura.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.72.202.158 (Netherlands)

ASN35415 (WEBZILLA, NL)

luckypushh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.85.82.156 (Netherlands)

ASN35415 (WEBZILLA, NL)

pushsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.9.78 (United States)

ASN13335 (CLOUDFLARENET, US)

seestimatere.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.108.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-108-129.compute-1.amazonaws.com

healthoutabol.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.196.230.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-230-232.compute-1.amazonaws.com

distinesseqe.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.191.103 (Netherlands)

ASN35415 (WEBZILLA, NL)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.19.36.40 (Netherlands)

ASN9002 (RETN-AS, EU)

native.propellerclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.160.59 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.140.190.68 (Netherlands)

ASN35415 (WEBZILLA, NL)

static.ptoahaistais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.224.97 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.217.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

webpick-cdn.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	dredown.com 1 redirects www.dredown.com	784 KB
19	adskeeper.co.uk jsc.adskeeper.co.uk servicer.adskeeper.co.uk cm.adskeeper.co.uk cdn.adskeeper.co.uk s-img.adskeeper.co.uk c.adskeeper.co.uk	262 KB
9	luckypushh.com luckypushh.com	55 KB
8	google.com adservice.google.com www.google.com	36 KB
8	pushsar.com pushsar.com	146 KB
6	propellerclick.com native.propellerclick.com	136 KB
6	inpagepush.com inpagepush.com	21 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
5	distinesseqe.site distinesseqe.site	440 B
4	gstatic.com fonts.gstatic.com www.gstatic.com	144 KB
3	wowreality.info o.wowreality.info	37 KB
3	ptoahaistais.com static.ptoahaistais.com	32 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	102 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	passeura.com pl15304395.passeura.com
2	youtube.com www.youtube.com	992 B
2	healthoutabol.site healthoutabol.site	3 KB
1	taboola.com images.taboola.com	42 KB
1	amazonaws.com webpick-cdn.s3.us-west-2.amazonaws.com Failed	212 KB
1	rtmark.net my.rtmark.net	773 B
1	ytimg.com s.ytimg.com	10 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	seestimatere.pro seestimatere.pro	15 KB
1	google.de adservice.google.de	171 B
1	googleapis.com fonts.googleapis.com	621 B
1	modulepush.com www.modulepush.com
1	cloudfront.net d141wsrw9m4as6.cloudfront.net	66 KB
125	27

	Domain	Requested by
28	www.dredown.com	1 redirects www.dredown.com
9	luckypushh.com	www.dredown.com luckypushh.com
8	s-img.adskeeper.co.uk	www.dredown.com
8	pushsar.com	www.dredown.com pushsar.com
7	www.google.com	native.propellerclick.com www.gstatic.com
6	native.propellerclick.com	www.dredown.com native.propellerclick.com
6	inpagepush.com	www.dredown.com inpagepush.com
5	distinesseqe.site	www.dredown.com d141wsrw9m4as6.cloudfront.net
4	pagead2.googlesyndication.com	www.dredown.com pagead2.googlesyndication.com
3	o.wowreality.info	native.propellerclick.com o.wowreality.info
3	static.ptoahaistais.com	inpagepush.com
3	fonts.gstatic.com	www.dredown.com
3	jsc.adskeeper.co.uk	www.dredown.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.adskeeper.co.uk	www.dredown.com
2	www.google-analytics.com	1 redirects www.dredown.com
2	pl15304395.passeura.com	www.dredown.com
2	www.youtube.com	www.dredown.com s.ytimg.com
2	cdn.adskeeper.co.uk	www.dredown.com jsc.adskeeper.co.uk
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	healthoutabol.site	d141wsrw9m4as6.cloudfront.net
2	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	images.taboola.com
1	webpick-cdn.s3.us-west-2.amazonaws.com	d141wsrw9m4as6.cloudfront.net
1	my.rtmark.net	inpagepush.com
1	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.dredown.com
1	s.ytimg.com	www.youtube.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	seestimatere.pro	www.dredown.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	fonts.googleapis.com	www.dredown.com
1	www.modulepush.com	www.dredown.com
1	d141wsrw9m4as6.cloudfront.net	www.dredown.com
125	36

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-07` - `2020-10-09`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ssl382687.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
modulepush.com Let's Encrypt Authority X3	`2020-02-10` - `2020-05-10`	3 months	crt.sh
luckypushh.com Let's Encrypt Authority X3	`2020-02-07` - `2020-05-07`	3 months	crt.sh
pushsar.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-26` - `2020-08-10`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
healthoutabol.site Amazon	`2020-03-01` - `2021-04-01`	a year	crt.sh
distinesseqe.site Amazon	`2020-02-27` - `2021-03-27`	a year	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-02-23` - `2020-05-23`	3 months	crt.sh
passeura.com Let's Encrypt Authority X3	`2020-01-08` - `2020-04-07`	3 months	crt.sh
native.propellerclick.com Let's Encrypt Authority X3	`2020-02-07` - `2020-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
my.rtmark.net Let's Encrypt Authority X3	`2020-02-24` - `2020-05-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ptoahaistais.com Let's Encrypt Authority X3	`2019-12-30` - `2020-03-29`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-02-20` - `2020-05-20`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.dredown.com/
Frame ID: C02501C7A9C058A9F34BC553DB26EC46
Requests: 117 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200303/r20190131/zrt_lookup.html
Frame ID: 5A40418D2774834EEF48749AF2F4B24F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025640675312019&output=html&adk=1812271804&adf=3025194257&lmt=1583731585&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.dredown.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1583731584996&bpp=12&bdt=44&fdt=94&idt=94&shv=r20200303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=139746875715&frm=20&pv=2&ga_vid=1684296699.1583731585&ga_sid=1583731585&ga_hid=687990417&ga_fc=0&iag=0&icsg=43532&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065382&oid=3&pvsid=1656748641951919&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=107
Frame ID: F70E513595B99680C705A871ED257C4F
Requests: 1 HTTP requests in this frame

Frame: https://healthoutabol.site/NWhUeFRUCjcVa1RVNl4hRwRpXWZzTWY+MARcZQ8nRx9tFWBUG2JWN1kHIRwyRwc6DHpbDSBdZnNbABUgRTsTPSB3KTcNDF8HFzwMYzIyLixUDgI6O3Q6OxYQT10DMAdkBBA8YHw4BQ89cS1sQBNMGAMvEwEmGA8BegwBGyZ3OSRJAXIPHzwHRQsxE2RRJxVMOGMAIxUWZhsaORdsLR8TZFYjAg8+dyoZEBBmIR8sHFoGMUgCbwoCNnEHKgUPBUUpPRsSfTs3Kx5eXTU7P2dQAw8VWC4HCxxhICQqHUIHHxoCe01mOhZ3GCAtZwE8ADAkZw5lC2ZQPgEqDF5FFgwBBlwfPwBSJh8AI3gjMxc6fVgsTh4GHA0gOW87MT1hVw0REzh0EGQUEGIcDjM5BDwyHzd0ISMqJmI+Pw4WdlgVOjlzLTI+J34hFjU8dw8sDAFCADcgA286DT48UA04EDNiBG0ABn0QNj89XiAYAD90CgI1HW0EJF1mczxnSTBhEmUbcl8bOxYkCBw4PBZgCSEVOFI
Frame ID: EEBEB402835B6437FF91550E0EDCA66F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1583731585222707630526
Frame ID: 0CD6DBF024B8889A98F859F36379CB9C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oF83Xt-W1k4?autoplay=1&controls=1&showinfo=0&modestbranding=1&loop=1&fs=0&cc_load_policy=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2Fwww.dredown.com&widgetid=1
Frame ID: 960235CB3F7ACFECD830F0B28FC468B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIR3gUAAAAAGeE13xVxPflyUKLHzsL8gEXcJDU&co=aHR0cHM6Ly93d3cuZHJlZG93bi5jb206NDQz&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=5senb9b3w97
Frame ID: A43F3AC91ECB956815CA64D6FE9FBBC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 4D7B471BDEF07E02F20F7226ED973ACC
Requests: 1 HTTP requests in this frame

Frame: https://webpick-cdn.s3.us-west-2.amazonaws.com/WOW.png
Frame ID: 4770AB0B8D411AA2C8725BF4EE3AA7A8
Requests: 3 HTTP requests in this frame

Frame: https://static.ptoahaistais.com/contents/s/29/03/31/8811de0b0196551df43b56f225/01202919255561.jpeg
Frame ID: 402708E28EE3FD422E1CF555591D368D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.dredown.com/ HTTP 301
https://www.dredown.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

125
Requests

99 %
HTTPS

44 %
IPv6

27
Domains

36
Subdomains

28
IPs

4
Countries

2180 kB
Transfer

4243 kB
Size

9
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=823644

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/5202194/i/106520/2/pp/1/1?h=098BtIv45Osn34NrTOz0pfPsMYxe6t1LQkkLIAf33BxycDT2pcDy00yvykalZVXu&rid=850ceeb4-61c6-11ea-9cfb-4cd98f41c125&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/5087322/i/106520/2/pp/2/1?h=RjQP2VhLCrNMXZIwK2L0r16ZJjjtdUl-ZWny93emM4GgwPW7b5dDZ23RuxjsYhIG&rid=850ceeb4-61c6-11ea-9cfb-4cd98f41c125&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/4903842/i/106520/2/pp/3/1?h=z4Rqaf75E1sZ9KqCqZse64pvEfP0fTWKdOUwhXzuTbbodnawx2jc1_OgPAqrazrf&rid=850ceeb4-61c6-11ea-9cfb-4cd98f41c125&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/5143467/i/106520/2/pp/4/1?h=6Y-qsuViqnHMkl61VnS2tbSfyB7n4Zqf2ZtVSL6eTLzQnJqET4B440-F4EEgLKqJ&rid=850ceeb4-61c6-11ea-9cfb-4cd98f41c125&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/5064477/i/106520/2/pp/5/1?h=ji1_Gf0L-3byfCN0VP7w_-QiV1cDjZEQUEQDXjWKI6icVFoX9mBy5_blc5ov1-yq&rid=850ceeb4-61c6-11ea-9cfb-4cd98f41c125&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=823693

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/5202194/i/106399/2/pp/1/1?h=a40y5PatPBjRHTeVoRALo_PsMYxe6t1LQkkLIAf33Bywvh1sGOVC_08fQFeb0I9x&rid=85f8122d-61c6-11ea-8762-d09466576dad&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/5087322/i/106399/2/pp/2/1?h=laign5_DjdF_zkDzoo4Q3V6ZJjjtdUl-ZWny93emM4Ga0d3pmRXSGaJ5AGfQo4rd&rid=85f8122d-61c6-11ea-8762-d09466576dad&tt=Direct&cpm=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/4903842/i/106399/2/pp/3/1?h=GIP9gkw_W9alLoSqxY93lYpvEfP0fTWKdOUwhXzuTbb5jYw6aBiZBIrHWPpJ3hIY&rid=85f8122d-61c6-11ea-8762-d09466576dad&tt=Direct&cpm=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dredown.com/ HTTP 301
https://www.dredown.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=687990417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dredown.com%2F&ul=en-us&de=UTF-8&dt=DreDown%20%7C%20All%20Video%20Downloader%20%7C%20Download%20Instagram%20%7C%20Download%20Instagram%20Videos%20%7C%20Download%20Videos%20%7C%20Music%20%7C%20George%20Lamberis&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=999661747&gjid=1226692542&cid=1684296699.1583731585&tid=UA-56660370-5&_gid=565719416.1583731586&_r=1&z=568871921 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56660370-5&cid=1684296699.1583731585&jid=999661747&_gid=565719416.1583731586&gjid=1226692542&_v=j81&z=568871921

125 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dredown.com/
Redirect Chain

http://www.dredown.com/
https://www.dredown.com/

231 KB
46 KB

437ms
396ms

Document
text/html

104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 3609347a7047c04fa3b56a396337f2a5469a3a82ba099d46fc517d5621baa881

Request headers

:method: GET
:authority: www.dredown.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 09 Mar 2020 05:26:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0c20edc66deefcff67e1b2ec5b7a687e1583731584; expires=Wed, 08-Apr-20 05:26:24 GMT; path=/; domain=.dredown.com; HttpOnly; SameSite=Lax
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 571261838d8ef91f-MXP
content-encoding: br

Redirect headers

Date: Mon, 09 Mar 2020 05:26:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 09 Mar 2020 06:26:24 GMT
Location: https://www.dredown.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 571261831aeaf923-MXP

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
38 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a0b050607d03061476a57618facae88282b14052416e63e7222fed31fc26a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38519
x-xss-protection: 0
server: cafe
etag: 14959984671288578746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Mar 2020 05:26:24 GMT

GET
H2 200 dredown.com.823644.js Show response
jsc.adskeeper.co.uk/d/r/ 120 KB
34 KB 97ms
53ms Script
text/javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823644.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fdd0dfb55e6b3dc81469a42ffa139993423c69328a92cc0f3f0f70ef9eeb729

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 6771
cf-polished: origSize=123368
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 6A112B6D696B79DE
x-amz-id-2: Bm0omA9qdJashmYHcEj3oBrZJuP24pqk54/ywiJweMLlGEwCRcy39dmNAA1/PFK1dbG0WjQl1rs=
last-modified: Wed, 26 Feb 2020 20:04:04 GMT
server: cloudflare
etag: W/"4546b99ddcc4f96352f35d01001fd96e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Mon, 09 Mar 2020 09:26:25 GMT
cache-control: public, max-age=14400
cf-ray: 571261864a14c82f-AMS
cf-bgj: minify

GET
H2 200 swadmaven.js Show response
www.dredown.com/ 122 KB
47 KB 35ms
26ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/swadmaven.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616ec6b3de1645288c4895df9aa982a491501dd1e6053565ab2a8ea0182d5d8f

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Feb 2020 18:56:04 GMT
server: cloudflare
age: 2958
etag: W/"ca2559-1e8a3-59e51685cb900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5712618608fcf91f-MXP

GET
H2 200 / Show response
d141wsrw9m4as6.cloudfront.net/ 151 KB
66 KB 216ms
175ms Script
text/plain 2600:9000:214f:a00:17:a95a:6580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=837351
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a00:17:a95a:6580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d587776dac6739c104cf2760920c2ef79f5ecb9eed50c40a5a892e74dd7c8dec

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-origin: *
content-length: 67167
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-id: GkF6z4Zp3pYren8FkoU9OMRU0bHjO5oyFbn-lcz96TamtyzQibeEOA==

GET
H/1.1 403
Forbidden invoke.js
www.modulepush.com/d989417e9df9bdfa1f028d6e689cecc1/ 0
0 1360ms
91ms Script
application/javascript 198.134.112.241
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.modulepush.com/d989417e9df9bdfa1f028d6e689cecc1/invoke.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 09 Mar 2020 05:26:26 GMT
Server: nginx/1.17.6
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Content-Type: application/javascript

GET
H/1.1 200
OK ntfc.php Show response
luckypushh.com/ 38 KB
12 KB 133ms
17ms Script
application/javascript 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://luckypushh.com/ntfc.php?p=1861720
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 29061ced78d340ddf25037f0c7cea137c6644d92482809e627cf3696af1fd493

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:11 GMT
Server: nginx
ETag: W/"5e6114eb-999d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK tag.min.js Show response
pushsar.com/pfe/current/ 38 KB
12 KB 115ms
17ms Script
application/javascript 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2d44d94ab045ab92be55e9536a5e58222e8216fc1999f5a8bd6fa1d1b424ddc6

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:10 GMT
Server: nginx
ETag: W/"5e6114ea-99c9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 2 KB
621 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f8eb830e29d1c12ed5ef24b6f74c9d46c356bed0de8a07ce5e1e025d759f410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Mar 2020 05:26:24 GMT
server: ESF
date: Mon, 09 Mar 2020 05:26:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Mar 2020 05:26:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dredown.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dredown.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200303/r20190131/ 222 KB
83 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200303/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

984b50b44ade35d903bbfa50129e85a46a2247060ae69b55e7e595fd1f7dadde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84919
x-xss-protection: 0
server: cafe
etag: 15562713877717077162
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Mar 2020 05:26:25 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200303/r20190131/ Frame 5A40 0
0 40ms
39ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200303/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200303/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dredown.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dredown.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 04 Mar 2020 00:56:44 GMT
expires: Wed, 18 Mar 2020 00:56:44 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 448181
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 SWtVZzgySSYQZzwZOUUCawMhE0g6UXpITz4cewNKLA86EFZnCDoKFzocNANVKB0wCRYjGHdLGjoGM0UCeEd3E1kuNDwDGnNJbVQPel5lRRRrGCAFZyAPZ0UCaw02BVlwXjFTFXpcNFMVfVkzUxUrWG0GFShZbFYPLAlnAQF9Dnca Show response
seestimatere.pro/ 35 KB
15 KB 202ms
147ms Script
application/javascript 104.18.9.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seestimatere.pro/SWtVZzgySSYQZzwZOUUCawMhE0g6UXpITz4cewNKLA86EFZnCDoKFzocNANVKB0wCRYjGHdLGjoGM0UCeEd3E1kuNDwDGnNJbVQPel5lRRRrGCAFZyAPZ0UCaw02BVlwXjFTFXpcNFMVfVkzUxUrWG0GFShZbFYPLAlnAQF9Dnca
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/swadmaven.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.9.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 541afee82a2f5bcdca2e94cfa4996b6f11dd9083ffe559719fa7e6dd57a8d954

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
x-powered-by: Express
etag: W/"8bc7-LlrvFb3awrtRUAyqvj/n/EeWd1Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
status: 200
cf-ray: 57126186f930d8cd-AMS
access-control-allow-headers: X-Requested-With,content-type

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 5ms
5ms Font
font/woff 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:04:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 3957735
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19684
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:04:10 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame F70E 0
0 28ms
28ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025640675312019&output=html&adk=1812271804&adf=3025194257&lmt=1583731585&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.dredown.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1583731584996&bpp=12&bdt=44&fdt=94&idt=94&shv=r20200303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=139746875715&frm=20&pv=2&ga_vid=1684296699.1583731585&ga_sid=1583731585&ga_hid=687990417&ga_fc=0&iag=0&icsg=43532&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065382&oid=3&pvsid=1656748641951919&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200303/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2025640675312019&output=html&adk=1812271804&adf=3025194257&lmt=1583731585&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.dredown.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1583731584996&bpp=12&bdt=44&fdt=94&idt=94&shv=r20200303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=139746875715&frm=20&pv=2&ga_vid=1684296699.1583731585&ga_sid=1583731585&ga_hid=687990417&ga_fc=0&iag=0&icsg=43532&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065382&oid=3&pvsid=1656748641951919&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dredown.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dredown.com/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Mar 2020 05:26:25 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Mar-2020 05:41:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200303/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8b7d1f10441c7349e88ed2a168e0635836f6724999f91ea8d15ecd4811dad38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583497562441669"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27645
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:25 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/823644/ 3 KB
2 KB 80ms
61ms Script
application/x-javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/823644/1?w=1584&h=257&cols=5&pv=5&cbuster=1583731585132408634472&uniqId=0459e&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fwww.dredown.com%2F&pageView=1&pvid=170bdc2306c81c6817a&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823644.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52fcf24881af1ddc9fda963c070cf261afc46630460da9ee0a6095cb5b19cb58

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 571261873b24c82f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 NWhUeFRUCjcVa1RVNl4hRwRpXWZzTWY+MARcZQ8nRx9tFWBUG2JWN1kHIRwyRwc6DHpbDSBdZnNbABUgRTsTPSB3KTcNDF8HFzwMYzIyLixUDgI6O3Q6OxYQT10DMAdkBBA8YHw4BQ89cS1sQBNMGAMvEwEmGA8BegwBGyZ3OSRJAXIPHzwHRQsxE2RRJxVMOGMAI...
healthoutabol.site/ Frame EEBE 0
0 305ms
99ms Document
text/html 54.209.108.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://healthoutabol.site/NWhUeFRUCjcVa1RVNl4hRwRpXWZzTWY+MARcZQ8nRx9tFWBUG2JWN1kHIRwyRwc6DHpbDSBdZnNbABUgRTsTPSB3KTcNDF8HFzwMYzIyLixUDgI6O3Q6OxYQT10DMAdkBBA8YHw4BQ89cS1sQBNMGAMvEwEmGA8BegwBGyZ3OSRJAXIPHzwHRQsxE2RRJxVMOGMAIxUWZhsaORdsLR8TZFYjAg8+dyoZEBBmIR8sHFoGMUgCbwoCNnEHKgUPBUUpPRsSfTs3Kx5eXTU7P2dQAw8VWC4HCxxhICQqHUIHHxoCe01mOhZ3GCAtZwE8ADAkZw5lC2ZQPgEqDF5FFgwBBlwfPwBSJh8AI3gjMxc6fVgsTh4GHA0gOW87MT1hVw0REzh0EGQUEGIcDjM5BDwyHzd0ISMqJmI+Pw4WdlgVOjlzLTI+J34hFjU8dw8sDAFCADcgA286DT48UA04EDNiBG0ABn0QNj89XiAYAD90CgI1HW0EJF1mczxnSTBhEmUbcl8bOxYkCBw4PBZgCSEVOFI
Requested by: Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=837351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.108.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-108-129.compute-1.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash

Request headers

:method: GET
:authority: healthoutabol.site
:scheme: https
:path: /NWhUeFRUCjcVa1RVNl4hRwRpXWZzTWY+MARcZQ8nRx9tFWBUG2JWN1kHIRwyRwc6DHpbDSBdZnNbABUgRTsTPSB3KTcNDF8HFzwMYzIyLixUDgI6O3Q6OxYQT10DMAdkBBA8YHw4BQ89cS1sQBNMGAMvEwEmGA8BegwBGyZ3OSRJAXIPHzwHRQsxE2RRJxVMOGMAIxUWZhsaORdsLR8TZFYjAg8+dyoZEBBmIR8sHFoGMUgCbwoCNnEHKgUPBUUpPRsSfTs3Kx5eXTU7P2dQAw8VWC4HCxxhICQqHUIHHxoCe01mOhZ3GCAtZwE8ADAkZw5lC2ZQPgEqDF5FFgwBBlwfPwBSJh8AI3gjMxc6fVgsTh4GHA0gOW87MT1hVw0REzh0EGQUEGIcDjM5BDwyHzd0ISMqJmI+Pw4WdlgVOjlzLTI+J34hFjU8dw8sDAFCADcgA286DT48UA04EDNiBG0ABn0QNj89XiAYAD90CgI1HW0EJF1mczxnSTBhEmUbcl8bOxYkCBw4PBZgCSEVOFI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dredown.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dredown.com/

Response headers

status: 200
date: Mon, 09 Mar 2020 05:26:25 GMT
content-type: text/html
content-length: 1227
server: openresty/1.15.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip

GET
H2 204 VlpoZm15ZQsVUAACBAoIAgADMiwbAywMCRkYAx41DyJZNSohAARAGT8+VV5eYWldV0smMwxbXmR8GxIMIi8bW1xwMwYAAmt8HltdeG9GVF54aE4SHTc9VVdLJi4cClBnb1BVWmVrXV5YZ2Jb
distinesseqe.site/ 0
57 B 303ms
100ms Image
text/plain 34.196.230.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distinesseqe.site/VlpoZm15ZQsVUAACBAoIAgADMiwbAywMCRkYAx41DyJZNSohAARAGT8+VV5eYWldV0smMwxbXmR8GxIMIi8bW1xwMwYAAmt8HltdeG9GVF54aE4SHTc9VVdLJi4cClBnb1BVWmVrXV5YZ2Jb
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.230.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-230-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
access-control-allow-origin: *
date: Mon, 09 Mar 2020 05:26:25 GMT

GET
H/1.1 200
OK zone Show response
luckypushh.com/ 672 B
1 KB 19ms
19ms Fetch
application/json 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://luckypushh.com/zone?pub=0&zone_id=1861720&is_mobile=false&domain=www.dredown.com&var=&ymid=

Requested by

Host: luckypushh.com
URL: https://luckypushh.com/ntfc.php?p=1861720

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

11cd514d8b43827385ba8cadba1ccbc617991f7d7339a61515c4cfce4b1caaa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: 63cb3c0ec2fa20c601e27be05d1cd7db
Date: Mon, 09 Mar 2020 05:26:25 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 672

GET
H/1.1 200
OK universal.min.js Show response
luckypushh.com/pfe/current/ 130 KB
40 KB 76ms
28ms Fetch
application/javascript 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://luckypushh.com/pfe/current/universal.min.js?v=3.1.182
Requested by: Host: luckypushh.com
URL: https://luckypushh.com/ntfc.php?p=1861720
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 439dc1a1de168c5a5c84d9d7be6ce1bafc3420882ed04331881bc4571d3296b1

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:11 GMT
Server: nginx
ETag: W/"5e6114eb-20935"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dredown.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK zone Show response
pushsar.com/ 638 B
1 KB 21ms
21ms Fetch
application/json 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/zone?pub=0&zone_id=3085928&is_mobile=false&domain=www.dredown.com&var=&ymid=

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

cbfa0f3ab9458aa99c236f5e9843c28f9b5aa83d2a7c4d3f50f0c8ab41064f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: e9be322cadb1f548cb9377392ba4c4ef
Date: Mon, 09 Mar 2020 05:26:25 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 638

GET
H/1.1 200
OK universal.min.js Show response
pushsar.com/pfe/current/ 130 KB
40 KB 78ms
29ms Fetch
application/javascript 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/universal.min.js?v=3.1.182
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 439dc1a1de168c5a5c84d9d7be6ce1bafc3420882ed04331881bc4571d3296b1

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:10 GMT
Server: nginx
ETag: W/"5e6114ea-20935"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dredown.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 19 B
238 B 101ms
100ms Script
application/javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?cbuster=1583731585219948828869
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823644.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: MISS
content-type: application/javascript
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57126187ab95c82f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame 0CD6 19 B
192 B 182ms
181ms Script
application/javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1583731585222707630526
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823644.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: MISS
content-type: application/javascript
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57126187ab9ac82f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 adskeeper_logo_mini_71x16.png
cdn.adskeeper.co.uk/images/ 796 B
1 KB 17ms
16ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_logo_mini_71x16.png
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a768feb2cea958225615d935b23fa6e8ba7f366bc405d1267f1424244020dc

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
age: 5339
cf-polished: origFmt=png, origSize=2562
cf-ray: 57126187bba2c82f-AMS
status: 200
content-disposition: inline; filename="adskeeper_logo_mini_71x16.webp"
cf-bgj: imgq:85
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 796
x-amz-id-2: i3yAl0vEMhb6fQCzqjTLXsGKmYTAJT/WfcyR4oWCK/s3xsSjcUbgMU2keD+zouMxj6Mn60hY1v8=
last-modified: Fri, 28 Feb 2020 12:40:34 GMT
server: cloudflare
etag: "97fb3a072986fa1006cfbc27834841f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: AD11BC1F2CE4093C
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
expires: Mon, 09 Mar 2020 09:26:25 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzE0NzIyLzY5NWYwYzQyNTI3NzQ5YmY2NWY1NGQ3NzM1M2ExZjE4LmpwZw**.webp
s-img.adskeeper.co.uk/g/5202194/492x328/0x0x492x328/ 11 KB
11 KB 27ms
25ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/5202194/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzE0NzIyLzY5NWYwYzQyNTI3NzQ5YmY2NWY1NGQ3NzM1M2ExZjE4LmpwZw**.webp
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1b99c3dcf8e724b45b1cf07e5c28da0651d08b2d6af60b9403ef2042a656b6

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
age: 993974
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 11152
last-modified: Wed, 26 Feb 2020 17:19:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57126187bbadc82f-AMS
expires: Tue, 09 Mar 2021 05:26:25 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMjIwMTg1L2U5Yjc4OWFmYzU4YTMyZjNiNjJiMzIzNDE3MTgwZWY0LnBuZw**.webp
s-img.adskeeper.co.uk/g/5087322/492x328/-0x-0x492x328/ 11 KB
11 KB 23ms
21ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/5087322/492x328/-0x-0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMjIwMTg1L2U5Yjc4OWFmYzU4YTMyZjNiNjJiMzIzNDE3MTgwZWY0LnBuZw**.webp
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76c1d107332e7c5a5fb9c79263e7eb428b9622863712aba023cc100d47564ba

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
age: 2309354
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 11384
last-modified: Tue, 11 Feb 2020 11:57:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57126187bbacc82f-AMS
expires: Tue, 09 Mar 2021 05:26:25 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTQxNTY1LzdkYzVmYTk2MTRkNmNmNGY5ZDE1MmVjY2UyNDM5ZWIzLnBuZw**.webp
s-img.adskeeper.co.uk/g/4903842/492x328/-0x-0x492x328/ 29 KB
29 KB 24ms
22ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4903842/492x328/-0x-0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTQxNTY1LzdkYzVmYTk2MTRkNmNmNGY5ZDE1MmVjY2UyNDM5ZWIzLnBuZw**.webp
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995038de042340f5e396dcb43a8798d88ab33f5b0f805b757e219e250f3a6abd

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
age: 3303395
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 30004
last-modified: Thu, 30 Jan 2020 20:18:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57126187bbaec82f-AMS
expires: Tue, 09 Mar 2021 05:26:25 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTY0NTg4LzczOTU1ZWNjZGIxMzhmODRjMDlkMGEwMTE3MmE3NmZmLmpwZw**.webp
s-img.adskeeper.co.uk/g/5143467/492x328/0x72x960x640/ 28 KB
28 KB 18ms
16ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/5143467/492x328/0x72x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTY0NTg4LzczOTU1ZWNjZGIxMzhmODRjMDlkMGEwMTE3MmE3NmZmLmpwZw**.webp
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb81d87292ef3650e2fce035d86940c06a986b72a2d69ee2f4ba76ac8e85c3b3

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
age: 1082585
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 28658
last-modified: Tue, 25 Feb 2020 16:29:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57126187bbaac82f-AMS
expires: Tue, 09 Mar 2021 05:26:25 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvNDcwMzAwLzgwOTUxMGVkMjEyY2I5NzAwYTI3ZmU4YWE2YTA5N2Y1LnBuZw**.webp
s-img.adskeeper.co.uk/g/5064477/492x328/11x0x704x469/ 20 KB
20 KB 20ms
18ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/5064477/492x328/11x0x704x469/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvNDcwMzAwLzgwOTUxMGVkMjEyY2I5NzAwYTI3ZmU4YWE2YTA5N2Y1LnBuZw**.webp
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7a998128acc6cd2836b702914360e42b2cb82a81a384448c22f92f7a3ce4512

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
age: 554203
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 20750
last-modified: Fri, 28 Feb 2020 19:43:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57126187bba9c82f-AMS
expires: Tue, 09 Mar 2021 05:26:25 GMT

OPTIONS
H/1.1 200
OK custom Show response
luckypushh.com/ 0
463 B 21ms
21ms Fetch
text/plain 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://luckypushh.com/custom
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Mar 2020 05:26:25 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

GET
H2 200 sw.js Show response
www.dredown.com/ 64 B
192 B 26ms
26ms Fetch
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/sw.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340d791e66f5caabf0ddd5ce84898b309180e2daf5f7ba123ebfe425860ea736

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 Feb 2020 17:58:10 GMT
server: cloudflare
age: 2944
etag: W/"ca2af9-40-59eb52e809080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 571261883be2f91f-MXP

POST
H/1.1 200
OK custom Show response
luckypushh.com/ 39 B
490 B 20ms
20ms Fetch
application/json 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://luckypushh.com/custom

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 35e0355a7da4598b534514bff10795fb
Date: Mon, 09 Mar 2020 05:26:25 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom Show response
luckypushh.com/ 0
463 B 17ms
16ms Fetch
text/plain 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://luckypushh.com/custom
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Mar 2020 05:26:25 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

POST
H/1.1 200
OK custom Show response
luckypushh.com/ 39 B
490 B 17ms
17ms Fetch
application/json 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://luckypushh.com/custom

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 501076feccfb7b69d651209fabcbccb6
Date: Mon, 09 Mar 2020 05:26:25 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 jquery.js Show response
www.dredown.com/js/ 112 KB
37 KB 29ms
27ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 793a15e0a769a20cf294c35302ddd4ac39c74417962fa4fe539ed0e696ee2678

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:03 GMT
server: cloudflare
age: 1074
etag: W/"ca1435-1be73-5516b6ea1c7c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee5af91f-MXP

GET
H2 200 grid.js Show response
www.dredown.com/js/ 24 KB
7 KB 26ms
24ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/grid.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:38:47 GMT
server: cloudflare
age: 2648
etag: W/"ca1429-5e12-5516b6dada3c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee5df91f-MXP

GET
H2 200 jquery.ui.widget.js Show response
www.dredown.com/js/vendor/ 16 KB
5 KB 23ms
21ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/vendor/jquery.ui.widget.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:07 GMT
server: cloudflare
age: 2958
etag: W/"ca1439-3ed9-5516b6eded0c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee5ef91f-MXP

GET
H2 200 jquery.iframe-transport.js Show response
www.dredown.com/js/ 11 KB
3 KB 27ms
24ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.iframe-transport.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:01 GMT
server: cloudflare
age: 2958
etag: W/"ca1434-2a8b-5516b6e834340-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee60f91f-MXP

GET
H2 200 jquery.fileupload.js Show response
www.dredown.com/js/ 62 KB
13 KB 27ms
25ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.fileupload.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ddae60f2d6d708b6251b9e9ade4c8bb7d4e0af905a8e2f95dfea2dd8588c36

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:00 GMT
server: cloudflare
age: 6659
etag: W/"ca1433-f919-5516b6e740100-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee61f91f-MXP

GET
H2 200 fastclick.js Show response
www.dredown.com/js/ 25 KB
7 KB 25ms
23ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/fastclick.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6ebd0f9726b9f0d5a566d8b3967e7d5223782fd274ac2da7c674d1ea2b69b1

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:38:45 GMT
server: cloudflare
age: 2958
etag: W/"ca1428-656c-5516b6d8f1f40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee62f91f-MXP

GET
H2 200 jquery.waitforimages.js Show response
www.dredown.com/js/ 8 KB
2 KB 30ms
28ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/jquery.waitforimages.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b69c824d886b6b700fa65c52e1dc22ebfd4e5bfdf469ac3df59be4de09d7ba

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:39:04 GMT
server: cloudflare
age: 2958
etag: W/"ca1436-1e3a-5516b6eb10a00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee65f91f-MXP

GET
H2 200 javascript.js Show response
www.dredown.com/js/ 7 KB
2 KB 327ms
326ms Script
application/javascript 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/js/javascript.js?x=1583731585
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690f3a5ee35be38480240f153b98cd4e7b510cbb079c572cd053dccd6040fc68

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Aug 2018 02:45:48 GMT
server: cloudflare
etag: W/"ca258f-1c41-5741141a2af00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57126189ee66f91f-MXP

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
992 B 25ms
22ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

bdde153c2225a8ece83bee8df43f9f677bba41681f9be21e450a95efce937c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 200
OK 3114621 Show response
inpagepush.com/400/ 44 KB
16 KB 65ms
22ms Script
application/javascript 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3114621

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

21915ea79904104cb9d0e61449692c29dc74f1adad0dabc4220e796a7e9ae6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Trace-Id: b4efd6972bb928e19d26e4fb1ce5ac61
Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 dredown.com.824166.js Show response
jsc.adskeeper.co.uk/d/r/ 134 KB
37 KB 23ms
22ms Script
text/javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.824166.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c0f27fc6309646aa7d4c0610193597f052edc18bbfbaef2039b143ec952eff

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 6771
cf-polished: origSize=136941
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: AA13AEC9C7BFB491
x-amz-id-2: yJcb08ghMyozy5hYjT0iZpwX1hSTh9JvtFOccGsOMkvB5dJzdUgV9TrJHLdGbkZaPxzcf4T4ULw=
last-modified: Fri, 28 Feb 2020 16:21:04 GMT
server: cloudflare
etag: W/"85e3621be551b375acfdf31ee56cc296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Mon, 09 Mar 2020 09:26:25 GMT
cache-control: public, max-age=14400
cf-ray: 57126189edfcc82f-AMS
cf-bgj: minify

GET
H/1.1 403
Forbidden invoke.js
pl15304395.passeura.com/6a52ecb9bbe0934c07850a0d6aea4108/ 0
0 293ms
93ms Script
application/javascript 198.134.112.241
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://pl15304395.passeura.com/6a52ecb9bbe0934c07850a0d6aea4108/invoke.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 09 Mar 2020 05:26:25 GMT
Server: nginx/1.17.6
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Content-Type: application/javascript

GET
H/1.1 200
OK tag.min.js Show response
pushsar.com/pfe/current/ 38 KB
12 KB 19ms
18ms Script
application/javascript 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/tag.min.js?z=3085930
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2d44d94ab045ab92be55e9536a5e58222e8216fc1999f5a8bd6fa1d1b424ddc6

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:10 GMT
Server: nginx
ETag: W/"5e6114ea-99c9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Ubuntu:300
Origin: https://www.dredown.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 05:14:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:36 GMT
server: sffe
age: 2851940
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13588
x-xss-protection: 0
expires: Thu, 04 Feb 2021 05:14:05 GMT

GET
H2 200 dredown_download_couples.jpg
www.dredown.com/images/ 300 KB
300 KB 30ms
29ms Image
image/jpeg 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/dredown_download_couples.jpg
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8457441874181f5a1aa6cf83c34f694995f78ecd37db470d5ccf08b79ede6c86

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
last-modified: Sun, 16 Feb 2020 05:28:58 GMT
server: cloudflare
age: 6602
etag: "ca288e-4b02b-59eaab7277a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57126189fe7ff91f-MXP
content-length: 307243

GET
H2 200 dredown.png
www.dredown.com/images/ 12 KB
12 KB 21ms
21ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/dredown.png?x=
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9412522fc0ac1e8015cd03248533f7d4e779c283bfd0bfcf7a3d46bab805197d

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2017 18:14:45 GMT
server: cloudflare
age: 846
etag: "ca1481-2e79-551ef86d9af40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57126189fe80f91f-MXP
content-length: 11897

GET
H2 200 fontawesome-webfont.woff2
www.dredown.com/fonts/ 75 KB
76 KB 22ms
22ms Font
font/woff2 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 05:26:25 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 04:32:40 GMT
server: cloudflare
age: 2643
etag: "ca1421-12d68-5516b57cdaa00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57126189fe81f91f-MXP
content-length: 77160

GET
H2 200 popunder.gif
distinesseqe.site/ 35 B
212 B 100ms
100ms Image
image/gif 34.196.230.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distinesseqe.site/popunder.gif
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.230.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-230-232.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: public, max-age=604800, immutable
content-length: 58

GET
H2 200 1 Show response
native.propellerclick.com/ 7 KB
4 KB 45ms
14ms Script
text/javascript 89.19.36.40
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/1?z=3085965
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.19.36.40 , Netherlands, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 0cb20dba13f41d32f618aab72778d40148f5f268a11cf2449f9304a13ed30f49

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
x-sc: FGydFHUafXpWgfTc9IdiumxodqNSUFoEf20_EHrqhj7ED_fZGyAB3DUhvcKZHKHCzzrLaC4G3Mnk6_kT6ChEgtAIjZQ=
server: nginx
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
status: 200
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 ZGhGeFpLVyULZwVbEBA5DxAnKRsHPCI5NicpLRsuPDoALx8sECReLg0Me0BpU1tzSXwUASJFaVZONQw7EB01RW5WTi8WPAtVckBtQh57SHRRRnRLdFZOMgg7A1V3XioQHCpFa1FQdU9pVV1+TWxcWg
distinesseqe.site/ 0
57 B 100ms
100ms Image
text/plain 34.196.230.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distinesseqe.site/ZGhGeFpLVyULZwVbEBA5DxAnKRsHPCI5NicpLRsuPDoALx8sECReLg0Me0BpU1tzSXwUASJFaVZONQw7EB01RW5WTi8WPAtVckBtQh57SHRRRnRLdFZOMgg7A1V3XioQHCpFa1FQdU9pVV1+TWxcWg
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.230.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-230-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
access-control-allow-origin: *
date: Mon, 09 Mar 2020 05:26:25 GMT

GET
H2 200 push Show response
healthoutabol.site/ 4 KB
3 KB 254ms
253ms XHR
text/plain 54.209.108.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://healthoutabol.site/push?tid=837351&red=1&cs=OVBXdXAIZTEUSFtnNEARDzRgF0AJ&abt=0&v=0.5.23.2&sm=83&k=dredown%20video%20downloader%20music%20george%20lamberis%20from%20platforms%20like%20youtube%20facebook%20others%20with%20click%20instagram%20videos%20download&sts=80&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.dredown.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=1&uloc=&if=0&_84j0=1583731585701&crc=1
Requested by: Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=837351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.108.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-108-129.compute-1.amazonaws.com
Software: openresty/1.15.8.2 /
Resource Hash: 8221e8841752d4cfe2897ccc2b8c44d1982ab11ded9261878747c37d19ca6198

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:25 GMT
content-encoding: gzip
server: openresty/1.15.8.2
status: 200
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.dredown.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 2655

GET
H2 204 ZVNjRXBKbAA2TTEHKQ4pCAVbBwkSFzsWSCMYNSY1AGI5fDEjBVpjBAw3Xn1DUmBWdFYVOgd4Q1d1EDERESYQeEZXdQorFgpuRTNNVX1Wa0JWfVFjBBUyBHhBQyMXMRxYYlZ9Q1JgUnBIUGRTdQ
distinesseqe.site/ 0
57 B 100ms
100ms Image
text/plain 34.196.230.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distinesseqe.site/ZVNjRXBKbAA2TTEHKQ4pCAVbBwkSFzsWSCMYNSY1AGI5fDEjBVpjBAw3Xn1DUmBWdFYVOgd4Q1d1EDERESYQeEZXdQorFgpuRTNNVX1Wa0JWfVFjBBUyBHhBQyMXMRxYYlZ9Q1JgUnBIUGRTdQ
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.230.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-230-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
access-control-allow-origin: *
date: Mon, 09 Mar 2020 05:26:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/js/javascript.js?x=1583731585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5655
date: Mon, 09 Mar 2020 03:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 09 Mar 2020 05:52:10 GMT

GET
H/1.1 403
Forbidden invoke.js
pl15304395.passeura.com/6a52ecb9bbe0934c07850a0d6aea4108/ 0
0 93ms
93ms Script
application/javascript 198.134.112.241
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://pl15304395.passeura.com/6a52ecb9bbe0934c07850a0d6aea4108/invoke.js
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 09 Mar 2020 05:26:25 GMT
Server: nginx/1.17.6
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Content-Type: application/javascript

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflkAsU_-/ 27 KB
10 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflkAsU_-/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39b400a9f636b03c497e9f79bb638536984d3619774d1a01993a46df9a1be610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 08 Mar 2020 19:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35364
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10183
x-xss-protection: 0
last-modified: Sun, 08 Mar 2020 11:08:47 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 16 Mar 2020 19:37:01 GMT

GET
H/1.1 200
OK zone Show response
pushsar.com/ 662 B
1 KB 22ms
21ms Fetch
application/json 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/zone?pub=0&zone_id=3085930&is_mobile=false&domain=www.dredown.com&var=&ymid=

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085930

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

56777a49f572130cf246e457f56e9a3921c95fa7e8a296d81217782a6c75f412

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: e43a9cd8129847f5197066405ab41286
Date: Mon, 09 Mar 2020 05:26:26 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 662

GET
H/1.1 200
OK universal.min.js Show response
pushsar.com/pfe/current/ 130 KB
40 KB 20ms
20ms Fetch
application/javascript 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/universal.min.js?v=3.1.182
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085930
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 439dc1a1de168c5a5c84d9d7be6ce1bafc3420882ed04331881bc4571d3296b1

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:10 GMT
Server: nginx
ETag: W/"5e6114ea-20935"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dredown.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK zone Show response
pushsar.com/ 638 B
1 KB 36ms
18ms Fetch
application/json 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/zone?pub=0&zone_id=3085928&is_mobile=false&domain=www.dredown.com&var=&ymid=

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

cbfa0f3ab9458aa99c236f5e9843c28f9b5aa83d2a7c4d3f50f0c8ab41064f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: 5de57aecf5cb3f33a1c49c15168cddbf
Date: Mon, 09 Mar 2020 05:26:26 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 638

GET
H/1.1 200
OK universal.min.js Show response
pushsar.com/pfe/current/ 130 KB
40 KB 36ms
19ms Fetch
application/javascript 88.85.82.156
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/universal.min.js?v=3.1.182
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=3085928
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.85.82.156 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 439dc1a1de168c5a5c84d9d7be6ce1bafc3420882ed04331881bc4571d3296b1

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 15:04:10 GMT
Server: nginx
ETag: W/"5e6114ea-20935"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dredown.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 cEpPam1fdSwZUCcmPy83Jgg9CBQ5Dy4uBQQAfisVEg56EC9CCD5MGRkuclJeR3l6W0sAIytXXkJsPB4MBD88V1xHbCYECx93fFlYVjxyWkNFZH1ZQ0JsOxoMF3d+TB0EPiNXXEVyfF1eQX93XF1Dfw
distinesseqe.site/ 0
57 B 100ms
100ms Other
text/plain 34.196.230.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distinesseqe.site/cEpPam1fdSwZUCcmPy83Jgg9CBQ5Dy4uBQQAfisVEg56EC9CCD5MGRkuclJeR3l6W0sAIytXXkJsPB4MBD88V1xHbCYECx93fFlYVjxyWkNFZH1ZQ0JsOxoMF3d+TB0EPiNXXEVyfF1eQX93XF1Dfw
Requested by: Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=837351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.230.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-230-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
access-control-allow-origin: *
date: Mon, 09 Mar 2020 05:26:26 GMT

GET
H2 200 263cd4ec24c05cd58f5d81dd7d15d8ef Show response
native.propellerclick.com/27/ 392 KB
130 KB 23ms
23ms Script
application/javascript 89.19.36.40
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://native.propellerclick.com/27/263cd4ec24c05cd58f5d81dd7d15d8ef

Requested by

Host: native.propellerclick.com
URL: https://native.propellerclick.com/1?z=3085965

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.19.36.40 , Netherlands, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

043ed4b127c3dd465c8674a4e338456bc8498df68655438e8eb23db004390508

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Feb 2020 09:44:28 GMT
server: nginx
access-control-allow-origin
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Wed, 27 Mar 2080 09:44:28 GMT

GET
H2 200 38 Show response
native.propellerclick.com/42/ 0
461 B 39ms
39ms Script
text/plain 89.19.36.40
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/42/38?z=3085965
Requested by: Host: native.propellerclick.com
URL: https://native.propellerclick.com/1?z=3085965
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.19.36.40 , Netherlands, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
server: nginx
access-control-allow-origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
status: 200
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=687990417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dredown.com%2F&ul=en-us&de=UTF-8&dt=DreDown%20%7C%20All%20Video%20Downloader%20%7C%20Download%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56660370-5&cid=1684296699.1583731585&jid=999661747&_gid=565719416.1583731586&gjid=1226692542&_v=j81&z=568871921

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56660370-5&cid=1684296699.1583731585&jid=999661747&_gid=565719416.1583731586&gjid=1226692542&_v=j81&z=568871921

Requested by

Host: www.dredown.com
URL: https://www.dredown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 09 Mar 2020 05:26:26 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56660370-5&cid=1684296699.1583731585&jid=999661747&_gid=565719416.1583731586&gjid=1226692542&_v=j81&z=568871921
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oF83Xt-W1k4
www.youtube.com/embed/ Frame 9602 0
0 92ms
92ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/oF83Xt-W1k4?autoplay=1&controls=1&showinfo=0&modestbranding=1&loop=1&fs=0&cc_load_policy=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2Fwww.dredown.com&widgetid=1

Requested by

Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflkAsU_-/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/oF83Xt-W1k4?autoplay=1&controls=1&showinfo=0&modestbranding=1&loop=1&fs=0&cc_load_policy=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2Fwww.dredown.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dredown.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dredown.com/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: br
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Mon, 09 Mar 2020 05:26:26 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=OQWCUkbSmmQ; path=/; domain=.youtube.com; secure; expires=Sat, 05-Sep-2020 05:26:26 GMT; httponly; samesite=None YSC=G4J8TEHMqFk; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 09-Mar-2020 05:56:26 GMT VISITOR_INFO1_LIVE=OQWCUkbSmmQ; path=/; domain=.youtube.com; secure; expires=Sat, 05-Sep-2020 05:26:26 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 758 B
653 B 17ms
17ms Script
text/javascript 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=_vbysnk&render=6LfIR3gUAAAAAGeE13xVxPflyUKLHzsL8gEXcJDU

Requested by

Host: native.propellerclick.com
URL: https://native.propellerclick.com/27/263cd4ec24c05cd58f5d81dd7d15d8ef

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85fcf82396f056d466b9716e4028aecf4ffb3824d2e25bfe24a63b59bc9fc140

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 498
x-xss-protection: 1; mode=block
expires: Mon, 09 Mar 2020 05:26:26 GMT

OPTIONS
H2 204 9 Show response
native.propellerclick.com/ 0
332 B 57ms
18ms XHR
text/plain 89.19.36.40
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/9?z=3085965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.dredown.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Requested by: Host: native.propellerclick.com
URL: https://native.propellerclick.com/27/263cd4ec24c05cd58f5d81dd7d15d8ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.19.36.40 , Netherlands, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
server: nginx
access-control-allow-origin: https://www.dredown.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
status: 204
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mainpage.php Show response
www.dredown.com/ 3 KB
1 KB 336ms
336ms XHR
text/html 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dredown.com/mainpage.php?page=
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: bb951ddf929f7f30198833ed3d8c60c6bd30c5604e863646b378a698def2b29c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 5712618dfbdbf91f-MXP

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/ 259 KB
92 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=_vbysnk&render=6LfIR3gUAAAAAGeE13xVxPflyUKLHzsL8gEXcJDU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fafe784f7e1f13fccc7782f6c524a6f340b0b487b65c45aac414d09e6daded8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 18:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 05:05:22 GMT
server: sffe
age: 558196
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94503
x-xss-protection: 0
expires: Tue, 02 Mar 2021 18:23:10 GMT

POST
H2 204 9 Show response
native.propellerclick.com/ 0
475 B 17ms
17ms XHR
text/plain 89.19.36.40
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/9?z=3085965&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.dredown.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.19.36.40 , Netherlands, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
server: nginx
status: 204
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.dredown.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame A43F 0
0 35ms
35ms Document
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIR3gUAAAAAGeE13xVxPflyUKLHzsL8gEXcJDU&co=aHR0cHM6Ly93d3cuZHJlZG93bi5jb206NDQz&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=5senb9b3w97

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/v1QHzzN92WdopzN_oD7bUO2P/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YfWqXVQFicQF7cxcFsaYrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfIR3gUAAAAAGeE13xVxPflyUKLHzsL8gEXcJDU&co=aHR0cHM6Ly93d3cuZHJlZG93bi5jb206NDQz&hl=en&v=v1QHzzN92WdopzN_oD7bUO2P&size=invisible&cb=5senb9b3w97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dredown.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dredown.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Mar 2020 05:26:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-YfWqXVQFicQF7cxcFsaYrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9148
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 c
c.adskeeper.co.uk/ 43 B
402 B 112ms
98ms Image
image/gif 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=301|239|8|6Y-qsuViqnHMkl61VnS2tbSfyB7n4Zqf2ZtVSL6eTLzQnJqET4B440-F4EEgLKqJ&fw=1&extjs=510&v=301|239|24|ji1_Gf0L-3byfCN0VP7w_-QiV1cDjZEQUEQDXjWKI6icVFoX9mBy5_blc5ov1-yq&v=301|239|8|RjQP2VhLCrNMXZIwK2L0r16ZJjjtdUl-ZWny93emM4GgwPW7b5dDZ23RuxjsYhIG&v=301|239|8|z4Rqaf75E1sZ9KqCqZse64pvEfP0fTWKdOUwhXzuTbbodnawx2jc1_OgPAqrazrf&v=301|239|40|098BtIv45Osn34NrTOz0pfPsMYxe6t1LQkkLIAf33BxycDT2pcDy00yvykalZVXu&cid=823644&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=850ceeb4-61c6-11ea-9cfb-4cd98f41c125&tt=Direct&cbuster=1583731586349198245483&tpl=0
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5712618ecb0bc82f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
773 B 54ms
12ms XHR
application/json 188.42.160.59
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3114621

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.59 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

32df784a33decce25fef745fff806c82385f2f4b532d46a56486b99ac24b12b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Mar 2020 05:26:26 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 6 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200303&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200303/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbfc48de7dc0995fe85d93c3ec7307f8e23a6f883a355340a1d75236d6a72117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5071
x-xss-protection: 0

OPTIONS
H/1.1 200
OK custom Show response
luckypushh.com/ 0
463 B 16ms
15ms Fetch
text/plain 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://luckypushh.com/custom
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Mar 2020 05:26:26 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200303/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:26 GMT

POST
H/1.1 200
OK custom Show response
luckypushh.com/ 39 B
490 B 17ms
17ms Fetch
application/json 188.72.202.158
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://luckypushh.com/custom

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.158 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 3f1dbeceaa5cc8d58cf717d2b2ec010e
Date: Mon, 09 Mar 2020 05:26:26 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK 3114621 Show response
inpagepush.com/500/ 0
500 B 49ms
12ms XHR
text/plain 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3114621?excludes=&oaid=a0a89987a0e945bf8e62ecc467f97dea&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=9&pl=https%3A%2F%2Fwww.dredown.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3114621

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: GET
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Mar 2020 05:26:26 GMT
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 4D7B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.dredown.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.dredown.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 09 Mar 2020 01:36:53 GMT
expires: Tue, 09 Mar 2021 01:36:53 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13773
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dredown.com.823693.js Show response
jsc.adskeeper.co.uk/d/r/ 119 KB
33 KB 21ms
21ms Script
text/javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823693.js?_=1583731585616
Requested by: Host: www.dredown.com
URL: https://www.dredown.com/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00217852c92153ab17f019ddfed994930e6c5079055254c8a9b6978df8cb550a

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 722
cf-polished: origSize=121570
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: C7064C60BDA70F33
x-amz-id-2: V52Yr58Lc1xYFs8EPWeWKT+4bEr5Xkr3TP5wvNOvc7VyIrvRUl4zGo+UAxKjJqD1JPAeXzi42a4=
last-modified: Thu, 27 Feb 2020 21:06:02 GMT
server: cloudflare
etag: W/"ae12be38d54a0a265c8cb425be10927f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Mon, 09 Mar 2020 09:26:26 GMT
cache-control: public, max-age=14400
cf-ray: 571261901c8dc82f-AMS
cf-bgj: minify

GET
H2 200 youtube.png
www.dredown.com/images/ 6 KB
6 KB 23ms
21ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/youtube.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74edfc12bedd8370ac28e4f064105d8516149d249f0e7e76e4c9d13f2a0c82b

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:09 GMT
server: cloudflare
age: 1072
etag: "ca1485-17ed-552586767aa40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261901e84f91f-MXP
content-length: 6125

GET
H2 200 facebook.png
www.dredown.com/images/ 11 KB
12 KB 22ms
21ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/facebook.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccdac91bbbd4f5813bf15edac814bb724d8754de70d0a9fd6633f7ef98f07b6

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:09 GMT
server: cloudflare
age: 796
etag: "ca14bc-2df1-552586767aa40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e85f91f-MXP
content-length: 11761

GET
H2 200 instagram.png
www.dredown.com/images/ 41 KB
41 KB 24ms
23ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/instagram.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fadbb4fa539f8891f10c11b01a9c02f1137999b5f9870fba90c68cf1fe1ec00

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:44:23 GMT
server: cloudflare
age: 796
etag: "ca14c9-a363-55258b6eae3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e87f91f-MXP
content-length: 41827

GET
H2 200 keek.png
www.dredown.com/images/ 40 KB
41 KB 23ms
22ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/keek.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f38d7a13dd18e62078029a649d40b4e5622cbb905f032055249dbf5b3bee8b3

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:45:13 GMT
server: cloudflare
age: 5409
etag: "ca14cb-a19b-55258b9e5d440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e88f91f-MXP
content-length: 41371

GET
H2 200 twitter.png
www.dredown.com/images/ 6 KB
6 KB 23ms
22ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/twitter.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7713ba1215becc7ef2a899bbfa5c206ab52153025de3c6921474ab5fc0d8e95

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:09 GMT
server: cloudflare
age: 2951
etag: "ca14c1-17e2-552586767aa40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e89f91f-MXP
content-length: 6114

GET
H2 200 twitch.png
www.dredown.com/images/ 9 KB
9 KB 24ms
23ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/twitch.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5864af70c5f9e85fee6127d11b387b134e061ef6af037bd33130db9a66e0d2f

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
server: cloudflare
age: 796
etag: "ca14c7-223c-552586776ec80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e8af91f-MXP
content-length: 8764

GET
H2 200 vine.png
www.dredown.com/images/ 29 KB
30 KB 27ms
26ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vine.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278b2f1fb819f64a3c3be5852b966375969ba076fdd08f8ca60f3a53cc8996e4

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:44:23 GMT
server: cloudflare
age: 796
etag: "ca14ca-75a2-55258b6eae3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e98f91f-MXP
content-length: 30114

GET
H2 200 vimeo.png
www.dredown.com/images/ 16 KB
16 KB 27ms
27ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vimeo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4746dea37a5eff44f4202ecdbd782933f67f9fa5c53784603faffdcdf0c554

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
server: cloudflare
age: 796
etag: "ca14c6-3ed0-552586776ec80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e9bf91f-MXP
content-length: 16080

GET
H2 200 metacafe.png
www.dredown.com/images/ 15 KB
15 KB 25ms
24ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/metacafe.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b497821ac41826d2f0921ea5a4ae715fe4a8ed2cfaa21bd6739990fefcce15

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
server: cloudflare
age: 795
etag: "ca14c4-3a3a-552586776ec80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e9af91f-MXP
content-length: 14906

GET
H2 200 vevo.png
www.dredown.com/images/ 4 KB
4 KB 26ms
26ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vevo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a816b23df67434a719dc923548a94d50777d433e7c26f3d587cdc2b3ed433db5

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:22:10 GMT
server: cloudflare
age: 2951
etag: "ca14c3-fd6-552586776ec80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e9df91f-MXP
content-length: 4054

GET
H2 200 vk.png
www.dredown.com/images/ 29 KB
29 KB 25ms
25ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/vk.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f78bb2edd2e90afe6f7dd648069916796ba4e317fee181c9f31ca95521ad7005

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:46:16 GMT
server: cloudflare
age: 795
etag: "ca14cc-7351-55258bda72200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e9cf91f-MXP
content-length: 29521

GET
H2 200 tumblr.png
www.dredown.com/images/ 18 KB
18 KB 24ms
23ms Image
image/png 104.27.179.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dredown.com/images/tumblr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.179.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47424b23ab35819eb0f7badbdee6bb48addca9876803f442c2ab84d66211fa42

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2017 23:47:30 GMT
server: cloudflare
age: 795
etag: "ca14cd-4698-55258c2104880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 571261902e99f91f-MXP
content-length: 18072

POST
H2 200 14 Show response
native.propellerclick.com/ 13 B
638 B 30ms
30ms XHR
application/json 89.19.36.40
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/14?rnd=2090619219&z=3085965&tp=zone
Requested by: Host: native.propellerclick.com
URL: https://native.propellerclick.com/27/263cd4ec24c05cd58f5d81dd7d15d8ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.19.36.40 , Netherlands, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 5ad4ab8d7a53f2ab00f96de87cb7dcbb68034ac77b7720fd6a90e9a37400d883

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
x-sc: CpdPMDhm3k_OTRWgUQQ6RnNQ0QMdXKR6zplQg8STqhXTUG446rKS8K6jEe6AichQmiqC3y2NNjefmzkvgxiTn54hKCI=
server: nginx
status: 200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.dredown.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 13
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 3114621 Show response
inpagepush.com/500/ 1 KB
2 KB 22ms
22ms XHR
application/javascript 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

36f73a542c53fc5de3ab028ac3d3926f87dde346c5805015cfd74dfbd9756636

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 09 Mar 2020 05:26:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 884a0f05e98bf5e8d7fa2ea698003d98
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff
fonts.gstatic.com/s/roboto/v15/ 19 KB
19 KB 6ms
5ms Font
font/woff 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v15/mUdRVCMHGKUBOACHGTH1g-vvDin1pK8aKteLpeZ5c0A.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:04:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jan 2015 22:48:53 GMT
server: sffe
age: 3957736
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19684
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:04:10 GMT

GET
H/1.1 200
OK 01202919255561.jpeg
static.ptoahaistais.com/contents/s/29/03/31/8811de0b0196551df43b56f225/ 10 KB
11 KB 55ms
13ms Image
image/jpeg 78.140.190.68
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/29/03/31/8811de0b0196551df43b56f225/01202919255561.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.68 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: d326c4490abe9c24d09e192a8b650cd95302bd13de907ac97ea4b0a6d061cca1

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 09 Mar 2020 05:26:26 GMT
Last-Modified: Tue, 03 Mar 2020 10:47:15 GMT
Server: nginx
ETag: "5e5e35b3-27d4"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 10196

GET
H/1.1 200
OK online.js Show response
o.wowreality.info/ 82 KB
36 KB 70ms
26ms Script
application/javascript 188.42.224.97
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/online.js?ver=2.0.0
Requested by: Host: native.propellerclick.com
URL: https://native.propellerclick.com/27/263cd4ec24c05cd58f5d81dd7d15d8ef
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.42.224.97 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: b72dd845b54ce4ff8a2b26a37b35b282332b9290f5a21f38a54fc0c260eb0072

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 09 Mar 2020 05:26:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2020 12:35:21 GMT
Server: nginx
ETag: W/"5e4bda09-14885"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200303&jk=1656748641951919&bg=!eXqlemJY_Jw5tO_6j1ACAAAAPlIAAAANmQFbFhYzzFzhjf1-zIWca68Fw6cW_ysV-G0Ik4ypV05RtleCkg9VyIn9uW1tpKOT9PIhetBBZVyXN7vI6kgzfZPVpCDmf_sKLoDicma4Z_3a5XALfY_ZIr-gEVCuLjsivOTElKbv8NChRMdf49UY4-Ug4t3gTvbrPA_WGKNSANycVUjZZ6SgxbPrEkpJbgN43jiSBKtOa02DtizA5t-_EAQu4dYCRBIKt-ZGYPJMWuP74stxHHoao2YDJMRvOBWABinBcudePP0p9bYz6S_EdYqXnquOz4bRsT-xtk7wIVf7-JnfnAfDm3HO3b2xbdXYW6hsu_pkNEUxOuNMs34dS3gJ5-JJy8DfTbuJpO1Qc9PQ55NrAt0YWIc9c1-eCCtNlWDhmX3J_Lyqi_loY40MHUshkLK_DWCUtLKTbHkvxgFh58da4epZtqCUINCs1WlCckoVvxWNuuxCTnVoQWU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/823693/ 2 KB
1 KB 71ms
71ms Script
application/x-javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/823693/1?w=960&h=1107&cols=1&pv=5&cbuster=1583731586688660625372&uniqId=0128e&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fwww.dredown.com%2F&pageView=0&pvid=170bdc23680b4e55966&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823693.js?_=1583731585616
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3db825e9cddcb5faf026514ad1c4c5371df8d163a9d2d39cd30af5a5139542

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57126190dd60c82f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 17ms
16ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5087
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:26 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
15ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5969
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:26 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 16ms
15ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13504
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:26 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 15ms
15ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7048
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:26 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 17ms
16ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3934
x-xss-protection: 0
expires: Mon, 09 Mar 2020 05:26:26 GMT

GET
H2 200 adskeeper_logo_mini_71x16.png
cdn.adskeeper.co.uk/images/ 796 B
1 KB 16ms
16ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_logo_mini_71x16.png
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823693.js?_=1583731585616
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a768feb2cea958225615d935b23fa6e8ba7f366bc405d1267f1424244020dc

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
age: 5340
cf-polished: origFmt=png, origSize=2562
cf-ray: 571261916e1cc82f-AMS
status: 200
content-disposition: inline; filename="adskeeper_logo_mini_71x16.webp"
cf-bgj: imgq:85
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 796
x-amz-id-2: i3yAl0vEMhb6fQCzqjTLXsGKmYTAJT/WfcyR4oWCK/s3xsSjcUbgMU2keD+zouMxj6Mn60hY1v8=
last-modified: Fri, 28 Feb 2020 12:40:34 GMT
server: cloudflare
etag: "97fb3a072986fa1006cfbc27834841f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: AD11BC1F2CE4093C
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
expires: Mon, 09 Mar 2020 09:26:26 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzE0NzIyLzY5NWYwYzQyNTI3NzQ5YmY2NWY1NGQ3NzM1M2ExZjE4LmpwZw**.webp
s-img.adskeeper.co.uk/g/5202194/492x328/0x0x492x328/ 11 KB
11 KB 17ms
17ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/5202194/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzE0NzIyLzY5NWYwYzQyNTI3NzQ5YmY2NWY1NGQ3NzM1M2ExZjE4LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1b99c3dcf8e724b45b1cf07e5c28da0651d08b2d6af60b9403ef2042a656b6

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
age: 993975
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 11152
last-modified: Wed, 26 Feb 2020 17:19:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 571261917e2dc82f-AMS
expires: Tue, 09 Mar 2021 05:26:26 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMjIwMTg1L2U5Yjc4OWFmYzU4YTMyZjNiNjJiMzIzNDE3MTgwZWY0LnBuZw**.webp
s-img.adskeeper.co.uk/g/5087322/492x328/-0x-0x492x328/ 11 KB
11 KB 18ms
17ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/5087322/492x328/-0x-0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMjIwMTg1L2U5Yjc4OWFmYzU4YTMyZjNiNjJiMzIzNDE3MTgwZWY0LnBuZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76c1d107332e7c5a5fb9c79263e7eb428b9622863712aba023cc100d47564ba

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
age: 2309355
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 11384
last-modified: Tue, 11 Feb 2020 11:57:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 571261917e2fc82f-AMS
expires: Tue, 09 Mar 2021 05:26:26 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTQxNTY1LzdkYzVmYTk2MTRkNmNmNGY5ZDE1MmVjY2UyNDM5ZWIzLnBuZw**.webp
s-img.adskeeper.co.uk/g/4903842/492x328/-0x-0x492x328/ 29 KB
29 KB 18ms
18ms Image
image/webp 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4903842/492x328/-0x-0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTQxNTY1LzdkYzVmYTk2MTRkNmNmNGY5ZDE1MmVjY2UyNDM5ZWIzLnBuZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995038de042340f5e396dcb43a8798d88ab33f5b0f805b757e219e250f3a6abd

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:26 GMT
cf-cache-status: HIT
age: 3303396
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 30004
last-modified: Thu, 30 Jan 2020 20:18:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 571261917e30c82f-AMS
expires: Tue, 09 Mar 2021 05:26:26 GMT

GET WOW.png
webpick-cdn.s3.us-west-2.amazonaws.com/ 0
0

GET
H/1.1 200
OK WOW.png
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame 4770 212 KB
212 KB 612ms
181ms Image
image/png 52.218.217.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpick-cdn.s3.us-west-2.amazonaws.com/WOW.png
Requested by: Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=837351
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.217.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0fe853a807896eb4be5f70e13aa0e3c4573330e2d89bd7e8b8dcdd8d1d9ceac6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 09 Mar 2020 05:26:28 GMT
Last-Modified: Thu, 05 Mar 2020 16:30:26 GMT
Server: AmazonS3
x-amz-request-id: 7B7E1F1E7B998989
ETag: "1447563b47be5faa04dc392258838973"
x-amz-meta-sha256: 0fe853a807896eb4be5f70e13aa0e3c4573330e2d89bd7e8b8dcdd8d1d9ceac6
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 216819
x-amz-id-2: RuDYPZtg0snSq4MbnHVV56Li1tBPyEdBMIyjSO975rVUm5niT4aKIHzoji4Ss34GPE0bPmGRB90=
x-amz-meta-s3b-last-modified: 20200305T162941Z

GET
DATA 200
OK truncated
/ Frame 4770 795 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 c
c.adskeeper.co.uk/ 43 B
238 B 97ms
97ms Image
image/gif 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=950|351|8|a40y5PatPBjRHTeVoRALo_PsMYxe6t1LQkkLIAf33Bywvh1sGOVC_08fQFeb0I9x&fw=1&extjs=510&cid=823693&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=85f8122d-61c6-11ea-8762-d09466576dad&tt=Direct&cbuster=1583731587908795344530&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 09 Mar 2020 05:26:27 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 571261987d88c82f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

OPTIONS
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
402 B 47ms
15ms XHR
text/plain 188.42.224.97
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: o.wowreality.info
URL: https://o.wowreality.info/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.42.224.97 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Mar 2020 05:26:28 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
402 B 30ms
29ms XHR
text/plain 188.42.224.97
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.42.224.97 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 09 Mar 2020 05:26:28 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa2fdbd7f599971255422d966f70b2f5f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 4770 42 KB
42 KB 96ms
7ms Image
image/jpeg 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa2fdbd7f599971255422d966f70b2f5f.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b132f5e96116b71299fbe20195f574da14c3135a7dc387f689aacd08b8cca332

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 05:26:35 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1354316
edge-cache-tag: 357274085667293599010243176798039970521,537622690115475776451777301137107625846,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 24 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa2fdbd7f599971255422d966f70b2f5f.jpg
content-length: 42511
x-served-by: cache-dca17768-DCA, cache-dca17747-DCA, cache-hhn4034-HHN
last-modified: Sat, 22 Feb 2020 12:26:44 GMT
server: cloudinary
x-timer: S1583731595.147399,VS0,VE0
etag: "b1719152ebd9c9a0615c0c87e7602970"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 8, 2

GET
H/1.1 200
OK Jsbp7YL58xd8nlg-OVp4uaSRGkJa-D7I0D9F-4NKTCP1AUw9lLS0b2PUWfXH3eevQenSSdw42CE8VAgzGGngJPlxoUBpXSB376MsiXypS49i4Bj8E-CHh1Hjtx5FMEVag02TSTXeO3oREM8GehWRNxxo9Hxqc9uT4iSG_hkqZ9ihJkwgtQP7lBVWXE7lnoajnqpFQ...
inpagepush.com/impression/ 43 B
482 B 41ms
15ms Image
image/gif 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inpagepush.com/impression/Jsbp7YL58xd8nlg-OVp4uaSRGkJa-D7I0D9F-4NKTCP1AUw9lLS0b2PUWfXH3eevQenSSdw42CE8VAgzGGngJPlxoUBpXSB376MsiXypS49i4Bj8E-CHh1Hjtx5FMEVag02TSTXeO3oREM8GehWRNxxo9Hxqc9uT4iSG_hkqZ9ihJkwgtQP7lBVWXE7lnoajnqpFQorg15AzKaT3nwm_8wia38CPRgb-tjix2WMjD-u7bGZEF0zvLXI1I-VpfHtyv2WNwQrZ6KYR91GlTIIF_DsrAZSNmMfOLhFVY9uB06OgrDtukrU01ZRd4RncjRCBwOyh--aE0-k=?z=3114621&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=10&pl=https%3A%2F%2Fwww.dredown.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Trace-Id: 053a5cf580fa0c0bf0b53d46553babfd
Pragma: no-cache
Date: Mon, 09 Mar 2020 05:26:36 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01202919255561.jpeg
static.ptoahaistais.com/contents/s/29/03/31/8811de0b0196551df43b56f225/ Frame 4027 10 KB
11 KB 14ms
13ms Image
image/jpeg 78.140.190.68
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/29/03/31/8811de0b0196551df43b56f225/01202919255561.jpeg
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3114621
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.68 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: d326c4490abe9c24d09e192a8b650cd95302bd13de907ac97ea4b0a6d061cca1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 09 Mar 2020 05:26:36 GMT
Last-Modified: Tue, 03 Mar 2020 10:47:15 GMT
Server: nginx
ETag: "5e5e35b3-27d4"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 10196

OPTIONS
H/1.1 200
OK 3114621 Show response
inpagepush.com/500/ 0
500 B 39ms
14ms XHR
text/plain 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3114621?excludes=5515567&oaid=a0a89987a0e945bf8e62ecc467f97dea&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1585&wiw=1600&wih=1200&wfc=10&pl=https%3A%2F%2Fwww.dredown.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3114621

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: GET
Origin: https://www.dredown.com
Referer: https://www.dredown.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 09 Mar 2020 05:26:36 GMT
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

GET
H/1.1 200
OK 3114621 Show response
inpagepush.com/500/ 1 KB
2 KB 28ms
28ms XHR
application/javascript 78.140.191.103
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.103 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

0e824dd5aa5329687b1a70f642a827cff8de9f00e252182b2fcb05167f2190b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dredown.com/
Origin: https://www.dredown.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 09 Mar 2020 05:26:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b046f80845fd74c06d7d0c69fe150f01
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.dredown.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0326448916021.jpeg
static.ptoahaistais.com/contents/s/57/06/31/1a57eaa3570772b00d515f1f14/ 10 KB
11 KB 13ms
13ms Image
image/jpeg 78.140.190.68
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/57/06/31/1a57eaa3570772b00d515f1f14/0326448916021.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.68 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 071d74ef5f0dd0724f9bde381236e6f7e22017ea3f2ff1079948abeb2772edca

Request headers

Referer: https://www.dredown.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 09 Mar 2020 05:26:36 GMT
Last-Modified: Thu, 30 Jan 2020 10:47:22 GMT
Server: nginx
ETag: "5e32b43a-2848"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 10312

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webpick-cdn.s3.us-west-2.amazonaws.com
URL: https://webpick-cdn.s3.us-west-2.amazonaws.com/WOW.png

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 07:55:33	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: G4J8TEHMqFk
.doubleclick.net/	1970-01-19 17:17:07	Name: IDE Value: AHWqTUlDUwtGzRRHChLo_XG1Nqy0VXlUpkBgvoWuVAtDD6NQgJUyCI4FfN8hgxC2
.youtube.com/	1970-01-19 12:14:43	Name: VISITOR_INFO1_LIVE Value: OQWCUkbSmmQ
.dredown.com/	1970-01-19 07:55:31	Name: _gat Value: 1
.dredown.com/	1970-01-20 01:26:43	Name: _ga Value: GA1.2.1684296699.1583731585
www.dredown.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22U2S7WElBd%22%7D%2C%22C823644%22%3A%7B%22page%22%3A1%2C%22time%22%3A1583731585218%7D%2C%22C824166%22%3A%7B%22page%22%3A1%7D%7D
.dredown.com/	1970-01-19 07:56:57	Name: _gid Value: GA1.2.565719416.1583731586
.dredown.com/	1970-01-19 08:38:43	Name: __cfduid Value: d0c20edc66deefcff67e1b2ec5b7a687e1583731584

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.adskeeper.co.uk/d/r/dredown.com.823644.js(Line 9) Message: [object HTMLImageElement]
console-api	log	(Line 1) Message: service worker path (u): /sw.js event domain: https://luckypushh.com
console-api	log	(Line 1) Message: SDK installer already started
console-api	log	(Line 1) Message: SDK installer already started

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.adskeeper.co.uk
cdn.adskeeper.co.uk
cm.adskeeper.co.uk
d141wsrw9m4as6.cloudfront.net
distinesseqe.site
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
healthoutabol.site
images.taboola.com
inpagepush.com
jsc.adskeeper.co.uk
luckypushh.com
my.rtmark.net
native.propellerclick.com
o.wowreality.info
pagead2.googlesyndication.com
pl15304395.passeura.com
pushsar.com
s-img.adskeeper.co.uk
s.ytimg.com
seestimatere.pro
servicer.adskeeper.co.uk
static.ptoahaistais.com
stats.g.doubleclick.net
tpc.googlesyndication.com
webpick-cdn.s3.us-west-2.amazonaws.com
www.dredown.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.modulepush.com
www.youtube.com
webpick-cdn.s3.us-west-2.amazonaws.com
104.18.9.78
104.19.130.80
104.27.179.27
151.101.114.2
188.42.160.59
188.42.224.97
188.72.202.158
198.134.112.241
2600:9000:214f:a00:17:a95a:6580:21
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:816::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:820::200e
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9c
34.196.230.232
52.218.217.225
54.209.108.129
78.140.190.68
78.140.191.103
88.85.82.156
89.19.36.40
00217852c92153ab17f019ddfed994930e6c5079055254c8a9b6978df8cb550a
043ed4b127c3dd465c8674a4e338456bc8498df68655438e8eb23db004390508
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
071d74ef5f0dd0724f9bde381236e6f7e22017ea3f2ff1079948abeb2772edca
07ddae60f2d6d708b6251b9e9ade4c8bb7d4e0af905a8e2f95dfea2dd8588c36
0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2
0cb20dba13f41d32f618aab72778d40148f5f268a11cf2449f9304a13ed30f49
0e824dd5aa5329687b1a70f642a827cff8de9f00e252182b2fcb05167f2190b5
0fe853a807896eb4be5f70e13aa0e3c4573330e2d89bd7e8b8dcdd8d1d9ceac6
11cd514d8b43827385ba8cadba1ccbc617991f7d7339a61515c4cfce4b1caaa9
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
1372ebaa0d371c6cbe8624b176d4ffbfc224abe9e3a2f3c6423910768a37d85c
21915ea79904104cb9d0e61449692c29dc74f1adad0dabc4220e796a7e9ae6e6
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
278b2f1fb819f64a3c3be5852b966375969ba076fdd08f8ca60f3a53cc8996e4
29061ced78d340ddf25037f0c7cea137c6644d92482809e627cf3696af1fd493
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d44d94ab045ab92be55e9536a5e58222e8216fc1999f5a8bd6fa1d1b424ddc6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32df784a33decce25fef745fff806c82385f2f4b532d46a56486b99ac24b12b2
340d791e66f5caabf0ddd5ce84898b309180e2daf5f7ba123ebfe425860ea736
3609347a7047c04fa3b56a396337f2a5469a3a82ba099d46fc517d5621baa881
36f73a542c53fc5de3ab028ac3d3926f87dde346c5805015cfd74dfbd9756636
39b400a9f636b03c497e9f79bb638536984d3619774d1a01993a46df9a1be610
3c4746dea37a5eff44f4202ecdbd782933f67f9fa5c53784603faffdcdf0c554
3c6ebd0f9726b9f0d5a566d8b3967e7d5223782fd274ac2da7c674d1ea2b69b1
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
439dc1a1de168c5a5c84d9d7be6ce1bafc3420882ed04331881bc4571d3296b1
47424b23ab35819eb0f7badbdee6bb48addca9876803f442c2ab84d66211fa42
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1b99c3dcf8e724b45b1cf07e5c28da0651d08b2d6af60b9403ef2042a656b6
4f8eb830e29d1c12ed5ef24b6f74c9d46c356bed0de8a07ce5e1e025d759f410
52fcf24881af1ddc9fda963c070cf261afc46630460da9ee0a6095cb5b19cb58
541afee82a2f5bcdca2e94cfa4996b6f11dd9083ffe559719fa7e6dd57a8d954
56777a49f572130cf246e457f56e9a3921c95fa7e8a296d81217782a6c75f412
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
58c0f27fc6309646aa7d4c0610193597f052edc18bbfbaef2039b143ec952eff
59b497821ac41826d2f0921ea5a4ae715fe4a8ed2cfaa21bd6739990fefcce15
5a0b050607d03061476a57618facae88282b14052416e63e7222fed31fc26a5d
5ad4ab8d7a53f2ab00f96de87cb7dcbb68034ac77b7720fd6a90e9a37400d883
5f38d7a13dd18e62078029a649d40b4e5622cbb905f032055249dbf5b3bee8b3
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
616ec6b3de1645288c4895df9aa982a491501dd1e6053565ab2a8ea0182d5d8f
690f3a5ee35be38480240f153b98cd4e7b510cbb079c572cd053dccd6040fc68
793a15e0a769a20cf294c35302ddd4ac39c74417962fa4fe539ed0e696ee2678
8221e8841752d4cfe2897ccc2b8c44d1982ab11ded9261878747c37d19ca6198
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8457441874181f5a1aa6cf83c34f694995f78ecd37db470d5ccf08b79ede6c86
85fcf82396f056d466b9716e4028aecf4ffb3824d2e25bfe24a63b59bc9fc140
8fafe784f7e1f13fccc7782f6c524a6f340b0b487b65c45aac414d09e6daded8
8fdd0dfb55e6b3dc81469a42ffa139993423c69328a92cc0f3f0f70ef9eeb729
9412522fc0ac1e8015cd03248533f7d4e779c283bfd0bfcf7a3d46bab805197d
984b50b44ade35d903bbfa50129e85a46a2247060ae69b55e7e595fd1f7dadde
995038de042340f5e396dcb43a8798d88ab33f5b0f805b757e219e250f3a6abd
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9fadbb4fa539f8891f10c11b01a9c02f1137999b5f9870fba90c68cf1fe1ec00
a1a768feb2cea958225615d935b23fa6e8ba7f366bc405d1267f1424244020dc
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a5864af70c5f9e85fee6127d11b387b134e061ef6af037bd33130db9a66e0d2f
a816b23df67434a719dc923548a94d50777d433e7c26f3d587cdc2b3ed433db5
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b132f5e96116b71299fbe20195f574da14c3135a7dc387f689aacd08b8cca332
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b72dd845b54ce4ff8a2b26a37b35b282332b9290f5a21f38a54fc0c260eb0072
b8b7d1f10441c7349e88ed2a168e0635836f6724999f91ea8d15ecd4811dad38
bb3db825e9cddcb5faf026514ad1c4c5371df8d163a9d2d39cd30af5a5139542
bb951ddf929f7f30198833ed3d8c60c6bd30c5604e863646b378a698def2b29c
bdde153c2225a8ece83bee8df43f9f677bba41681f9be21e450a95efce937c59
c74edfc12bedd8370ac28e4f064105d8516149d249f0e7e76e4c9d13f2a0c82b
c7713ba1215becc7ef2a899bbfa5c206ab52153025de3c6921474ab5fc0d8e95
c7a998128acc6cd2836b702914360e42b2cb82a81a384448c22f92f7a3ce4512
cbfa0f3ab9458aa99c236f5e9843c28f9b5aa83d2a7c4d3f50f0c8ab41064f24
cbfc48de7dc0995fe85d93c3ec7307f8e23a6f883a355340a1d75236d6a72117
d326c4490abe9c24d09e192a8b650cd95302bd13de907ac97ea4b0a6d061cca1
d587776dac6739c104cf2760920c2ef79f5ecb9eed50c40a5a892e74dd7c8dec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b69c824d886b6b700fa65c52e1dc22ebfd4e5bfdf469ac3df59be4de09d7ba
e76c1d107332e7c5a5fb9c79263e7eb428b9622863712aba023cc100d47564ba
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb81d87292ef3650e2fce035d86940c06a986b72a2d69ee2f4ba76ac8e85c3b3
eccdac91bbbd4f5813bf15edac814bb724d8754de70d0a9fd6633f7ef98f07b6
f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4
f78bb2edd2e90afe6f7dd648069916796ba4e317fee181c9f31ca95521ad7005
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.dredown.com Open in urlscan Pro 104.27.179.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

99 %HTTPS

44 %IPv6

27 Domains

36 Subdomains

28 IPs

4 Countries

2180 kBTransfer

4243 kBSize

9 Cookies

10 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dredown.com Open in urlscan Pro
104.27.179.27 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

99 %
HTTPS

44 %
IPv6

27
Domains

36
Subdomains

28
IPs

4
Countries

2180 kB
Transfer

4243 kB
Size

9
Cookies

125 HTTP transactions
3 data transactions