www.mobiledownld.com Open in urlscan Pro
2600:9000:21dd:3e00:5:e81a:c100:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.mobiledownld.com/	57 KB 18 KB	607ms 19ms	Document text/html	2600:9000:21dd:3e00:5:e81a:c100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.mobiledownld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:3e00:5:e81a:c100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 20de52ba6abc4b570c8914d8c356aab91c85b6ed80acd7d8310894b8e0299131 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers age 469073 alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, s-maxage=31536000 content-encoding gzip content-type text/html date Wed, 11 Sep 2024 01:43:33 GMT etag W/"1f3c3771f7d81cd6d2a36e91dec9aef8" last-modified Mon, 26 Aug 2024 00:48:16 GMT server AmazonS3 vary Accept-Encoding via 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront) x-amz-cf-id 9yLmqQAFghmh9hIMAiqDIAsGacbwupx1y3ITmtdQIRp4Px0H4KkJGA== x-amz-cf-pop EWR53-C2 x-cache Hit from cloudfront
GET H2	200	css2 fonts.googleapis.com/	329 B 733 B	495ms 32ms	Stylesheet text/css	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat&display=swap&text=1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz%20 Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 02f4daad9029fa1abed68a9565b1ac99a55c7cc73f9c5abb91417fbe9b2f94eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 16 Sep 2024 12:01:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 16 Sep 2024 12:01:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 16 Sep 2024 12:01:26 GMT
GET H3	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/	141 KB 25 KB	398ms 85ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mobiledownld.com/ Origin https://www.mobiledownld.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 12:01:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 718 strict-transport-security max-age=31536000; includeSubDomains; preload cdn-cachedat 03/18/2024 12:15:40 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:04 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"450fc463b8b1a349df717056fbb3e078" vary Accept-Encoding, Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid dd90f52f6755b06e3219e32236cf46da timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8c40b3aceff40ca6-EWR cdn-requestpullsuccess True
GET H2	200	jquery-3.2.1.slim.min.js Show response code.jquery.com/	68 KB 24 KB	477ms 19ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.slim.min.js Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Request headers Referer https://www.mobiledownld.com/ Origin https://www.mobiledownld.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 12:01:26 GMT content-encoding gzip via 1.1 varnish age 883845 x-cache HIT cross-origin-resource-policy cross-origin content-length 23856 x-served-by cache-lga21943-LGA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1726488087.672147,VS0,VE0 etag W/"28feccc0-10fdd" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 39326
GET H3	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/	19 KB 7 KB	478ms 24ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.mobiledownld.com/ Origin https://www.mobiledownld.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 12:01:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 705113 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6157 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4af4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRB7CxXNFpXQ507YrEZd8LVrLotUeYpZ3ujVAIoZtCfzv8GpiNEd1xbViJCABYJCda9XAoSyf7EKQ3v2hzfeiAor7arfW79dS1ruRlBP9a5aTwEQKXkF%2BlDKHvRpf0pnOahb4JuDWoZTHLlvK3hxh1lc"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8c40b3adab2b0f70-EWR expires Sat, 06 Sep 2025 12:01:26 GMT
GET H3	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 15 KB	366ms 57ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mobiledownld.com/ Origin https://www.mobiledownld.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 12:01:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1067 strict-transport-security max-age=31536000; includeSubDomains; preload age 118205 cdn-cachedat 04/02/2024 02:05:57 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:04 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"14d449eb8876fa55e1ef3c2cc52b0c17" vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid f840af49b7f65a8a16cbede14beda0a7 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8c40b3aceff20ca6-EWR cdn-requestpullsuccess True
GET H3	200	mobile.png www.mobiledownld.com/images/	1 KB 2 KB	235ms 233ms	Image image/png	2600:9000:21dd:3e00:5:e81a:c100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.mobiledownld.com/images/mobile.png Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:21dd:3e00:5:e81a:c100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1d49da249cb4b156bd8ccfa9d6c232c48a7287b043dc805cb1f3d3eb7e02321e Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 13 Sep 2024 17:20:02 GMT via 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront) last-modified Mon, 26 Aug 2024 00:48:16 GMT server AmazonS3 age 240083 x-amz-cf-pop EWR53-C2 etag "90545caa8572c7e8c4192c1f47e1c621" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 1262 x-amz-cf-id upclklRBUKMDeylOB9vvX7WhFu4M_vLbDfZ79WVTjIkwjMstH1I7jw==
GET H2	200	star6.png www.mobiledownld.com/images/	827 B 1 KB	309ms 230ms	Image image/png	2600:9000:21dd:3e00:5:e81a:c100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.mobiledownld.com/images/star6.png Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:3e00:5:e81a:c100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0ab7366b5b48e98f28916d8e85a440c265b5482f7205f88ff51cd96f49db79e Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 13 Sep 2024 17:20:02 GMT via 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront) last-modified Mon, 26 Aug 2024 00:48:16 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 age 240084 etag "523626ca0b54e3aa6229cdd2216fd125" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 827 x-amz-cf-id QQM1OjP1bpNK82ImrJH_OpkcJpswGNLI3xqk1kRFyoFtEBRB4xKi3Q==
GET H3	200	home.png www.mobiledownld.com/images/	656 B 958 B	220ms 217ms	Image image/png	2600:9000:21dd:3e00:5:e81a:c100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.mobiledownld.com/images/home.png Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:21dd:3e00:5:e81a:c100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 940e60bae4bb3eba43029b04c7f134cb3c788e78637333d6888a803b0a111a99 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 11 Sep 2024 17:42:51 GMT via 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront) last-modified Mon, 26 Aug 2024 00:48:16 GMT server AmazonS3 age 411515 x-amz-cf-pop EWR53-C2 etag "4207cd2fd55e6e1286cb0965cf970c16" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 656 x-amz-cf-id fsnoOJ2WCSfWcpytkychY0-eVTiah6kmCOD7b0Xo8e8tUh_2_32feA==
GET H3	200	ae_download.jpeg www.mobiledownld.com/images/	21 KB 21 KB	28ms 25ms	Image image/jpeg	2600:9000:21dd:3e00:5:e81a:c100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.mobiledownld.com/images/ae_download.jpeg Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:21dd:3e00:5:e81a:c100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 23ca92adc89172ed5d69bbabcb076386a82518b1308d666e6fa769e2e04b1802 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 12:52:14 GMT via 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront) last-modified Mon, 26 Aug 2024 00:48:16 GMT server AmazonS3 age 1811352 x-amz-cf-pop EWR53-C2 etag "d4ec738cb7ef67dda1189ae15fafb229" x-cache Hit from cloudfront content-type image/jpeg cache-control public, max-age=0, s-maxage=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 21301 x-amz-cf-id c56virOCCtMbn5Lkffypj_Bxhg-YUJVgZPQbmr07hH2KLWG0bKHsuA==
GET H3	200	visit.png ddtmob.com/track/	95 B 555 B	372ms 74ms	Image image/png	104.21.54.85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ddtmob.com/track/visit.png?campaignid=undefined&placement=undefined&device=undefined&devicemodel=undefined&creative=undefined&position=undefined&lang=en-US&gclid=undefined&rntm=1726488086850 Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.54.85 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.26 Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 16 Sep 2024 12:01:27 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.26 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=td%2Bn5o7qhIGdN7jq37TG73iUymZsftrA2dXmC8s8GwdSDyW5ebC%2FAqGeghRJr8oUm657MW1plZnKyu6LRHWVZlEuce8C2QmTR0Dsqfwcn8dg5hj5Ah57RY3rKMYM"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache cf-ray 8c40b3b0bd4918f6-EWR alt-svc h3=":443"; ma=86400 expires 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	351 KB 116 KB	321ms 73ms	Script application/javascript	2607:f8b0:4006:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11151103578 Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f55383c24c3d994c985d01337967ac4bb21ea3fd8ac94edf1cdd7e531cf2dd59 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 12:01:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 118179 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 16 Sep 2024 12:01:27 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11151103578/	4 KB 2 KB	552ms 40ms	Script text/javascript	2607:f8b0:4006:816::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11151103578/?random=1726488087634&cv=11&fst=1726488087634&bg=ffffff&guid=ON&async=1&gtm=45be4990v9114346096za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mobiledownld.com%2F&hn=www.googleadservices.com&frm=0&tiba=%3A%3A%20Ohmygames%20-%20Mobile%20Portal%20%3A%3A&npa=0&pscdl=noapi&auid=2109057221.1726488088&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11151103578 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4221640f2cb72305f42846fbd9edaf1d88f4efcdbaa0a6a5e2ed2d2cce79d631 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 16 Sep 2024 12:01:28 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2267 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	11151103578 td.doubleclick.net/td/rul/ Frame 8481	0 0	506ms 50ms	Document text/html	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/11151103578?random=1726488087634&cv=11&fst=1726488087634&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4990v9114346096za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mobiledownld.com%2F&hn=www.googleadservices.com&frm=0&tiba=%3A%3A%20Ohmygames%20-%20Mobile%20Portal%20%3A%3A&npa=0&pscdl=noapi&auid=2109057221.1726488088&fledge=1&data=event%3Dgtag.config Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11151103578 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mobiledownld.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 16 Sep 2024 12:01:28 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect www.google-analytics.com/g/	0 0	518ms 22ms	Fetch text/plain	2607:f8b0:4006:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-1QJPZ048CF&gtm=45be4990v9114346096za200&_p=1726488087564&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=731464109.1726488088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726488087&sct=1&seg=0&dl=https%3A%2F%2Fwww.mobiledownld.com%2F&dt=%3A%3A%20Ohmygames%20-%20Mobile%20Portal%20%3A%3A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2142 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11151103578 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 16 Sep 2024 12:01:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.mobiledownld.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/11151103578/	42 B 64 B	326ms 26ms	Image image/gif	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11151103578/?random=1726488087634&cv=11&fst=1726488000000&bg=ffffff&guid=ON&async=1&gtm=45be4990v9114346096za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mobiledownld.com%2F&hn=www.googleadservices.com&frm=0&tiba=%3A%3A%20Ohmygames%20-%20Mobile%20Portal%20%3A%3A&npa=0&pscdl=noapi&auid=2109057221.1726488088&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfjWqp3FZIaCunmRsBt9fCLYs8XYyGxA&random=3676842643&rmt_tld=0&ipr=y Requested by Host: www.mobiledownld.com URL: https://www.mobiledownld.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 16 Sep 2024 12:01:28 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	favicon.ico www.mobiledownld.com/images/	741 B 1 KB	43ms 43ms	Other image/x-icon	2600:9000:21dd:3e00:5:e81a:c100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.mobiledownld.com/images/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:21dd:3e00:5:e81a:c100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 61bc911a65d35a05438fe60fcc730fd57927cd9d5a55db49af50b24c416c1bf1 Request headers Referer https://www.mobiledownld.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 13 Sep 2024 09:59:32 GMT via 1.1 ee623581f95aa65c7c8707871d87b790.cloudfront.net (CloudFront) last-modified Mon, 26 Aug 2024 00:48:16 GMT server AmazonS3 age 266516 x-amz-cf-pop EWR53-C2 etag "b2fc577dc1adda52e5af398c7b6de970" x-cache Hit from cloudfront content-type image/x-icon cache-control public, max-age=0, s-maxage=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 741 x-amz-cf-id 8FwTWJs008dWm-tVJhnQxy7KXqgLWQS0MP7SdT6ERtLSj23vpW7kMw==

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| Popper object| bootstrap function| gtag function| _0x4e9a74 function| _0x1897 string| burl function| readBattery object| eventsLog object| BreakException object| apiParameters function| get object| events object| operatorsName function| pad2 function| _0x262d function| operatorValue function| error_log function| log2event function| isInt object| translations function| _0x5403bf object| languageToggle number| languages_count object| operatorParameters object| operatorParameters_pin function| setLanguageToggle function| ValidateMsisdn function| ValidatePin object| idiomChangeButton object| availableLanguages string| browserLanguage function| _0x3351 function| getCookie function| setCookie string| language function| translateElement function| translateElements function| setActiveLanguage object| steps number| finalStepIndex function| setpTo function| saveStep function| getPictures function| toggleVisible function| step string| userAgent string| platform object| macosPlatforms object| windowsPlatforms object| iosPlatforms string| os function| _0x4018 object| msisdnForm object| msisdnError object| msisdnFieldWrapper object| msisdnField object| msisdnButton object| msisdnButtonArrow object| pinButtonArrow object| pinForm object| pinError object| pinFieldWrapper object| pinField object| pinButton object| header object| footer object| shakeable object| loader function| setCookieMinuts function| startTokenTimer function| eraseCookie function| onFocusOutMsisdn function| onFocusOutPin function| msisdnFormSubmitBefore function| msisdnFormSubmitAfter function| validMsisdn function| msisdnSubmit function| pinFormSubmitBefore function| pinFormSubmitAfter function| validPin function| goRedirect function| pinSubmit function| addError function| removeError function| msisdnFormSubmitSuccess function| validateFormPin function| aditionalValidationsMsisdn object| body function| pinFormSubmitSuccess function| selectOperator function| pageViewPixel function| initEventPixel function| exit object| tr number| x object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady object| GooglebQhCsO object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.mobiledownld.com/	1970-01-20 23:34:51	Name: idiom Value: en
			.mobiledownld.com/	1970-01-21 01:44:24	Name: _gcl_au Value: 1.1.2109057221.1726488088
			.mobiledownld.com/	1970-01-21 09:10:48	Name: _ga_1QJPZ048CF Value: GS1.1.1726488087.1.0.1726488087.0.0.0
			.mobiledownld.com/	1970-01-21 09:10:48	Name: _ga Value: GA1.1.731464109.1726488088
			.doubleclick.net/	1970-01-20 23:34:48	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
ddtmob.com
fonts.googleapis.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
td.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.mobiledownld.com
104.21.54.85
2600:9000:21dd:3e00:5:e81a:c100:93a1
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::2008
2a04:4e42:400::649
02f4daad9029fa1abed68a9565b1ac99a55c7cc73f9c5abb91417fbe9b2f94eb
1d49da249cb4b156bd8ccfa9d6c232c48a7287b043dc805cb1f3d3eb7e02321e
20de52ba6abc4b570c8914d8c356aab91c85b6ed80acd7d8310894b8e0299131
23ca92adc89172ed5d69bbabcb076386a82518b1308d666e6fa769e2e04b1802
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4221640f2cb72305f42846fbd9edaf1d88f4efcdbaa0a6a5e2ed2d2cce79d631
61bc911a65d35a05438fe60fcc730fd57927cd9d5a55db49af50b24c416c1bf1
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
940e60bae4bb3eba43029b04c7f134cb3c788e78637333d6888a803b0a111a99
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab7366b5b48e98f28916d8e85a440c265b5482f7205f88ff51cd96f49db79e
f55383c24c3d994c985d01337967ac4bb21ea3fd8ac94edf1cdd7e531cf2dd59