www.download-ready.net Open in urlscan Pro
2a06:98c1:3121::11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grotmr.info/xmax2?x=Chase%2Bpaymentech%2Bingenico%2Bmanual
Effective URL:
https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
Submission Tags: falconsandbox
Submission: On March 19 via api (March 19th 2022, 6:28:35 am UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2a06:98c1:3121::11, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.download-ready.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2021. Valid for: a year.

This is the only time www.download-ready.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.157.143.12 54.157.143.12	14618 (AMAZON-AES) (AMAZON-AES)
1	188.72.236.34 188.72.236.34	35415 (WEBZILLA) (WEBZILLA)
1	213.227.134.220 213.227.134.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:1446	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.227.132.155 213.227.132.155	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	2a06:98c1:312... 2a06:98c1:3121::11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	6

1 54.157.143.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-143-12.compute-1.amazonaws.com

grotmr.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.236.34 (Netherlands)

ASN35415 (WEBZILLA, NL)

1getnewonnx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

aditmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

kanvo.cogliatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:1446 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.132.155 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

tracking.prtrackings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::11 (United States)

ASN13335 (CLOUDFLARENET, US)

www.download-ready.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	download-ready.net www.download-ready.net	40 KB
1	prtrackings.com 1 redirects tracking.prtrackings.com — Cisco Umbrella Rank: 138819	303 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 243651	1 KB
1	cogliatu.com kanvo.cogliatu.com	1 KB
1	g2afse.com aditmedia.g2afse.com — Cisco Umbrella Rank: 87493	456 B
1	1getnewonnx1.com 1getnewonnx1.com	6 KB
1	grotmr.info 1 redirects grotmr.info	333 B
0	Failed function sub() { [native code] }. Failed
17	8

	Domain	Requested by
8	www.download-ready.net	kanvo.cogliatu.com www.download-ready.net
1	tracking.prtrackings.com	1 redirects
1	cdn.addlnk.com	kanvo.cogliatu.com
1	kanvo.cogliatu.com
1	aditmedia.g2afse.com	1getnewonnx1.com
1	1getnewonnx1.com
1	grotmr.info	1 redirects
0	ofmjepimahcfbmcdfbmeihkondkfeobh Failed	www.download-ready.net
17	8

This site contains links to these domains. Also see Links.

Domain
theadblockmaster.com

Subject Issuer	Validity	Valid
1getnewonnx1.com R3	`2022-03-03` - `2022-06-01`	3 months	crt.sh
*.g2afse.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-08-05` - `2022-09-03`	a year	crt.sh
*.cogliatu.com E1	`2022-02-20` - `2022-05-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
Frame ID: E6E6919865867BB673DD973F22C72536
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AdBlock Master

Page URL History Show full URLs

http://grotmr.info/xmax2?x=Chase%2Bpaymentech%2Bingenico%2Bmanual HTTP 302
https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+ma... Page URL
https://aditmedia.g2afse.com/click?pid=3580&offer_id=17234&sub2=262516&sub1=AA54NWJ0AQQAzk8CAERFFwASAOntyNIA Page URL
https://kanvo.cogliatu.com/oc/415704c479?affclick=6235780e2516de0001440465&pubid=3580_262516 Page URL
https://tracking.prtrackings.com/click?pid=51&offer_id=1947&sub2=91c35fee&sub1=pub393578746621413d9f76607c8d6... HTTP 302
https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee Page URL

Page Statistics

17
Requests

71 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

49 kB
Transfer

99 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://theadblockmaster.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://theadblockmaster.com/privacy.html#eula
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://theadblockmaster.com/privacy.html#contact
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grotmr.info/xmax2?x=Chase%2Bpaymentech%2Bingenico%2Bmanual HTTP 302
https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+manual&s1=Chase+paymentech+ingenico+manual&s2=b20 Page URL
https://aditmedia.g2afse.com/click?pid=3580&offer_id=17234&sub2=262516&sub1=AA54NWJ0AQQAzk8CAERFFwASAOntyNIA Page URL
https://kanvo.cogliatu.com/oc/415704c479?affclick=6235780e2516de0001440465&pubid=3580_262516 Page URL
https://tracking.prtrackings.com/click?pid=51&offer_id=1947&sub2=91c35fee&sub1=pub393578746621413d9f76607c8d6c0887 HTTP 302
https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://grotmr.info/xmax2?x=Chase%2Bpaymentech%2Bingenico%2Bmanual HTTP 302
https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+manual&s1=Chase+paymentech+ingenico+manual&s2=b20

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9
1getnewonnx1.com/
Redirect Chain

http://grotmr.info/xmax2?x=Chase%2Bpaymentech%2Bingenico%2Bmanual
https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+manual&s1=Chase+paymentech+ingenico+manual&s2=b20

6 KB
6 KB

632ms
259ms

Document
text/html

188.72.236.34
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+manual&s1=Chase+paymentech+ingenico+manual&s2=b20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.72.236.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Sat, 19 Mar 2022 06:28:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 19 Mar 2022 06:28:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
location: https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+manual&s1=Chase+paymentech+ingenico+manual&s2=b20

GET
H2 200 click
aditmedia.g2afse.com/ 230 B
456 B 58ms
19ms Document
text/html 213.227.134.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://aditmedia.g2afse.com/click?pid=3580&offer_id=17234&sub2=262516&sub1=AA54NWJ0AQQAzk8CAERFFwASAOntyNIA
Requested by: Host: 1getnewonnx1.com
URL: https://1getnewonnx1.com/MBraE924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Chase+paymentech+ingenico+manual&s1=Chase+paymentech+ingenico+manual&s2=b20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.134.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1getnewonnx1.com/

Response headers

server: nginx
date: Sat, 19 Mar 2022 06:28:30 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 415704c479 Show response
kanvo.cogliatu.com/oc/ 1 KB
1 KB 168ms
136ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kanvo.cogliatu.com/oc/415704c479?affclick=6235780e2516de0001440465&pubid=3580_262516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36fcc875e6ab61b9fb06226868ca9519b792e1bd2819dfb31e805b63c665526a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en-us
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDdfeKXPoOBDnlROM0yQrtg%2BAt%2FKKfcT%2FTSHPDZGxYf4yWcn7SHNMMNBHpEI1lNWqFQxla%2B1FeHp%2BztHjzLQ8BRdEAkKmQrENXH5gdNQ9JurT2f3S0vy%2Fct8iVqWUawgOJ0lG5rU6ErgXbV89P8n3t4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ee425fa3f8091cf-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 67ms
22ms Stylesheet
text/css 2606:4700:3033::6815:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: kanvo.cogliatu.com
URL: https://kanvo.cogliatu.com/oc/415704c479?affclick=6235780e2516de0001440465&pubid=3580_262516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4944
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SK3KBGMKJ4YWWVBV
x-amz-id-2: eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIRgYk2KWaW0OvlXkZuxDEsogOlsUQyoWs%2BOoMXJSHBY9cdeqZx%2FKd4k3DgcdKe29pjgPpeReYEonpyTrH2o7TjqsHuDHH4rE6uj3SGaHxPuGK2D8wnqUU9EV3zG2syGDv9zbgoDnrWfT0BWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 6ee425fb6a4f9191-FRA
cf-bgj: minify

GET
H2

200

Primary Request recommended.html Show response
www.download-ready.net/
Redirect Chain

https://tracking.prtrackings.com/click?pid=51&offer_id=1947&sub2=91c35fee&sub1=pub393578746621413d9f76607c8d6c0887
https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee

12 KB
4 KB

65ms
29ms

Document
text/html

2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee

Requested by

Host: kanvo.cogliatu.com
URL: https://kanvo.cogliatu.com/oc/415704c479?affclick=6235780e2516de0001440465&pubid=3580_262516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

626ac44dd2a530d0ecf512dd792f5dcd2a034569027d3fd68c160984cd6a2795

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://kanvo.cogliatu.com/oc/415704c479?affclick=6235780e2516de0001440465&pubid=3580_262516

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
content-type: text/html
strict-transport-security: max-age=16000000
last-modified: Thu, 10 Mar 2022 07:41:21 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ%2FGbdqXwiYAQw%2F9CkDaR8eLlxcZ%2FCy0QIdGm2dld3YBgIKUFb292y057%2FHRSF2WC6u3yWLFST%2Fe5sg%2Bk3NjVaLh9XJrhhUreiQQ%2FgKsPJve4A2MbmVX%2FbuA9IfLmK4KNqVBogfsA%2FqF2P1cLW%2Fgp0isSXtr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ee425fcdc1892c5-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx
date: Sat, 19 Mar 2022 06:28:30 GMT
content-length: 0
location: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
access-control-allow-origin: *

GET
H2 200 style.css
www.download-ready.net/img/ 3 KB
1 KB 13ms
11ms Stylesheet
text/css 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.download-ready.net/img/style.css

Requested by

Host: www.download-ready.net
URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9494d0f6037f962179023105e1d3c1c2a337e2d8638bc89be7f9ecdfaf69b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156
cf-polished: origSize=4071
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 07:42:15 GMT
server: cloudflare
etag: W/"fe7-5d9d85a587fb5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FN6EhMn8K0XTiZ7nGs3CWNFcjGILQkEahKsP5oBI%2BcHwZ%2Bd7LFlUFTkLGsDiO96i6NyCVEcz%2FnipsMPkWC0DWGBdIyCA2aG2aRagJJf5HKb3DOP70Zi7edZZcovrqd9e391bXSkidDmK%2FWf%2Fe3wqP%2Bov3Wv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6ee425fd1c7492c5-FRA
cf-bgj: minify

GET
H2 200 invisible.js Show response
www.download-ready.net/cdn-cgi/challenge-platform/h/b/scripts/ 43 KB
16 KB 17ms
16ms Script
text/javascript 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.download-ready.net/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647669600
Requested by: Host: www.download-ready.net
URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325cd64eeef2b291b4a1c29f34ecaab4d4888098908fcc3dc88991d99bec3ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PXVjVqwpqxJ3SLX%2BjL6zb0ZBSMP%2Fw%2BI9nLlBkityW6rh39Hhl49UIg7Ck6r%2FtLgIcuaTTS%2BXkqMfyZ%2Bb%2B%2FAciPGAMN1THB6lkHJ4lYtkGT3CJqWQWbyVFuGa1YU7BS9W3tBfUdhNKOn%2BuhQPROb3yBdyxYL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6ee425fd1c7692c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 shield-green.png
www.download-ready.net/img/ 3 KB
3 KB 12ms
12ms Image
image/png 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.download-ready.net/img/shield-green.png

Requested by

Host: www.download-ready.net
URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

630ce6473e382f902d131f5ef9ad843593f4579a9f091e20661e7f23be17d41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Mar 2022 07:41:38 GMT
server: cloudflare
age: 17
etag: W/"c69-5d9d8581df135-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahT4t%2FUUrjkfcB8%2FPsBaoGX7Z2gv0nJIJlz7bSpRvUdc5G7q6S70U3zxSBOyDSUevnU8g0Eiboynrijq%2FGtACZOEIMMTr0w4ykdB16kXnYklIlf4wya%2FIyeVjNHdUgwdHingd58oo0mmN3z78FkV8yOGHqZi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16000000
cf-ray: 6ee425fd1c7992c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 shield-gray.png
www.download-ready.net/img/ 536 B
872 B 13ms
13ms Image
image/png 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.download-ready.net/img/shield-gray.png

Requested by

Host: www.download-ready.net
URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

020853e5b5b184053ea5efd39bbbb8d1bbc6eeb4596d18deec738479c84287b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Mar 2022 07:41:55 GMT
server: cloudflare
age: 156
etag: W/"218-5d9d8592e3855-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZBPJ0XI5Fu96tJMGVCAXY2%2Bj865P%2BZoTBE6qVj8PEy3Grc9eFi5xj3dPxn8PpYaBztJvdrGo57vzl6tvTp1QED08C%2BrFytsn%2B5hN05NVj3c0QuWP1rBtOBviUoWziMAo3vn0apmwsAmD%2FWzmyBPjgP6c%2BUR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16000000
cf-ray: 6ee425fd1c7a92c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 100.png
www.download-ready.net/img/ 5 KB
5 KB 12ms
12ms Image
image/png 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.download-ready.net/img/100.png

Requested by

Host: www.download-ready.net
URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74918f6fed0e761f9e4229f3c8daec81f46bc1dea776cd804849a873e7f1ea7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Mar 2022 07:41:50 GMT
server: cloudflare
age: 17
etag: W/"13f6-5d9d858db8475-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6SHPZSw24bQMA0gFF53%2F8LwJIGUI7A9M4j9l4SuhtvXX4SmvY6YpYR0F8c9MA5eEl5Wdso93V6GxEZ9siRn3M0U87iuadcUPoRmrQpRLasyjHWQVfX3zDTKaFajJ0wD11iec72VXQaMZVQiP8P2fvJHCS2%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16000000
cf-ray: 6ee425fd1c8092c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET logo@128.png
ofmjepimahcfbmcdfbmeihkondkfeobh/assets/ 0
0

GET
DATA 200
OK truncated
/ 173 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pica.js
www.download-ready.net/cdn-cgi/challenge-platform/h/b/scripts/ 23 KB
8 KB 27ms
26ms Other
text/javascript 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.download-ready.net/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a0795ff3b0ae8ea279bb9cc8529feaf6eeabe50f0dc73ecda2ecbfdb49a78f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 06:28:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVNby%2B9DVSwtLbCDb38P0zsbjwvXngBWKRR58UdjxypOa5HEC3KODzXk7YFRzUzKUSeR0LktU20DunC0lszE7lbeYqKm4DLK3waYDUYsYWGAE19sBlq%2Fsg8RRbCGlEH64HnmU2ByZdxoPckYkYE82VYhDlke"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6ee425fd5dfb9211-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 6ee425fcdc1892c5 Show response
www.download-ready.net/cdn-cgi/challenge-platform/h/b/cv/result/ 2 B
705 B 34ms
34ms XHR
text/plain 2a06:98c1:3121::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.download-ready.net/cdn-cgi/challenge-platform/h/b/cv/result/6ee425fcdc1892c5
Requested by: Host: www.download-ready.net
URL: https://www.download-ready.net/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647669600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Mar 2022 06:28:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ee4260009189211-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WQFamhAWEMakyEwqC5XEkb%2B0U418sDqW4JT0VHzkbH6tEN3ZfM8V1ZbJHHpAXHPDLBGLwnOG70%2FwHbx%2B17M8IOlZP7%2BNr%2BmPFWFBATMGdLR5xnDDoFRTj4OFdcHSV%2FkoqSsTKIl%2BXhgb74O9a8b8Ogp3MqC"}],"group":"cf-nel","max_age":604800}

GET logo@128.png
ofmjepimahcfbmcdfbmeihkondkfeobh/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ofmjepimahcfbmcdfbmeihkondkfeobh
URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png

Domain: ofmjepimahcfbmcdfbmeihkondkfeobh
URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png

Domain: ofmjepimahcfbmcdfbmeihkondkfeobh
URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png

Domain: ofmjepimahcfbmcdfbmeihkondkfeobh
URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png

Domain: ofmjepimahcfbmcdfbmeihkondkfeobh
URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1getnewonnx1.com/	1970-01-20 10:26:47	Name: bd_context Value: Mb86cQGiDjxqpffUqLAMCmsClM6r5xoiuzBaRjnrEohs5NMVDpB9nMJKwEfTgTOQEL/dUsWIVlpjF/+p0uNDY3FMIxL/y2waU3/JUoepyCuyv+Z6fMGM8XvjK41p4rTpGFe+qV0jXVgFhFzTxkD7AMzwt1KMyn0RnuzUcy727e5mpmZMrQk7DTBt4OZWvIQPStSnyfrnSqW6YYURUFZpUVSGupGrqlRZvYAw5+SmBwoUCNRVY+tw//KyjpopAS8D7tOuf8h6PEv4IbVnVGJyP5kjTIn9ii+va1ceoGzfYPzADUvw46vEkUPkgJBVKSJxIH0CmetwX7YtpktoZOUVk9tz1g==
aditmedia.g2afse.com/	1970-01-20 10:26:47	Name: afclick Value: 6235780e2516de0001440465
aditmedia.g2afse.com/	1970-01-20 10:26:47	Name: afoffers Value: {"17234":1647671310}
kanvo.cogliatu.com/	1970-01-20 01:51:16	Name: AWSALB Value: sXm/bvVpRjcVGQLcB5CVirC8oSE30NdmM1vH+mIuSbzFEAyiNme0Uf76CHqXz6vSmxW2cxEgwE7MdLwCBaTCpzIrH57Rfaunr6+HWpbvGURQ/g0p06C+XCyCAKAO
tracking.prtrackings.com/	1970-01-20 10:26:47	Name: afclick Value: 6235780eb9b33c000116cc5d
tracking.prtrackings.com/	1970-01-20 10:26:47	Name: afoffers Value: {"1947":1647671310}
.download-ready.net/	1970-01-20 01:41:13	Name: __cf_bm Value: AuwynWRQWsO3g7tbchOrLAv._OMyz_ZjPLc2WLOtLg4-1647671311-0-AeMsorw9LIUZ/vzL7T7Rzj8s1BgKmf5tYHNJa7IfwaELkUqZwTk19F6hhQR931vE50g/kPSjyjpzimkoTVxLUs0teibihj4d3m1acknz9QR0uhCMwBw4iVoeyTk/w3pD2g==

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee(Line 166) Message: Access to XMLHttpRequest at 'chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png' from origin 'https://www.download-ready.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee Message: Access to XMLHttpRequest at 'chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png' from origin 'https://www.download-ready.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee Message: Access to XMLHttpRequest at 'chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png' from origin 'https://www.download-ready.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee Message: Access to XMLHttpRequest at 'chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png' from origin 'https://www.download-ready.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.download-ready.net/recommended.html?an=pr&cid=6235780eb9b33c000116cc5d&sid=51_91c35fee Message: Access to XMLHttpRequest at 'chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png' from origin 'https://www.download-ready.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ofmjepimahcfbmcdfbmeihkondkfeobh/assets/logo@128.png Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1getnewonnx1.com
aditmedia.g2afse.com
cdn.addlnk.com
grotmr.info
kanvo.cogliatu.com
ofmjepimahcfbmcdfbmeihkondkfeobh
tracking.prtrackings.com
www.download-ready.net
ofmjepimahcfbmcdfbmeihkondkfeobh
188.72.236.34
213.227.132.155
213.227.134.220
2606:4700:3033::6815:1446
2a06:98c1:3120::7
2a06:98c1:3121::11
54.157.143.12
020853e5b5b184053ea5efd39bbbb8d1bbc6eeb4596d18deec738479c84287b5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
325cd64eeef2b291b4a1c29f34ecaab4d4888098908fcc3dc88991d99bec3ad7
36fcc875e6ab61b9fb06226868ca9519b792e1bd2819dfb31e805b63c665526a
626ac44dd2a530d0ecf512dd792f5dcd2a034569027d3fd68c160984cd6a2795
630ce6473e382f902d131f5ef9ad843593f4579a9f091e20661e7f23be17d41c
74918f6fed0e761f9e4229f3c8daec81f46bc1dea776cd804849a873e7f1ea7e
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
7e9494d0f6037f962179023105e1d3c1c2a337e2d8638bc89be7f9ecdfaf69b4
89a0795ff3b0ae8ea279bb9cc8529feaf6eeabe50f0dc73ecda2ecbfdb49a78f
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

www.download-ready.net Open in urlscan Pro 2a06:98c1:3121::11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

71 %HTTPS

43 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

49 kBTransfer

99 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

7 Cookies

10 Console Messages

Indicators

www.download-ready.net Open in urlscan Pro
2a06:98c1:3121::11 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

71 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

49 kB
Transfer

99 kB
Size

7
Cookies

17 HTTP transactions
1 data transactions