99downloader.com Open in urlscan Pro
159.203.138.249 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://99downloader.com/
Submission Tags: falconsandbox
Submission: On June 19 via api (June 19th 2022, 12:44:42 am UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 159.203.138.249, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is 99downloader.com.

This is the only time 99downloader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	159.203.138.249 159.203.138.249	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
6	108.168.193.189 108.168.193.189	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:401... 2a00:1450:401b:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
6	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
17	5

2 159.203.138.249 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

99downloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.192.101.24 (Dallas, United States) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com

mybetterck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401b:800::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

p24581.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	mycdn.co p24581.mycdn.co	160 KB
6	mybetterck.com mybetterck.com — Cisco Umbrella Rank: 51835	102 KB
3	clksite.com 3 redirects clksite.com — Cisco Umbrella Rank: 114732	691 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
2	99downloader.com 99downloader.com	10 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 125	439 B
17	6

	Domain	Requested by
6	p24581.mycdn.co	clksite.com p24581.mycdn.co 99downloader.com
6	mybetterck.com	99downloader.com clksite.com
3	clksite.com	3 redirects
2	www.google-analytics.com	99downloader.com www.google-analytics.com
2	99downloader.com	99downloader.com
1	stats.g.doubleclick.net	www.google-analytics.com
17	6

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
twitter.com
www.intango.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-10-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://99downloader.com/
Frame ID: 74E3D41404F2A9C8A0019A669ADFA573
Requests: 15 HTTP requests in this frame

Frame: http://p24581.mycdn.co/uicomp/styles/dist/143-0/it-banner-frame.css
Frame ID: 724C8115ECA41C6BFEFA8B09122E073E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download from Facebook, Twitter, Instagram, MixCloud & many more

Detected technologies

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

17
Requests

18 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

292 kB
Transfer

895 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer/sharer.php?u=http://99downloader.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http://99downloader.com/
Title: G+

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=http://99downloader.com/&text=Download%20videos%20and%20mp3%20from%20facebook,%20mixcloud,%20soundcloud,%20dailymotion%20etc
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://clksite.com/adServe/banners?tid=24581_214374_4 HTTP 301
https://mybetterck.com/adServe/banners?tid=24581_214374_4

Request Chain 2

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 5

http://clksite.com/adServe/banners?tid=24581_214374_1&tagid=2 HTTP 301
https://mybetterck.com/adServe/banners?tid=24581_214374_1&tagid=2

Request Chain 6

http://clksite.com/adServe/banners?tid=24581_214374_2&pause=5 HTTP 301
https://mybetterck.com/adServe/banners?tid=24581_214374_2&pause=5

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
99downloader.com/ 8 KB
3 KB 652ms
100ms Document
text/html 159.203.138.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://99downloader.com/

Protocol

HTTP/1.1

Server

159.203.138.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

ad924ad25254bf70bd9b1bb2b3b080ba3c51bd8a6ba789e59888ff00a1091c4d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2537
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Jun 2022 00:44:36 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.18 (Ubuntu)
Vary: Cookie,Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H2

200

banners Show response
mybetterck.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=24581_214374_4
https://mybetterck.com/adServe/banners?tid=24581_214374_4

82 KB
31 KB

406ms
139ms

Script
text/javascript

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterck.com/adServe/banners?tid=24581_214374_4
Requested by: Host: 99downloader.com
URL: http://99downloader.com/
Protocol: H2
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 0254f7c9054ab0e84d1bb6fddd09257df4ef25fc6457f58703adf09955304915

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 00:44:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://mybetterck.com/adServe/banners?tid=24581_214374_4
Date: Sun, 19 Jun 2022 00:44:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK foundation.min.css
99downloader.com/static/downloadapp/found/css/ 33 KB
7 KB 98ms
98ms Stylesheet
text/css 159.203.138.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://99downloader.com/static/downloadapp/found/css/foundation.min.css
Requested by: Host: 99downloader.com
URL: http://99downloader.com/
Protocol: HTTP/1.1
Server: 159.203.138.249 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8ba91b4fc7def164c8caba3be63dee6fd498e9cf03dd8387614e306aa5437d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jan 2017 14:23:04 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "8393-5464b09cb1333-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7242

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

82ms
21ms

Script
text/javascript

2a00:1450:401b:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 99downloader.com
URL: http://99downloader.com/

Protocol

Server

2a00:1450:401b:800::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4316
date: Sat, 18 Jun 2022 23:32:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 19 Jun 2022 01:32:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 39ms
39ms XHR
text/plain 2a00:1450:401b:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2139801733&t=pageview&_s=1&dl=http%3A%2F%2F99downloader.com%2F&ul=en-us&de=UTF-8&dt=Download%20from%20Facebook%2C%20Twitter%2C%20Instagram%2C%20MixCloud%20%26%20many%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=632464078&gjid=1394628626&cid=191283091.1655599477&tid=UA-43670572-15&_gid=939213007.1655599477&_r=1&_slc=1&z=2074100704

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:401b:800::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://99downloader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 00:44:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://99downloader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 62ms
18ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43670572-15&cid=191283091.1655599477&jid=632464078&gjid=1394628626&_gid=939213007.1655599477&_u=IEBAAEAAAAAAAC~&z=1325277296

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://99downloader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 19 Jun 2022 00:44:37 GMT
content-type: text/plain
access-control-allow-origin: http://99downloader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

banners Show response
mybetterck.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=24581_214374_1&tagid=2
https://mybetterck.com/adServe/banners?tid=24581_214374_1&tagid=2

99 KB
38 KB

154ms
154ms

Script
text/javascript

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterck.com/adServe/banners?tid=24581_214374_1&tagid=2
Requested by: Host: 99downloader.com
URL: http://99downloader.com/
Protocol: H2
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: b9196c884f9e7c183b6130b93b029d129bb6289a2aaa5ff36c8855229964de9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 00:44:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://mybetterck.com/adServe/banners?tid=24581_214374_1&tagid=2
Date: Sun, 19 Jun 2022 00:44:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

banners Show response
mybetterck.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=24581_214374_2&pause=5
https://mybetterck.com/adServe/banners?tid=24581_214374_2&pause=5

80 KB
31 KB

153ms
153ms

Script
text/javascript

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterck.com/adServe/banners?tid=24581_214374_2&pause=5
Requested by: Host: 99downloader.com
URL: http://99downloader.com/
Protocol: H2
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 37ff245a1978671f2dc754c27ad7cd3595208ec6bee200f5526e11d767f4e4e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 00:44:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://mybetterck.com/adServe/banners?tid=24581_214374_2&pause=5
Date: Sun, 19 Jun 2022 00:44:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK ui_tag_143-0.js Show response
p24581.mycdn.co/banners/script/ 291 KB
65 KB 52ms
20ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://p24581.mycdn.co/banners/script/ui_tag_143-0.js
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_4
Protocol: HTTP/1.1
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3661a2d78edd57a838fc73b91574e7ad3e96b0af52d8c0c49f67aa1c9145fb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 08:29:13 GMT
Server: nginx
ETag: W/"61ac7859-48cdf"
X-HW: 1655599477.cds226.lo4.h2,1655599477.cds324.lo4.c
Content-Type: application/javascript
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66518

GET
H/1.1 200
OK it-ui-comp-37.css
p24581.mycdn.co/uicomp/styles/dist/143-0/ 23 KB
5 KB 21ms
21ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://p24581.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-37.css
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_4
Protocol: HTTP/1.1
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e48605dc57bfb041fe1f68d9e652ad884659a7ffe313ad36245b9e66a222909

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 13:47:33 GMT
Server: nginx
ETag: W/"61acc2f5-5dea"
X-HW: 1655599477.cds226.lo4.h2,1655599477.cds208.lo4.c
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4285

GET
H/1.1 200 findBanner Show response
mybetterck.com/adServe/banners/ 976 B
1 KB 282ms
153ms Script
text/javascript 108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://mybetterck.com/adServe/banners/findBanner?num=1&keyword=Download%20videos%20from%20Twitter%2C%20Facebook%2C%20Instagram%2C%20Metacafe%20and%20MP3%20from%20Mixclou&tid=24581_214374_4&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp24581.mycdn.co&bs=37&referrer=http%3A%2F%2F99downloader.com%2F&ap=cmp%3DBANNER%26evp%3Debx9GOHwD8ESJnkndYkBzvbWwvziNp_1MiqQaUf3OITguplhLK3etoCT4EFgqv4T%26sjv%3D143.1%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3D%250A%2509Download%2520from%2520Facebook%252C%2520Twitter%252C%2520Instagram%252C%2520MixCloud%2520and%2520many%2520more%250A&pid=24581&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0yJmk9MCZvPTAmc29fZmI9LTEmc29fZ289LTEmc29fZ3A9LTEmc29fdHc9LTEmc3A9MDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAmbW1fbW49MCZtbV9hcz0wJm1tX2FkPTAmbW1fbXQ9MCZtbV9zYz0wJm1tX3NkYz0wJm5jcnM9NA%3D%3D&olive=1&callback=ITC0fd4ybm37f55
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_4
Protocol: HTTP/1.1
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 6afabda171efb85afb8ff188bbf6996d59fab4cf4ac859317e759d939e88a95f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Jun 2022 00:44:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK rhpop_80.2-1.js Show response
p24581.mycdn.co/script/ 174 KB
65 KB 22ms
22ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://p24581.mycdn.co/script/rhpop_80.2-1.js
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_1&tagid=2
Protocol: HTTP/1.1
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: nginx
ETag: W/"5d10b4fc-2b75b"
X-HW: 1655599478.cds226.lo4.h2,1655599478.cds083.lo4.c
Content-Type: application/javascript
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65719

GET
H/1.1 200 olive Show response
mybetterck.com/adServe/ 0
112 B 132ms
132ms Script
text/plain 108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://mybetterck.com/adServe/olive?details=(undefined)%20ItPow%20-%20spw%20-%20Cannot%20assign%20to%20read%20only%20property%20%27createElement%27%20of%20object%20%27%23%3CHTMLDocument%3E%27&msg=TypeError%3A%20Cannot%20assign%20to%20read%20only%20property%20%27createElement%27%20of%20object%20%27%23%3CHTMLDocument%3E%27%0A%20%20%20%20at%20c0k.F0k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A92811)%0A%20%20%20%20at%20c0k.E8k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A94711)%0A%20%20%20%20at%20j5k.%3Ccomputed%3E.%3Ccomputed%3E%20%5Bas%20won%5D%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A100103)%0A%20%20%20%20at%20http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A112598%0A%20%20%20%20at%20http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A112688%0A%20%20%20%20at%20S7t%20(http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A118705)%0A%20%20%20%20at%20N1x.value%20(http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A174825)%0A%20%20%20%20at%20new%20N1x%20(http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A172868)%0A%20%20%20%20at%20Module.%3Canonymous%3E%20(http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A177865)%0A%20%20%20%20at%20Z4%20(http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A35666)&cid=24581_214374_1
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_1&tagid=2
Protocol: HTTP/1.1
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200 olive Show response
mybetterck.com/adServe/ 0
112 B 261ms
131ms Script
text/plain 108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://mybetterck.com/adServe/olive?details=(undefined)%20ItPow%20-%20destroy%20-%20Cannot%20assign%20to%20read%20only%20property%20%27createElement%27%20of%20object%20%27%23%3CHTMLDocument%3E%27&msg=TypeError%3A%20Cannot%20assign%20to%20read%20only%20property%20%27createElement%27%20of%20object%20%27%23%3CHTMLDocument%3E%27%0A%20%20%20%20at%20c0k.Y8k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A92970)%0A%20%20%20%20at%20c0k.j8k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A98487)%0A%20%20%20%20at%20O0k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A100471)%0A%20%20%20%20at%20E0k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A100872)%0A%20%20%20%20at%20Object.w0%20%5Bas%20de%5D%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A40115)%0A%20%20%20%20at%20B5k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A84054)%0A%20%20%20%20at%20c0k.E8k%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A95515)%0A%20%20%20%20at%20j5k.%3Ccomputed%3E.%3Ccomputed%3E%20%5Bas%20won%5D%20(http%3A%2F%2Fclksite.com%2FadServe%2Fbanners%3Ftid%3D24581_214374_1%26tagid%3D2%3A1%3A100103)%0A%20%20%20%20at%20http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A112598%0A%20%20%20%20at%20http%3A%2F%2Fp24581.mycdn.co%2Fscript%2Frhpop_80.2-1.js%3A1%3A112688&cid=24581_214374_1
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_1&tagid=2
Protocol: HTTP/1.1
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bounce-tag_80.2-1.js Show response
p24581.mycdn.co/banners/bounce/ 48 KB
18 KB 20ms
20ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://p24581.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=24581_214374_2&pause=5
Protocol: HTTP/1.1
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://99downloader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: nginx
ETag: "1561375996"
X-HW: 1655599478.cds226.lo4.h2,1655599478.cds034.lo4.c
Content-Type: application/javascript
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17978

GET
H/1.1 200
OK it-banner-frame.css
p24581.mycdn.co/uicomp/styles/dist/143-0/ Frame 724C 2 KB
1023 B 37ms
20ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://p24581.mycdn.co/uicomp/styles/dist/143-0/it-banner-frame.css
Requested by: Host: p24581.mycdn.co
URL: http://p24581.mycdn.co/banners/script/ui_tag_143-0.js
Protocol: HTTP/1.1
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sun, 19 Jun 2022 00:44:38 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 08:51:43 GMT
Server: nginx
ETag: W/"61ac7d9f-858"
X-HW: 1655599478.cds248.lo4.h2,1655599478.cds230.lo4.c
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 677

GET
H2 200 download_cloud_ad_37_en.gif
p24581.mycdn.co/ext/onn/yg1poimp/ Frame 724C 6 KB
7 KB 57ms
20ms Image
image/gif 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p24581.mycdn.co/ext/onn/yg1poimp/download_cloud_ad_37_en.gif
Requested by: Host: 99downloader.com
URL: http://99downloader.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f991ca31b607661c9f7455963256620ab29cd5ef2f71ed0f22bd24cb13ed0993

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 00:44:38 GMT
last-modified: Thu, 03 May 2018 08:53:11 GMT
server: nginx
etag: "5aeacdf7-1998"
x-hw: 1655599478.cds322.lo4.hn,1655599478.cds101.lo4.c
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6552

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
99downloader.com/	1970-01-20 12:37:29	Name: csrftoken Value: Oi9sTZEl27fJKqSWTSvXzAJ53wnOZTQq
.99downloader.com/	1970-01-20 21:24:31	Name: _ga Value: GA1.2.191283091.1655599477
.99downloader.com/	1970-01-20 03:54:45	Name: _gid Value: GA1.2.939213007.1655599477
.99downloader.com/	1970-01-20 03:53:19	Name: _gat Value: 1
99downloader.com/	1969-12-31 23:59:59	Name: rhid_c Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99downloader.com
clksite.com
mybetterck.com
p24581.mycdn.co
stats.g.doubleclick.net
www.google-analytics.com
108.168.193.189
151.139.128.11
159.203.138.249
173.192.101.24
2a00:1450:400c:c08::9a
2a00:1450:401b:800::200e
0254f7c9054ab0e84d1bb6fddd09257df4ef25fc6457f58703adf09955304915
3661a2d78edd57a838fc73b91574e7ad3e96b0af52d8c0c49f67aa1c9145fb77
37ff245a1978671f2dc754c27ad7cd3595208ec6bee200f5526e11d767f4e4e2
5e48605dc57bfb041fe1f68d9e652ad884659a7ffe313ad36245b9e66a222909
6afabda171efb85afb8ff188bbf6996d59fab4cf4ac859317e759d939e88a95f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
8ba91b4fc7def164c8caba3be63dee6fd498e9cf03dd8387614e306aa5437d2e
93a4512f74d4f46b230b4a335f956c14688561bd60a9c2e307ccb413c4fd6f4d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad924ad25254bf70bd9b1bb2b3b080ba3c51bd8a6ba789e59888ff00a1091c4d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b9196c884f9e7c183b6130b93b029d129bb6289a2aaa5ff36c8855229964de9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
f991ca31b607661c9f7455963256620ab29cd5ef2f71ed0f22bd24cb13ed0993

99downloader.com Open in urlscan Pro 159.203.138.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

18 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

292 kBTransfer

895 kBSize

5 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

99downloader.com Open in urlscan Pro
159.203.138.249 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

18 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

292 kB
Transfer

895 kB
Size

5
Cookies

17 HTTP transactions
0 data transactions