download-now.org Open in urlscan Pro
2606:4700:3037::6815:59ab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dl.downloadahceiduphoth.com/n/3.1.13.17/12769775/mineways%20minecraft.exe
Effective URL:
https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
Submission: On June 25 via api (June 25th 2021, 3:17:14 pm UTC) from US

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3037::6815:59ab, located in United States and belongs to CLOUDFLARENET, US. The main domain is download-now.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 22nd 2021. Valid for: a year.

This is the only time download-now.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	213.247.47.190 213.247.47.190	8315 (SENTIA) (SENTIA)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1 1	51.38.254.255 51.38.254.255	16276 (OVH) (OVH)
10	2606:4700:303... 2606:4700:3037::6815:59ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
28	5

3 213.247.47.190 (Garden City, United States) 1 redirects

ASN8315 (SENTIA, NL)

dl.downloadahceiduphoth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
downloadahceiduphoth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p226681.mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.254.255 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip255.ip-51-38-254.eu

yslqczldaxcy.unicornpride123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3037::6815:59ab (United States)

ASN13335 (CLOUDFLARENET, US)

download-now.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	download-now.org download-now.org	65 KB
3	downloadahceiduphoth.com 1 redirects dl.downloadahceiduphoth.com downloadahceiduphoth.com	3 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	mybetterdl.com 2 redirects mybetterdl.com p226681.mybetterdl.com	2 KB
1	unicornpride123.com 1 redirects yslqczldaxcy.unicornpride123.com	283 B
0	Failed function sub() { [native code] }. Failed
28	7

	Domain	Requested by
10	download-now.org	downloadahceiduphoth.com download-now.org
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	download-now.org
2	dl.downloadahceiduphoth.com	1 redirects
1	yslqczldaxcy.unicornpride123.com	1 redirects
1	p226681.mybetterdl.com	1 redirects
1	mybetterdl.com	1 redirects
1	downloadahceiduphoth.com
0	ckkjmlodapiblpkhgkhlehfdmconemfe Failed	download-now.org
28	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
Frame ID: F72BE743441305E75A93A9AB3B4EE54B
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dl.downloadahceiduphoth.com/n/3.1.13.17/12769775/mineways%20minecraft.exe HTTP 302
http://dl.downloadahceiduphoth.com/ Page URL
http://downloadahceiduphoth.com/ Page URL
http://mybetterdl.com/aS/feedclick?s=HHmPzgBa8P6R0L8fu_q-_K3dDnCBF-q5Hbw7jypZ-P2bhXZM-sSS_4LUfaDR_... HTTP 302
http://p226681.mybetterdl.com/adServe/domainClick?ai=fYa9dieACW3GvG79Yv105MYkTTf1YrV0c57sA9czfUcPXo_kKDL9C... HTTP 302
https://yslqczldaxcy.unicornpride123.com/l.php?p=c:g3_4z2j3fh7g3f&d=60c9c824f149132c88341864&s=82863294&b=@@CREATIVE-... HTTP 302
https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

28
Requests

50 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

5
IPs

3
Countries

98 kB
Transfer

129 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dl.downloadahceiduphoth.com/n/3.1.13.17/12769775/mineways%20minecraft.exe HTTP 302
http://dl.downloadahceiduphoth.com/ Page URL
http://downloadahceiduphoth.com/ Page URL
http://mybetterdl.com/aS/feedclick?s=HHmPzgBa8P6R0L8fu_q-_K3dDnCBF-q5Hbw7jypZ-P2bhXZM-sSS_4LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwiN5ECptO-enZsgzB4lH00ug8e5ExIzs-GByJkw_hnoLHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy8AYCZdLrThBz4VBHKiLXGiGaenhgaJHEHjl47HRGpo7Z10qg90NUDX0-ghrcwvA_wnQjVzUAiNXkaj--lLQsRBG4CrudE72359OgVVqvCN6SsXHnKS05C2aFC7M1HSprUtU0HVEHmcUwyzfOgvVizArzQsei2r8ZLALshwYLyJljLYOun8yQNOvfzeAkXvu9p2Y_14sfLk5Y_d6ENHpyj26omXDCm1_7dy9Hlf_cvE_acaPU_bSit2CcfQ31LuF7GWJWZYQLBTZuX913r1cvsMWfTHbr8fZUJMc6gnQun0lCTkjlDccnthSoxzV2AIEFOsP-QCaHGrP0WDIlZM9jhQW0Ju-9_H6eJmeWRAwSVjWRPAfJhg_iZLNEIKXcxKod1jcY3AiJzHUDOWbnYXySQt-0Ypbk0PzUsDwzhKS9zMSHNwgSFNOtGzfqnkqKQ8GsWw2AxgjhSnebwuegdRIX3DDUC3EkBJyGUFbF8B2IxFFnJ1r9kWXrclyc0GcoOKyuQeoWTPLu-K4gWS5c0c-fIBcLMQRoVNaZFRCHLuvqUbd9P2fX1ncTFMwEsYATTcawFbFE-2RNQtGPqiwHr15bG_yZoIK1h2vVEuOt_6FTKET5cfBy3_4qpLyjsgywr4wypmdoJdbS62bG5y0QDWy_hcX6zTjz9WlaUnLBRFTlypTi4rq5V9k0BIx40fNJNoff_ruGLsJ_hJ2CSubYgfPfWlHGwAxpYAMEpCdFkew4t1V45xlIc0OnIy8L11-lo9upjujyjTEvUT8ZRlk-8Imx7q9y0Nfb3Xlj4Sq03El6NDDXPnZ9PbJRazaJCffFWvyHv8ouvelMjVNIS7F7ETODto4vvx8Zv3vxM7p7u3m3xI_eCIwZk_yF6oRIv_SMrCu9IXtt9bxoAWcgidD59ni-he2mnn1JCOI4zAal9SIhpW6e3HzxTQDnf-mwG-rD5Ie2auU9AVlimGnzpcjakWTGeH0GiMn7YEUwWchxPX96b1dyQPtXcJTecQHYnF_uGKIhdRyZG1Y_GLSazOPI24a6Gg-ndPRQ-CotN8ZxTLpvqm1TZd115EkUBtyUMvHCdVb6D8JrZIWblPNBPV9wGELAqQBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliAlxsKB_LBxyDMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpMLegIQEjz2dK2-dz72LVJJi2L-4COsWdTlIP5ptT_pYjwTTs0r-MlwJ0GETSr-nK33L2rHAFg9LmGKtkyD3Tx4g8OBcTqzMNg03xAeRJf4JABXbpu1t1MeNh4mT_PAWawnLjdlXqbk_3xfVLTwkTOKel8lJZsgqfG2mGFLYBwYcTzmo2noB_TTV3ojHYZc46Mmzo3YL7D2vXGPcn2mEpvjPbBzIhP5Lo7Qff73Sp7GQmD53ah4kLKUnxpsVEhnST_DjloWx7ayWU4pH4IqL07G5Ged09rYW4QZJ8jag5Zkg17mpX6WJTY7pBpKPHqFei7VsLel-FRqz6MhDqf7kErmKyHWIPaJCOQnQYRNKv6crfcvascAWD0ubU1gmGsb8DbCobYxbMs3_jtU43wuTOavrKRnu7jQlrCBlos9PKkAmvo1Vgu2XzA8FgRrt2Me9tiD9H7QO_kArhKJJvHcy8CHJg1v6JbB0DQ HTTP 302
http://p226681.mybetterdl.com/adServe/domainClick?ai=fYa9dieACW3GvG79Yv105MYkTTf1YrV0c57sA9czfUcPXo_kKDL9CGWHLi37HIXuj7E6Fkq-2MakeTFnz2_aI3lw1snk2qga5d7-3S6MoZY_SzowGwVNMMYPJS0nBTb8RuUtMh92jrf7nrmGQPe56oaidZK94kSBfz4ZL9V_hP_N2_ILEJKQ9wEu8OWYFJ_oXkqEKCd1Yju3SjFa3OANQof18T9CpHqCT2L9NFyVXF55Q47z-CV1ol2k4XVJzHJX8mFgHSWE3TZCmMVN-TIPPSbOjdgvsPa9cY9yfaYSm-O0N4LYCuDc--1Gvs74iT4yCW3sEAs7Z1njQgfB650u2ztU43wuTOavrKRnu7jQlrAk-MFSMweLFO3jlmAeq5lks-J-UyvYYNQOiM3be_HS3KlM2nmIUo8KOMM3uHGhqQ7wHQ8XzWThVcVnwTvz4JH_S4_YcX9EiZNLVX1G33FwFNnYEbJf3CEnYc2ryRH6OnrHlauBmPbhXREhMtONcIITKwIFdkeLmyMofvF1o2CObr2dLb6wMnNdVZB0VMBlc7HuP4capgYnWd-PxFAQe091uRwRwBiPGktPsQpw5IhBxX3vTnSSzfaN72KUIyJk9L8&ui=HHmPzgBa8P6R0L8fu_q-_FY37AsT2AewfAnm01quE0lVMpWmMYaf70Sc266XgbgTeFbgn6RPLL6-F3LkGA7iAn0nXFrSf-dsrvSipGOjDbkaq3bbFH50rg&si=1&oref=99cd5a3d06d00d9a99da86c19f2c5c22&optunit=T6fGUO9OT52qxOTgwDIKtHNGmvf9UzuqZZJCxAdeOqU&rb=jX0e-gVzQEk&rr=1&abtg=0 HTTP 302
https://yslqczldaxcy.unicornpride123.com/l.php?p=c:g3_4z2j3fh7g3f&d=60c9c824f149132c88341864&s=82863294&b=@@CREATIVE-ID@@&bid=0.005&pid=86307503688&cmp=60c9c824f149132c88341864&keyword=downloadahceiduphoth.com+RO+Computers+digital+media+mixing+Electronics+audio+processing+Software+graphics+RO+Computers+digital+media+mixing+Electronics+audio+processing+Software+graphics HTTP 302
https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dl.downloadahceiduphoth.com/n/3.1.13.17/12769775/mineways%20minecraft.exe HTTP 302
http://dl.downloadahceiduphoth.com/

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
dl.downloadahceiduphoth.com/
Redirect Chain

http://dl.downloadahceiduphoth.com/n/3.1.13.17/12769775/mineways%20minecraft.exe
http://dl.downloadahceiduphoth.com/

376 B
458 B

140ms
139ms

Document
text/html

213.247.47.190
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: http://dl.downloadahceiduphoth.com/
Protocol: HTTP/1.1
Server: 213.247.47.190 Garden City, United States, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Host: dl.downloadahceiduphoth.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Fri, 25 Jun 2021 15:16:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0
Date: Fri, 25 Jun 2021 15:16:44 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: http://dl.downloadahceiduphoth.com/

POST
H/1.1 200
OK Cookie set /
downloadahceiduphoth.com/ 2 KB
2 KB 816ms
698ms Document
text/html 213.247.47.190
SENTIA

General

Check archive.org

Show headers Download Go to

Full URL: http://downloadahceiduphoth.com/
Protocol: HTTP/1.1
Server: 213.247.47.190 Garden City, United States, ASN8315 (SENTIA, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Host: downloadahceiduphoth.com
Connection: keep-alive
Content-Length: 12
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: http://dl.downloadahceiduphoth.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dl.downloadahceiduphoth.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://dl.downloadahceiduphoth.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dl.downloadahceiduphoth.com/

Response headers

Server: nginx/1.18.0
Date: Fri, 25 Jun 2021 15:16:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6MjEsInRzIjoxNjI0NjM0MjA1LCJoYXNoIjoiOTQzNmM2NzAifQ==;Expires=Fri, 25-Jun-2021 16:16:45 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H2

200

Primary Request google.html Show response
download-now.org/
Redirect Chain

http://mybetterdl.com/aS/feedclick?s=HHmPzgBa8P6R0L8fu_q-_K3dDnCBF-q5Hbw7jypZ-P2bhXZM-sSS_4LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwiN5ECptO-enZsgzB4lH00ug8e5ExIzs-GByJkw_hnoLHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBq...
http://p226681.mybetterdl.com/adServe/domainClick?ai=fYa9dieACW3GvG79Yv105MYkTTf1YrV0c57sA9czfUcPXo_kKDL9CGWHLi37HIXuj7E6Fkq-2MakeTFnz2_aI3lw1snk2qga5d7-3S6MoZY_SzowGwVNMMYPJS0nBTb8RuUtMh92jrf7nrmG...
https://yslqczldaxcy.unicornpride123.com/l.php?p=c:g3_4z2j3fh7g3f&d=60c9c824f149132c88341864&s=82863294&b=@@CREATIVE-ID@@&bid=0.005&pid=86307503688&cmp=60c9c824f149132c88341864&keyword=downloadahce...
https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

4 KB
2 KB

63ms
40ms

Document
text/html

2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Requested by

Host: downloadahceiduphoth.com
URL: http://downloadahceiduphoth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daeddc0b6ed298ae6d1d5cf075b24cbf6d0341439229f4c19cfbe655dcb41162

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:method: GET
:authority: download-now.org
:scheme: https
:path: /google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://downloadahceiduphoth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://downloadahceiduphoth.com/

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
content-type: text/html
strict-transport-security: max-age=16000000
last-modified: Wed, 23 Jun 2021 09:08:12 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0ae557c04800004a56eea0f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2wkELmyUfw8lwFgE2oNyU%2FV6hmLoRk78yDhvUv7%2BrmN%2FubvU%2FVrCwW7DpHjtPcRckwR8pG8eubVlmNlE746e7sMwiIyFnOmbHiglMtbglVsC13zsYfWbDSCIrIhY8bbU%2Fk7xHzTcZ2zqNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 664f28ad38fa4a56-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server: nginx
Date: Fri, 25 Jun 2021 15:16:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 11qjas5h5g
Raund: c6
Location: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

GET
H3-29 200 google.css
download-now.org/css/ 3 KB
1 KB 48ms
29ms Stylesheet
text/css 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://download-now.org/css/google.css

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1a7649aff16708ed07194240ecb50abf4a0adba93805438ed32879639c13aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /css/google.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4813
cf-polished: origSize=4307
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c08d00004e98aa8ed000000001
last-modified: Wed, 23 Jun 2021 09:08:31 GMT
server: cloudflare
etag: W/"10d3-5c56b4025238e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LuFK9NIAFE9rgF2%2BATXfhwnvIsS3NALVCQkpb7SkwToFSOKEsOd0B4mgJZLsaBD98RVDBFy%2Fchz%2BwVR6KS4%2BcWWG48lRUPJkCQO2r050vF2SHl8XdUKSI5aZ6SOYAYmjTKIp3EUntV%2BoXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=172800
cf-ray: 664f28adae124e98-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 7 KB
787 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16c45b725f4501b58513b0b3681ac4f10dec56498c1a7f37ac7a1dee3cd092ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://download-now.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 13:42:34 GMT
server: ESF
date: Fri, 25 Jun 2021 15:16:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Jun 2021 15:16:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
555 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round&display=swap

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://download-now.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 14:11:27 GMT
server: ESF
date: Fri, 25 Jun 2021 15:16:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Jun 2021 15:16:46 GMT

GET
H3-29 200 api.js Show response
download-now.org/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 28ms
11ms Script
text/javascript 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://download-now.org/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UMc9%2Fowve%2FWBa3Be8ATu8y66jjUgPxnroQPmzG1CQQ3NGCO94mj4ixx64D%2FgPUvl0iBaYNQyZRcBvijHzsHeb82b1l5pMcO%2FvY4HLLGKV1DcrKsUDdLo98h2cCZkgBvRW%2BgouZfAgljUGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 664f28adae184e98-FRA
cf-request-id: 0ae557c08d00004e98ad1ac000000001

GET
H3-29 404 close.png
download-now.org/img/ 1 KB
1 KB 89ms
71ms Image
text/html 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-now.org/img/close.png

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c375166cfa3cc2530b1dd9d2cdf309e46aaa02c2b5453b508a8fb2caee7a8016

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /img/close.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=16000000
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Fri, 25 Jun 2021 15:16:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-language,accept-charset, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nxmECfFOSvPJ5UhNe%2BZbCWijhH4XfS9Y4yfpbsc1%2BEG7mJIUUSMIxc1P4zKzZuDNVhgZ9zBHOg%2F%2F3GgHWREvUeOuxpgAR%2FkPjz1gu3hsIO3%2FfBABZeBPomNUGA0%2BepVLboM0U%2Bg0U0D21w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
content-type: text/html; charset=utf-8
cache-control: max-age=172800
cf-ray: 664f28adae1c4e98-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c08e00004e986f22b000000001

GET
H3-29 200 mustache.png
download-now.org/img/ 2 KB
2 KB 35ms
17ms Image
image/png 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-now.org/img/mustache.png

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc5a7ff04e3ff17c76ec198276737b974ebbcdc100ac75a9d6317a8efaff239b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /img/mustache.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4813
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c08e00004e9880b01000000001
last-modified: Wed, 23 Jun 2021 09:08:27 GMT
server: cloudflare
etag: W/"6ea-5c56b3fddaaae-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7XckRiYqxrfaMnK4kp1pLElu6LXwbWwYez%2BVAJmrjeOizvDpKie0fZRiSIDkNdZAYgiVaR8DKwiDKb5XI3DM7SDDW1GjEG8jXPajP%2FAf0yYxTiRkS6JXBmG7CLpTDAprUhR%2FlIN4LwyaYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
cf-ray: 664f28adae1d4e98-FRA

GET
H3-29 200 tv.png
download-now.org/img/ 1 KB
2 KB 31ms
15ms Image
image/png 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-now.org/img/tv.png

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b04247847ccc662b8da5d619dec3fa4edbb7b1ba400d460fbcb6a3b8fe92c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /img/tv.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4813
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c08d00004e9888b1f000000001
last-modified: Wed, 23 Jun 2021 09:08:20 GMT
server: cloudflare
etag: W/"5af-5c56b3f7bc42e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5djBCqeSKVib3YKXV%2FurthU75pQhQRtbMoY5077e7mnnaolZ0%2FFulUavvbDJpP%2Fjx9RyTgapVzrbXGpj%2B1FlK2w5lsiYvk%2F3Vr%2BwUDFeFmrOIv97%2FLFatCQYQ%2FiFoF0EnvMkRlEP%2FCcBzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
cf-ray: 664f28adae154e98-FRA

GET
H3-29 200 weigh.png
download-now.org/img/ 2 KB
3 KB 36ms
19ms Image
image/png 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-now.org/img/weigh.png

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f33551f03fef7d0e7c544b7cb774d11e6115efdba1336625853e7142a572378d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /img/weigh.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4813
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c08e00004e983d8fe000000001
last-modified: Wed, 23 Jun 2021 09:08:28 GMT
server: cloudflare
etag: W/"7ad-5c56b3fedd74e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U2FqOoF2tH2QAdkBPq0hfqOPsUSQ2zVxvPLZt6mHyzg7AaZHmJkEuPJtwJqRZpdJn3WJJYaJzIT%2BEW7eyg5GavymNbvBHQTTbvXdXtzl3qQQoqq3us6IzH3OmunXGicuZg10Qmf8HngYwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
cf-ray: 664f28adae1a4e98-FRA

GET
H3-29 200 ChromeWebStore_Badge_v2_206x58.png
download-now.org/img/ 3 KB
4 KB 33ms
18ms Image
image/png 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-now.org/img/ChromeWebStore_Badge_v2_206x58.png

Requested by

Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /img/ChromeWebStore_Badge_v2_206x58.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6316
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c09100004e987a347000000001
last-modified: Wed, 23 Jun 2021 09:08:26 GMT
server: cloudflare
etag: W/"d6b-5c56b3fcdbc8e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=U6Qp2iP1ykI9P3Ht%2Beb%2FDDbd4YxH5kmxF2VlumZmHFMiASXpHEkf7kf2HGG3Pd2yTqDftngJfZMYkt3WT%2F3QkM1vbQWi58mB7O7DruXjK0fuYgcsoRFxYvShF89mjtwoPfU5QIcjpJsuIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
cf-ray: 664f28adae104e98-FRA

GET 128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 0
0

GET
H3-29 200 google-bg.jpg
download-now.org/img/ 38 KB
39 KB 17ms
17ms Image
image/jpeg 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://download-now.org/img/google-bg.jpg

Requested by

Host: download-now.org
URL: https://download-now.org/css/google.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2a5630bbedc6f9a51a090c000d52016d0e55b276da035e1e724f7004a755b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

:path: /img/google-bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: download-now.org
referer: https://download-now.org/css/google.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://download-now.org/css/google.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4698
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae557c0b100004e986f232000000001
last-modified: Wed, 23 Jun 2021 09:08:24 GMT
server: cloudflare
etag: W/"998d-5c56b3fb7d32e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1%2F%2FsFVJsum8pgxSlOcw2Hy6hfeylOs%2FHhw3FiE44rOjJAFFyKXrqF50rJZOIZD%2FeHv48ZMQRBm0UkZ9eGVW%2BwuxsTD5S2Q1EAnq6jIVfNylVIMg5x5G8nJXTenxgZZGryAbO8NGU8OsLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
cf-ray: 664f28adeec54e98-FRA

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://download-now.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 18:46:29 GMT
x-content-type-options: nosniff
age: 246617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 18:46:29 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://download-now.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 22:24:53 GMT
x-content-type-options: nosniff
age: 233513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:24:53 GMT

POST
H3-29 204 result Show response
download-now.org/cdn-cgi/bm/cv/ 0
701 B 23ms
22ms XHR
text/plain 2606:4700:3037::6815:59ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://download-now.org/cdn-cgi/bm/cv/result?req_id=664f28ad38fa4a56
Requested by: Host: download-now.org
URL: https://download-now.org/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:59ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://download-now.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 489
:path: /cdn-cgi/bm/cv/result?req_id=664f28ad38fa4a56
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: download-now.org
referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Jun 2021 15:16:46 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Li1XL%2Fqo5%2BcrCl1LVozU1VMsinJA9WZLTzab1mxQCOOuaZhgAnxiH5IUhOZxtjbVM07eHvG4PaLUIrjkfIvxr7YOrDcTWFa7pgrMgFSCLRBN%2FZFyissdHHhNqsjgk6gdYSLCAqRDBb%2BYHg%3D%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=e02871452fcf7767ef8e31c8699e24684678d6bc-1624634206-1800-AUJV3fiWNIqztjFIEOObRI1rhvc/knWJljmgFucv3S1wt1LV/Q/ZfMPaWg9f8SQGHsmxUQdZyv9PlvQ6Gu1oWjlINXhvsC6UDPI+EsCLl4gG2mO9R2oEWLPHXW+aJCCFp496ZzJ/qegSokG8TDCHbwU=; path=/; expires=Fri, 25-Jun-21 15:46:46 GMT; domain=.download-now.org; HttpOnly; Secure; SameSite=None
cf-ray: 664f28af0a144e98-FRA
cf-request-id: 0ae557c16100004e9891372000000001

GET 128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Domain: ckkjmlodapiblpkhgkhlehfdmconemfe
URL: chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed
console-api	log	URL: https://download-now.org/google.html?an=un&cid=60d5f35e025e342fc9790936&sid=82863294(Line 54) Message: Chrome Extension Not installed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ckkjmlodapiblpkhgkhlehfdmconemfe
dl.downloadahceiduphoth.com
download-now.org
downloadahceiduphoth.com
fonts.googleapis.com
fonts.gstatic.com
mybetterdl.com
p226681.mybetterdl.com
yslqczldaxcy.unicornpride123.com
ckkjmlodapiblpkhgkhlehfdmconemfe
173.192.101.24
213.247.47.190
2606:4700:3037::6815:59ab
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
51.38.254.255
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
16c45b725f4501b58513b0b3681ac4f10dec56498c1a7f37ac7a1dee3cd092ba
1b1a7649aff16708ed07194240ecb50abf4a0adba93805438ed32879639c13aa
1d2a5630bbedc6f9a51a090c000d52016d0e55b276da035e1e724f7004a755b4
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
56b04247847ccc662b8da5d619dec3fa4edbb7b1ba400d460fbcb6a3b8fe92c4
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
c375166cfa3cc2530b1dd9d2cdf309e46aaa02c2b5453b508a8fb2caee7a8016
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
daeddc0b6ed298ae6d1d5cf075b24cbf6d0341439229f4c19cfbe655dcb41162
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f33551f03fef7d0e7c544b7cb774d11e6115efdba1336625853e7142a572378d
fc5a7ff04e3ff17c76ec198276737b974ebbcdc100ac75a9d6317a8efaff239b

download-now.org Open in urlscan Pro 2606:4700:3037::6815:59ab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

50 %HTTPS

50 %IPv6

7 Domains

9 Subdomains

5 IPs

3 Countries

98 kBTransfer

129 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

download-now.org Open in urlscan Pro
2606:4700:3037::6815:59ab Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

50 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

5
IPs

3
Countries

98 kB
Transfer

129 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions