urlscan.io logo urlscan.io
SecurityTrails logo

ddownr.com Open in urlscan Pro
2606:4700:3038::681f:d9b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ddownr.com/
Effective URL: https://ddownr.com/
Submission: On December 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3038::681f:d9b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ddownr.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 18th 2019. Valid for: a year.
This is the only time ddownr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2606:4700:303... 13335 (CLOUDFLAR...)
4 2600:9000:214... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 173.192.101.24 36351 (SOFTLAYER)
1 2600:9000:214... 16509 (AMAZON-02)
8 34.198.132.181 14618 (AMAZON-AES)
1 18.233.194.56 14618 (AMAZON-AES)
6 94.31.29.128 33438 (HIGHWINDS2)
1 2a04:4e42:3::621 54113 (FASTLY)
3 3 37.252.172.249 29990 (ASN-APPNEXUS)
14 104.18.22.10 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 46.105.199.75 16276 (OVH)
54 14
11    2606:4700:3038::681f:d9b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.ddownr.com
ddownr.com
4    2600:9000:214f:2c00:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dc5k8fg5ioc8s.cloudfront.net
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
5    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p359405.clksite.com
mybestdc.com
1    2600:9000:214f:9e00:e:36e7:83c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3q33rbmdkxzj.cloudfront.net
8    34.198.132.181 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-132-181.compute-1.amazonaws.com
distoryrussion.info
1    18.233.194.56 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-233-194-56.compute-1.amazonaws.com
volvejudgetneig.info
6    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p359405.mycdn.co
1    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
3    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
14    104.18.22.10 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rillagesrement.info
1    2606:4700:30::681f:5ee2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gsafe.getawesome1.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    46.105.199.75 (France)

ASN16276 (OVH, FR)
cdn.adx1.com
Domain Requested by
14 rillagesrement.info ddownr.com
dc5k8fg5ioc8s.cloudfront.net
10 ddownr.com ddownr.com
ajax.cloudflare.com
8 distoryrussion.info ddownr.com
dc5k8fg5ioc8s.cloudfront.net
6 p359405.mycdn.co mybestdc.com
p359405.mycdn.co
ddownr.com
4 dc5k8fg5ioc8s.cloudfront.net ddownr.com
dc5k8fg5ioc8s.cloudfront.net
3 secure.adnxs.com 3 redirects
3 mybestdc.com ddownr.com
p359405.mycdn.co
2 cdn.adx1.com dc5k8fg5ioc8s.cloudfront.net
2 www.google-analytics.com ddownr.com
2 p359405.clksite.com 2 redirects
1 gsafe.getawesome1.com mybestdc.com
1 cdn.jsdelivr.net ajax.cloudflare.com
1 volvejudgetneig.info dc5k8fg5ioc8s.cloudfront.net
1 d3q33rbmdkxzj.cloudfront.net ddownr.com
1 ajax.cloudflare.com ddownr.com
1 www.ddownr.com 1 redirects
54 16

This site contains links to these domains. Also see Links.

Domain
www.airy-youtube-downloader.com
i.imgur.com
docs.ddownr.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-02-18 -
2020-02-18		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.mybestdc.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-11 -
2020-07-21		 a year crt.sh
distoryrussion.info
Amazon		 2019-11-28 -
2020-12-28		 a year crt.sh
volvejudgetneig.info
Amazon		 2019-11-28 -
2020-12-28		 a year crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA		 2019-10-10 -
2020-10-21		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
cdn.adx1.com
Let's Encrypt Authority X3		 2019-11-08 -
2020-02-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ddownr.com/
Frame ID: 89E799A20B7D2425209FB1C7AC8150D0
Requests: 51 HTTP requests in this frame

Frame: https://p359405.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 793127E8756A3062AF409320AF54757C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.adx1.com/b6c1ecbf850dcbade99cd45969de68ff.jpg
Frame ID: AC70EE739A66D51213477AE5B1D2DF30
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.ddownr.com/ HTTP 301
    https://ddownr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

54
Requests

100 %
HTTPS

50 %
IPv6

14
Domains

16
Subdomains

14
IPs

5
Countries

520 kB
Transfer

2065 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.ddownr.com/ HTTP 301
    https://ddownr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://p359405.clksite.com/adServe/banners?tid=MARINDELIJA_BANNER HTTP 301
  • https://mybestdc.com/adServe/banners?tid=MARINDELIJA_BANNER
Request Chain 11
  • https://p359405.clksite.com/adServe/banners?tid=MARINDELIJA_DI HTTP 301
  • https://mybestdc.com/adServe/banners?tid=MARINDELIJA_DI
Request Chain 25
  • https://secure.adnxs.com/getuid?https://rillagesrement.info/s?a=$UID&b=867698365906 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frillagesrement.info%2Fs%3Fa%3D%24UID%26b%3D867698365906 HTTP 302
  • https://rillagesrement.info/s?a=6428785776007644787&b=867698365906
Request Chain 37
  • https://secure.adnxs.com/getuid?https://rillagesrement.info/s?a=$UID&b=711503353924 HTTP 302
  • https://rillagesrement.info/s?a=6428785776007644787&b=711503353924

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ddownr.com/
Redirect Chain
  • https://www.ddownr.com/
  • https://ddownr.com/
29 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04feb2826fb5daf66cf02a6832c15df3526de62470ecc0efc6975f3cc5d5d1bb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
ddownr.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=d903ff7be5845d8cf72deb95188f68cd11577117457
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 23 Dec 2019 16:10:57 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 20 Dec 2019 09:50:21 GMT
vary
Accept-Encoding
access-control-allow-origin
https://www.loadyoutube.com
cache-control
max-age=691200
cf-cache-status
HIT
age
6198
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
549b9bcffbaccbc0-VIE
content-encoding
br

Redirect headers

status
301
date
Mon, 23 Dec 2019 16:10:57 GMT
content-type
text/html
set-cookie
__cfduid=d903ff7be5845d8cf72deb95188f68cd11577117457; expires=Wed, 22-Jan-20 16:10:57 GMT; path=/; domain=.ddownr.com; HttpOnly; SameSite=Lax; Secure
location
https://ddownr.com/
cf-cache-status
DYNAMIC
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
549b9bcf59d5cbc0-VIE
vendors.bundle.css
ddownr.com/assets/css/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/css/vendors.bundle.css
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89318f64c27d5fe5d4d7c8eb0791b135072ea1fef2f9baecacbb60c9bc8766aa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
280909
cf-polished
origSize=35355
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 16 Aug 2019 13:48:16 GMT
server
cloudflare
etag
W/"5d56b420-8a1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
max-age=691200
cf-ray
549b9bd02c36cbc0-VIE
expires
Fri, 27 Dec 2019 10:09:08 GMT
style.bundle.css
ddownr.com/assets/css/ 		856 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/css/style.bundle.css
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ec9ec0cad0e1a5f0d9f9409500c80ccd003fae385b3c5cb737a863d627ba7d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
280909
cf-polished
origSize=882678
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 16 Aug 2019 13:48:16 GMT
server
cloudflare
etag
W/"5d56b420-d77f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
max-age=691200
cf-ray
549b9bd02c38cbc0-VIE
expires
Fri, 27 Dec 2019 10:09:08 GMT
main.css
ddownr.com/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/css/main.css
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d7c9129f89f5aafd63b2ffba1552eee68dc8a25c908ae89e325afd916e784a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
280909
cf-polished
origSize=8405
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Thu, 21 Nov 2019 23:18:42 GMT
server
cloudflare
etag
W/"5dd71b52-20d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
max-age=691200
cf-ray
549b9bd02c39cbc0-VIE
expires
Fri, 27 Dec 2019 10:09:08 GMT
/
dc5k8fg5ioc8s.cloudfront.net/ 		141 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825676
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2c00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
560283f1cb77d1acd3b605e2f511953a4101a0a0ff8f38f84c5c998b56d4325b

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 16:10:58 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-origin
*
content-length
62226
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-id
BuFTbg8uVOzx-XnqAbzdfccXph3tuTb9IbKNku5r_D7D1dQzrO0YSQ==
/
dc5k8fg5ioc8s.cloudfront.net/ 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2c00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
f00829803e6a5a8f1579ed87aee2fa8e6a400561da2f07f4f9de9bb4075033e5

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 16:10:58 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-origin
*
content-length
38310
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-id
xKUyGBuSYAxe4zoNCbHMW7d_dw3hG2tWJsTBvNywyIhmNafRN4fcCA==
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
content-encoding
gzip
last-modified
Wed, 18 Dec 2019 10:56:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dfa05cc-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
549b9bd05a6bcb98-VIE
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Wed, 25 Dec 2019 16:10:57 GMT
banners
mybestdc.com/adServe/
Redirect Chain
  • https://p359405.clksite.com/adServe/banners?tid=MARINDELIJA_BANNER
  • https://mybestdc.com/adServe/banners?tid=MARINDELIJA_BANNER
34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybestdc.com/adServe/banners?tid=MARINDELIJA_BANNER
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d52059a54926e3ed06bde002244b555e5c4286605e20fb4f733fbf3c66e6cdcf

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 16:10:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://mybestdc.com/adServe/banners?tid=MARINDELIJA_BANNER
Date
Mon, 23 Dec 2019 16:10:58 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
1576506212198_ZCR8WG.png
d3q33rbmdkxzj.cloudfront.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3q33rbmdkxzj.cloudfront.net/1576506212198_ZCR8WG.png
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:9e00:e:36e7:83c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
717c02e89d508e08da64fb58e85565751ae8cd73715cc2cbf4ff927f6e6a0535

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 09:45:42 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Mon, 16 Dec 2019 14:23:33 GMT
server
AmazonS3
age
17979
etag
"ef71c00951c1bbcd11f9e3e4f00c3bb6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
9436
x-amz-cf-id
pO2XBgo9QPeyk9Zv6CRf9hOG0hVmYlZtOXete9eoKiseIf_9R896Ww==
favicon-32x32.png
ddownr.com/assets/images/ 		441 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddownr.com/assets/images/favicon-32x32.png
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed4d0d91377785f74b5ffb98e319b1382aa2eeab51333d558a69179b4301e77
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
280909
status
200
vary
Accept-Encoding
content-length
441
last-modified
Fri, 16 Aug 2019 13:48:16 GMT
server
cloudflare
etag
"5d56b420-1b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/png
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
549b9bd02c3acbc0-VIE
expires
Fri, 27 Dec 2019 10:09:08 GMT
deeplink.svg
ddownr.com/assets/images/ 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddownr.com/assets/images/deeplink.svg
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1d431dda63e66d695675c793eb5a13a95ba75583457a6abc060c988c1d6e25
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
142475
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 16 Aug 2019 13:48:16 GMT
server
cloudflare
etag
W/"5d56b420-1466"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=691200
cf-ray
549b9bd06d05cbc0-VIE
expires
Sun, 29 Dec 2019 00:36:22 GMT
email-decode.min.js
ddownr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Dec 2019 10:56:12 GMT
server
cloudflare
etag
W/"5dfa05cc-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
549b9bd05cb9cbc0-VIE
vary
Accept-Encoding
expires
Wed, 25 Dec 2019 16:10:57 GMT
banners
mybestdc.com/adServe/
Redirect Chain
  • https://p359405.clksite.com/adServe/banners?tid=MARINDELIJA_DI
  • https://mybestdc.com/adServe/banners?tid=MARINDELIJA_DI
34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybestdc.com/adServe/banners?tid=MARINDELIJA_DI
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
1eca3a3419eba76574183942be8c5425493d0ab97617f4d12441607353f019cc

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 16:10:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://mybestdc.com/adServe/banners?tid=MARINDELIJA_DI
Date
Mon, 23 Dec 2019 16:10:58 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
Vm5QR2l5UTM0VAcFHggnZgIqIwAlKzUUKDoKPA1MZCgZDxljOAgrEHAaOSNUblxlcV5gSCAuDWtdYmEaIg8kMhprX3YuBzABbWEfa15+ckdnXn52TyIeMSBUZ0ggMx06U2FyXmFfYXBdY1ZhcVg
distoryrussion.info/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distoryrussion.info/Vm5QR2l5UTM0VAcFHggnZgIqIwAlKzUUKDoKPA1MZCgZDxljOAgrEHAaOSNUblxlcV5gSCAuDWtdYmEaIg8kMhprX3YuBzABbWEfa15+ckdnXn52TyIeMSBUZ0ggMx06U2FyXmFfYXBdY1ZhcVg
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:10:58 GMT
popunder.gif
distoryrussion.info/ 		35 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distoryrussion.info/popunder.gif
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Mon, 23 Dec 2019 16:10:58 GMT
content-encoding
gzip
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
public, max-age=604800, immutable
content-length
58
c2wxclBcU1IBbT44ayIKJz1wMykDO3M0HiIIRjMUJl17V2I1LWAjElUYWBZtRFgCRWJLSkEbNE5dFwEkEhhEAW1CSlgcNhxRFwRtQkICRn5CXB9GdgccUBVtQkpBBiQfUQBHZ0RdAEVkRlQARWk
distoryrussion.info/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distoryrussion.info/c2wxclBcU1IBbT44ayIKJz1wMykDO3M0HiIIRjMUJl17V2I1LWAjElUYWBZtRFgCRWJLSkEbNE5dFwEkEhhEAW1CSlgcNhxRFwRtQkICRn5CXB9GdgccUBVtQkpBBiQfUQBHZ0RdAEVkRlQARWk
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:10:58 GMT
proxima.js
ddownr.com/assets/fonts/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/fonts/proxima.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d431c3248c964d06b932d3fe0252f29bb93c6920ccd6be927aec5c26ada39249
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
280909
cf-polished
origSize=19731
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 16 Aug 2019 13:48:16 GMT
server
cloudflare
etag
W/"5d56b420-4d13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=691200
cf-ray
549b9bd1b991cbc0-VIE
expires
Fri, 27 Dec 2019 10:09:09 GMT
Y2g5WlVMV1opaDlbazc0NS5uCwQtCWALADAwXiI4ITp7DRE0LmF8IQoMBG1hUF8LYnMTAV1nZEUbTTshFhsEbGdFAVc8Ol5OT2dkTVsNdGRTRg18IRMJXmdkRRhNLjleWQxtYlJZDm5gW1wOaw
distoryrussion.info/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distoryrussion.info/Y2g5WlVMV1opaDlbazc0NS5uCwQtCWALADAwXiI4ITp7DRE0LmF8IQoMBG1hUF8LYnMTAV1nZEUbTTshFhsEbGdFAVc8Ol5OT2dkTVsNdGRTRg18IRMJXmdkRRhNLjleWQxtYlJZDm5gW1wOaw
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:10:58 GMT
push
volvejudgetneig.info/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volvejudgetneig.info/push?tid=825676&red=1&cs=b0lyVVFefBdmYQ0vSjBnDXBFN2Ff&abt=0&v=0.5.10.1&sm=83&k=ddownr%20videos%20video%20multi%20playlists%20free%20online%20downloader%20converter%20download%20youtube&sts=0&prn=0&emb=0&fs=1&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fddownr.com%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=1&uloc=&if=0&_LLez=1577117458472&crc=1
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.194.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-233-194-56.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
9aeae02ee81b469ae3b796fc741f3abb34e4424d0b5ae27d16d034cdf834733d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
gzip
server
openresty/1.15.8.2
status
200
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ddownr.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1127
ckpEbmNddScdXj8NDgUHCCkGOBQ0DwZfKjcSBichJyYwOiUjKQVIFxsueVZRR3xzWEUCIyBTUEBsNxoCBj83U1VAbC0ABR13YhheQmRxQFJCZHVIFwIrI1NSVDowGg9Pe3FZVEN7c1pWSn5zXA
distoryrussion.info/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distoryrussion.info/ckpEbmNddScdXj8NDgUHCCkGOBQ0DwZfKjcSBichJyYwOiUjKQVIFxsueVZRR3xzWEUCIyBTUEBsNxoCBj83U1VAbC0ABR13YhheQmRxQFJCZHVIFwIrI1NSVDowGg9Pe3FZVEN7c1pWSn5zXA
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:10:58 GMT
Z09XaXVIcDQaSAYiOFokCRk1MUQtNwU4EioLLg0xJAkaKDwiGTZPAQ4ralFHUnlgX1MXJjNURlVpJB0UEzokVERQaT4HEwhyYV1GQTlqWVtSYWZZW1ZpIxkUAHJmTwUTOztURFJ4YFhEUHtiUERWeg
distoryrussion.info/ 		0
57 B 		Other
General
Check archive.org
Download Go to
Full URL
https://distoryrussion.info/Z09XaXVIcDQaSAYiOFokCRk1MUQtNwU4EioLLg0xJAkaKDwiGTZPAQ4ralFHUnlgX1MXJjNURlVpJB0UEzokVERQaT4HEwhyYV1GQTlqWVtSYWZZW1ZpIxkUAHJmTwUTOztURFJ4YFhEUHtiUERWeg
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
Origin
https://ddownr.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:10:59 GMT
ui_tag_80.2-1.js
p359405.mycdn.co/banners/script/ 		176 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p359405.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by
Host: mybestdc.com
URL: https://mybestdc.com/adServe/banners?tid=MARINDELIJA_BANNER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-2c04a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Thu, 17 Dec 2020 16:10:59 GMT
jquery.blockUI.min.js
cdn.jsdelivr.net/npm/blockui@1.0.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/blockui@1.0.0/jquery.blockUI.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f32fbc9aa52d73c74907e4d2bb0e44172c031fbb29f378d5d59b62448a1e7f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Mon, 23 Dec 2019 16:10:59 GMT
content-length
3534
x-served-by
cache-ams21043-AMS, cache-fra19150-FRA
etag
W/"251b-AefH0ySCDHIwLEqcQ2Y7s97uXZo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
download.js
ddownr.com/assets/javascript/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/javascript/download.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
144799542d9461432ec0094014e2607cc90eab564e2f71c68a289caa3187e7f9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
280910
cf-polished
origSize=27429
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Sun, 15 Dec 2019 14:06:21 GMT
server
cloudflare
etag
W/"5df63ddd-6b25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=691200
cf-ray
549b9bdad8fecbc0-VIE
expires
Fri, 27 Dec 2019 10:09:09 GMT
vendors.bundle.js
ddownr.com/assets/javascript/ 		237 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddownr.com/assets/javascript/vendors.bundle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:d9b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d5b284f7d23e72258202904333d806ca8cb7ca19d95846dc92954e9f97c858
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
280910
cf-polished
origSize=242434
status
200
strict-transport-security
max-age=0; includeSubDomains; preload
last-modified
Fri, 16 Aug 2019 13:48:16 GMT
server
cloudflare
etag
W/"5d56b420-3b302"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
max-age=691200
cf-ray
549b9bdad904cbc0-VIE
expires
Fri, 27 Dec 2019 10:09:09 GMT
BkNTGzgKQBNLFVYHAVdgVREESXsIXEIUP0YGdVxhU1hfEjZGBgYeNgBfWVB2UQRVESEMWVNcYSUDAldjTQcBS2pNBQBAdlEERRg1AkZfXGElAQVOfVACEAxu
dc5k8fg5ioc8s.cloudfront.net/yNnlTYzRVFj0FC0IQN14MBExlVAIQEyAMWkZEKlJkex1nFWFnSGoLUhANKQcJB18/AlpRRHUGWlVEYkVVUhtuUxJCCTwICUMXNwZSXxc2BxJDGG4OW0wQPw9VE0sVVhoGXGFTHFsYMApaQhYgCxEFO3ZRBF8XJwZYE0tjDlV... 		257 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/yNnlTYzRVFj0FC0IQN14MBExlVAIQEyAMWkZEKlJkex1nFWFnSGoLUhANKQcJB18/AlpRRHUGWlVEYkVVUhtuUxJCCTwICUMXNwZSXxc2BxJDGG4OW0wQPw9VE0sVVhoGXGFTHFsYMApaQhYgCxEFO3ZRBF8XJwZYE0tjDlVVXGFTW0VcYVNME0tjUgRpSG-c8AR9cYVNVRgk/BkNTGzgKQBNLFVYHAVdgVREESXsIXEIUP0YGdVxhU1hfEjZGBgYeNgBfWVB2UQRVESEMWVNcYSUDAldjTQcBS2pNBQBAdlEERRg1AkZfXGElAQVOfVACEAxu
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2c00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
38810327d84be375893b4e4738c122e65cefa25164390acd95207d5ab4c0b590

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
cache-control
max-age=31556926
access-control-allow-origin
*
content-length
239
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-id
I6o5Sgay9Yfi7VpVN53Gkq0PnLEhGV48-J_x6hJFY1UQfG9b4ZReVg==
s
rillagesrement.info/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rillagesrement.info/s?a=$UID&b=867698365906
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frillagesrement.info%2Fs%3Fa%3D%24UID%26b%3D867698365906
  • https://rillagesrement.info/s?a=6428785776007644787&b=867698365906
69 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rillagesrement.info/s?a=6428785776007644787&b=867698365906
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:11:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
549b9bdcf98e9d3c-AMS

Redirect headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 16:11:01 GMT
AN-X-Request-Uuid
dfd111c1-53fe-46d5-8322-69f4daf395e3
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://rillagesrement.info/s?a=6428785776007644787&b=867698365906
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.39.105.128; 89.39.105.128; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
GV3B5QVQ0HxcnayMZHXxjY0NOc2xxGgouOidNHHUgIzgrcyc+CUoJZnEEAyVpZlYVIDowTV8kOjRNSGc1MxJEcXIjABYqaTEIHSI1NAEUIDFxBRh8OTgKEC04NlVLB2F5QFxzZH8dGCI9OQQWMjxyQztkZmcZFzUxO1VLcTk2E1xzZDgDXHNkL1VLcWVnL0-h1C2J...
dc5k8fg5ioc8s.cloudfront.net/ 		525 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/GV3B5QVQ0HxcnayMZHXxjY0NOc2xxGgouOidNHHUgIzgrcyc+CUoJZnEEAyVpZlYVIDowTV8kOjRNSGc1MxJEcXIjABYqaTEIHSI1NAEUIDFxBRh8OTgKEC04NlVLB2F5QFxzZH8dGCI9OQQWMjxyQztkZmcZFzUxO1VLcTk2E1xzZDgDXHNkL1VLcWVnL0-h1C2JZXHNkNgAJLTEgFRsqPSNVSwdhZEdXcmJyQklpPz8EFC1xZTNcc2Q7GRIkcWVAHiQ3PB9QZGZnExEzOzoVXHMSYERXcXpkR0t4emZGQGRmZwMYJzUlGVxzEmJDTm9nYVYMfGVkFhx2MG9GT3lgNkNOeDZgQksjMmQRTiUwMkVNdTFv
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2c00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
5c0635fc48483e47f1b409b1c5c8d0bd2de1cfeeeef9f11d3370928a4de59d40

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:11:00 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
cache-control
max-age=31556926
access-control-allow-origin
*
content-length
381
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-id
1YornGKrx8JsngBpXI1QTHYaC-gvt9U9mGbnJQlIp8O-fuyVJaAiwA==
it-ui-comp-37.css
p359405.mycdn.co/uicomp/styles/dist/80.2-1/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p359405.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-37.css
Requested by
Host: p359405.mycdn.co
URL: https://p359405.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5e48605dc57bfb041fe1f68d9e652ad884659a7ffe313ad36245b9e66a222909

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-5dea"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31104000
expires
Thu, 17 Dec 2020 16:10:59 GMT
di_tag_86-4.js
p359405.mycdn.co/banners/script/ 		184 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p359405.mycdn.co/banners/script/di_tag_86-4.js
Requested by
Host: mybestdc.com
URL: https://mybestdc.com/adServe/banners?tid=MARINDELIJA_DI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b28e76c42fb51d2b130e25d591b393bd0848b96029275e500492d31154a5c6fe

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 12:01:39 GMT
server
NetDNA-cache/2.2
etag
W/"5dde65a3-2e0c6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Thu, 17 Dec 2020 16:10:59 GMT
pubif-v2.min.js
gsafe.getawesome1.com/wim/static/wi/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsafe.getawesome1.com/wim/static/wi/pubif-v2.min.js?dmn=ddownr.com&cln=MARINDELIJA_DI&cb=1577117459842
Requested by
Host: mybestdc.com
URL: https://mybestdc.com/adServe/banners?tid=MARINDELIJA_BANNER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5ee2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16351cdd5e22c4bc65a0df64c59ea6f3de79120da559720ddd19a6824d1ea376

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:11:00 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 23 Dec 2019 13:57:31 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"5e00c7cb-27eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
max-age=14400
cf-ray
549b9bdc88ab597c-VIE
expires
Mon, 23 Dec 2019 17:10:59 GMT
Tjc4bEdhCFsfeh9jbhoSNHlPLQY+UHkVCRphQjUBB0BANQofeUBKMydTBVR1ewEPWmE+XlxRdHwRSxgmOkJLUXN8EVECISEKCVVwaEEFXGl7GQlcaX8RTBwmKQoJSjc6Q1RRdnsAD112eQMNVX96Aw
distoryrussion.info/ 		0
57 B 		Other
General
Check archive.org
Download Go to
Full URL
https://distoryrussion.info/Tjc4bEdhCFsfeh9jbhoSNHlPLQY+UHkVCRphQjUBB0BANQofeUBKMydTBVR1ewEPWmE+XlxRdHwRSxgmOkJLUXN8EVECISEKCVVwaEEFXGl7GQlcaX8RTBwmKQoJSjc6Q1RRdnsAD112eQMNVX96Aw
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
Origin
https://ddownr.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:10:59 GMT
findBanner
mybestdc.com/adServe/banners/ 		910 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybestdc.com/adServe/banners/findBanner?num=1&keyword=youtube%2C%20downloader%2C%20playlist%2C%20twitch%2C%20soundcloud%2C%20playlists%2C%20mp3toyoutube%2C%20mp4t&tid=MARINDELIJA_BANNER&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp359405.mycdn.co&bs=37&referrer=https%3A%2F%2Fddownr.com%2F&ap=cmp%3DBANNER%26evp%3DRQfgrV0mSQhQdc8h5ZO4J_bWwvziNp_1QR22JeacVpEU0gaMAbGR-7SAhfE9sssf%26sjv%3D86.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3Dddownr%2520-%2520Online%2520Downloader&pid=359405&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCh0fhp8s4kg
Requested by
Host: p359405.mycdn.co
URL: https://p359405.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d4188cd6660fa935f6def52a7125741ff3031a126b5cef8dc0d8882834253fa4

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 16:10:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT
it-banner-frame.css
p359405.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 7931 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p359405.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by
Host: p359405.mycdn.co
URL: https://p359405.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:10:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-858"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31104000
expires
Thu, 17 Dec 2020 16:10:59 GMT
it-ui-comp-popunder-di.css
p359405.mycdn.co/uicomp/styles/dist/86-4/ 		698 B
547 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p359405.mycdn.co/uicomp/styles/dist/86-4/it-ui-comp-popunder-di.css
Requested by
Host: p359405.mycdn.co
URL: https://p359405.mycdn.co/banners/script/di_tag_86-4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2e59cdde185eff012c5c4df309f37227cc00d89bd8d4a49aca9b1bb53c6c435d

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:11:00 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 12:01:46 GMT
server
NetDNA-cache/2.2
etag
W/"5dde65aa-2ba"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31104000
expires
Thu, 17 Dec 2020 16:11:00 GMT
TW9RZDZiUDIXCxoCOVdUFR8jPGQHCgIOUQI7Jgx4Ai4pLHUYHyBCQiQLbFMCflhjXBA9BjVZB2scJQVCOBxsUARrBj8CWXBeZlMQO1JgSgV5QWBUGHlJJRRXKlJgQkY5Gz1ZB3hYZlUHeltnVAZ8XA
distoryrussion.info/ 		0
57 B 		Other
General
Check archive.org
Download Go to
Full URL
https://distoryrussion.info/TW9RZDZiUDIXCxoCOVdUFR8jPGQHCgIOUQI7Jgx4Ai4pLHUYHyBCQiQLbFMCflhjXBA9BjVZB2scJQVCOBxsUARrBj8CWXBeZlMQO1JgSgV5QWBUGHlJJRRXKlJgQkY5Gz1ZB3hYZlUHeltnVAZ8XA
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.132.181 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-132-181.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
Origin
https://ddownr.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
access-control-allow-origin
*
date
Mon, 23 Dec 2019 16:11:00 GMT
fallback_37x_en.jpg
p359405.mycdn.co/ext/onn/clean/ Frame 7931 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p359405.mycdn.co/ext/onn/clean/fallback_37x_en.jpg
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
df9c48132cfbd14e947f19bf7428f9728fd21169d76acc35658b4618ca0c788b

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:11:00 GMT
last-modified
Mon, 05 Feb 2018 08:29:22 GMT
server
NetDNA-cache/2.2
etag
"5a7815e2-3fb3"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
16307
expires
Thu, 17 Dec 2020 16:11:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ddownr.com
URL: https://ddownr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5843
date
Mon, 23 Dec 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 23 Dec 2019 16:33:37 GMT
s
rillagesrement.info/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rillagesrement.info/s?a=$UID&b=711503353924
  • https://rillagesrement.info/s?a=6428785776007644787&b=711503353924
69 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rillagesrement.info/s?a=6428785776007644787&b=711503353924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 16:11:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
549b9bde0ad09d3c-AMS

Redirect headers

Pragma
no-cache
Date
Mon, 23 Dec 2019 16:11:02 GMT
AN-X-Request-Uuid
eac0b843-36d2-4bd6-8cdf-092e2150061f
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://rillagesrement.info/s?a=6428785776007644787&b=711503353924
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.39.105.128; 89.39.105.128; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
b6c1ecbf850dcbade99cd45969de68ff.jpg
cdn.adx1.com/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adx1.com/b6c1ecbf850dcbade99cd45969de68ff.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 16:25:02 GMT
last-modified
Thu, 11 Apr 2019 06:26:31 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
"5caede17-9c6b"
x-cacheable
Matched cache
content-type
image/jpeg
status
200
cache-control
max-age=1209600
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
40043
x-request-id
7569549
expires
Sun, 05 Jan 2020 16:25:02 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=656888922&t=pageview&_s=1&dl=https%3A%2F%2Fddownr.com%2F&ul=en-us&de=UTF-8&dt=ddownr%20-%20Online%20Downloader&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=295450492&gjid=2013602717&cid=253030765.1577117460&tid=UA-84927639-1&_gid=85190976.1577117460&_r=1&z=1188000316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ddownr.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Dec 2019 16:11:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
b6c1ecbf850dcbade99cd45969de68ff.jpg
cdn.adx1.com/ Frame AC70 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adx1.com/b6c1ecbf850dcbade99cd45969de68ff.jpg
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825676
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
42daea2a57d0385f1210e5887f270d3e3e00ef5fdcca1b77c82d8149fb29d870

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 16:25:02 GMT
last-modified
Thu, 11 Apr 2019 06:26:31 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
"5caede17-9c6b"
x-cacheable
Matched cache
content-type
image/jpeg
status
200
cache-control
max-age=1209600
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
40043
x-request-id
7569549
expires
Sun, 05 Jan 2020 16:25:02 GMT
truncated
/ Frame AC70 		795 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
p
rillagesrement.info/ 		69 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=867698365906&c=05863023
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9be8ccdd72e7-AMS
p
rillagesrement.info/ 		69 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=711503353924&c=79538164
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9bea5e2472e7-AMS
p
rillagesrement.info/ 		69 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=867698365906&c=32389445
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9bf518aa72e7-AMS
p
rillagesrement.info/ 		69 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=711503353924&c=40355130
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9bf6cabb72e7-AMS
p
rillagesrement.info/ 		69 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=867698365906&c=01350893
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c019d3372e7-AMS
p
rillagesrement.info/ 		69 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=711503353924&c=36181728
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c035f1472e7-AMS
p
rillagesrement.info/ 		69 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=867698365906&c=02721039
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c0e094a72e7-AMS
p
rillagesrement.info/ 		69 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=711503353924&c=54567527
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c0fdb3a72e7-AMS
p
rillagesrement.info/ 		69 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=867698365906&c=32167147
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c1a8dbb72e7-AMS
p
rillagesrement.info/ 		69 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=711503353924&c=31526770
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c1c5f7672e7-AMS
p
rillagesrement.info/ 		69 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=867698365906&c=49975905
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c270a1c72e7-AMS
p
rillagesrement.info/ 		69 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rillagesrement.info/p?b=711503353924&c=37474143
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=743728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ddownr.com/
Origin
https://ddownr.com

Response headers

date
Mon, 23 Dec 2019 16:11:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
549b9c28dc2372e7-AMS

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| _1305780966 function| Fingerprint2 number| _44768076 object| Typekit function| setImmediate function| clearImmediate object| _rhat4 string| _p function| Ogq5452Rv101 function| _bp object| __cfQR function| y1PMd4vUQ19hf function| e4ttHR2siy3H2 object| pubIframe function| getPubIframe function| startFlow function| endFlow function| labsOverlayClicked object| KAppOptions function| $ function| jQuery function| Popper object| bootstrap function| wNumb object| noUiSlider function| Waypoint function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| index function| iniatedownload function| changeURL function| insertRow function| checkforPlaylist function| getVideoId function| addPlaylistVideos function| loadpic function| loaddoc function| checkmedia function| openad function| clickDownload function| sendmail function| scrolldown function| removeItem function| success_copy function| roundToTwo function| checkDeeplink function| download string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers object| google_tag_data object| gaplugins object| gaGlobal object| gaData

1 Cookies

Domain/Path Name / Value
.ddownr.com/ Name: __cfduid
Value: d39e920c47d1a14112d28f01c827301761577117459

1 Console Messages

Source Level URL
Text
console-api warning URL: https://ddownr.com/assets/javascript/vendors.bundle.js(Line 1)
Message:
SweetAlert2: "setDefaults" & "resetDefaults" methods are deprecated in favor of "mixin" method and will be removed in the next major release. For new projects, use "mixin". For past projects already using "setDefaults", support will be provided through an additional package.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
cdn.adx1.com
cdn.jsdelivr.net
d3q33rbmdkxzj.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
ddownr.com
distoryrussion.info
gsafe.getawesome1.com
mybestdc.com
p359405.clksite.com
p359405.mycdn.co
rillagesrement.info
secure.adnxs.com
volvejudgetneig.info
www.ddownr.com
www.google-analytics.com
104.18.22.10
173.192.101.24
18.233.194.56
2600:9000:214f:2c00:1a:a6:7f00:21
2600:9000:214f:9e00:e:36e7:83c0:21
2606:4700:3038::681f:d9b
2606:4700:30::681f:5ee2
2606:4700::6811:4004
2a00:1450:4001:814::200e
2a04:4e42:3::621
34.198.132.181
37.252.172.249
46.105.199.75
94.31.29.128
04feb2826fb5daf66cf02a6832c15df3526de62470ecc0efc6975f3cc5d5d1bb
06d7c9129f89f5aafd63b2ffba1552eee68dc8a25c908ae89e325afd916e784a
12ec9ec0cad0e1a5f0d9f9409500c80ccd003fae385b3c5cb737a863d627ba7d
144799542d9461432ec0094014e2607cc90eab564e2f71c68a289caa3187e7f9
16351cdd5e22c4bc65a0df64c59ea6f3de79120da559720ddd19a6824d1ea376
1b1d431dda63e66d695675c793eb5a13a95ba75583457a6abc060c988c1d6e25
1eca3a3419eba76574183942be8c5425493d0ab97617f4d12441607353f019cc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e59cdde185eff012c5c4df309f37227cc00d89bd8d4a49aca9b1bb53c6c435d
38810327d84be375893b4e4738c122e65cefa25164390acd95207d5ab4c0b590
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
42daea2a57d0385f1210e5887f270d3e3e00ef5fdcca1b77c82d8149fb29d870
560283f1cb77d1acd3b605e2f511953a4101a0a0ff8f38f84c5c998b56d4325b
5c0635fc48483e47f1b409b1c5c8d0bd2de1cfeeeef9f11d3370928a4de59d40
5e48605dc57bfb041fe1f68d9e652ad884659a7ffe313ad36245b9e66a222909
717c02e89d508e08da64fb58e85565751ae8cd73715cc2cbf4ff927f6e6a0535
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89318f64c27d5fe5d4d7c8eb0791b135072ea1fef2f9baecacbb60c9bc8766aa
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
9aeae02ee81b469ae3b796fc741f3abb34e4424d0b5ae27d16d034cdf834733d
9f32fbc9aa52d73c74907e4d2bb0e44172c031fbb29f378d5d59b62448a1e7f7
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b28e76c42fb51d2b130e25d591b393bd0848b96029275e500492d31154a5c6fe
c0d5b284f7d23e72258202904333d806ca8cb7ca19d95846dc92954e9f97c858
d4188cd6660fa935f6def52a7125741ff3031a126b5cef8dc0d8882834253fa4
d431c3248c964d06b932d3fe0252f29bb93c6920ccd6be927aec5c26ada39249
d52059a54926e3ed06bde002244b555e5c4286605e20fb4f733fbf3c66e6cdcf
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df9c48132cfbd14e947f19bf7428f9728fd21169d76acc35658b4618ca0c788b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf3d0183c12c9cbc2723869b579a4a1a076bb3f3aeacae9054c0409c0642e5e
f00829803e6a5a8f1579ed87aee2fa8e6a400561da2f07f4f9de9bb4075033e5
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
fed4d0d91377785f74b5ffb98e319b1382aa2eeab51333d558a69179b4301e77