urlscan.io logo urlscan.io
SecurityTrails logo

download-now.org Open in urlscan Pro
2606:4700:3030::6815:4222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/capitalone.com.zip
Effective URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Submission: On July 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 11 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3030::6815:4222, located in United States and belongs to CLOUDFLARENET, US. The main domain is download-now.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 22nd 2021. Valid for: a year.
This is the only time download-now.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 116.206.104.141 394695 (PUBLIC-DO...)
1 2.16.107.121 20940 (AKAMAI-ASN1)
1 208.91.196.4 40034 (CONFLUENC...)
2 103.224.182.251 133618 (TRELLIAN-...)
1 2 103.224.212.247 133618 (TRELLIAN-...)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 1 51.38.254.255 16276 (OVH)
10 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 9
1    116.206.104.141 (Seychelles)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-in-35.webhostbox.net
www.saadhagaparavaigal.com
1    2.16.107.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-121.deploy.static.akamaitechnologies.com
cdn.jsinit.directfwd.com
1    208.91.196.4 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)
freeresultsguide.com
2    103.224.182.251 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-251.above.com
findresults.site
2    103.224.212.247 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-247.above.com
0redirc.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p249699.mybetterdl.com
1    51.38.254.255 (Spain)

ASN16276 (OVH, FR)
PTR: ip255.ip-51-38-254.eu
yslqczldaxcy.unicornpride123.com
10    2606:4700:3030::6815:4222 (United States)

ASN13335 (CLOUDFLARENET, US)
download-now.org
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
10 download-now.org 0redirc.com
download-now.org
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com download-now.org
2 0redirc.com 1 redirects findresults.site
2 findresults.site www.saadhagaparavaigal.com
findresults.site
1 yslqczldaxcy.unicornpride123.com 1 redirects
1 p249699.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
1 freeresultsguide.com cdn.jsinit.directfwd.com
1 cdn.jsinit.directfwd.com www.saadhagaparavaigal.com
1 www.saadhagaparavaigal.com
0 ckkjmlodapiblpkhgkhlehfdmconemfe Failed download-now.org
26 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-22 -
2022-06-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Frame ID: 8384E010B065FB46986DCA9F0ABAE64B
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/capitalone.com.zip Page URL
  2. http://findresults.site/?rpid=9PO5645V6 Page URL
  3. http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%... HTTP 302
    http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%... Page URL
  4. https://mybetterdl.com/aS/sfclick?u=a0e7e2f5-013c-4a30-90e7-89869d3df020 HTTP 302
    https://p249699.mybetterdl.com/adServe/domainClick?ai=fYa9dieACW0dQtTPcr3350gVC1O3-bnb7_IelWe6lN0ZO2nesGcmi... HTTP 302
    https://yslqczldaxcy.unicornpride123.com/l.php?p=c:ugnhcfxgtvkugt&d=60c9dfb4ff0d573e2312359e&s=434964780&b=@@CREATIVE... HTTP 302
    https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

26
Requests

54 %
HTTPS

30 %
IPv6

11
Domains

12
Subdomains

9
IPs

6
Countries

105 kB
Transfer

144 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/capitalone.com.zip Page URL
  2. http://findresults.site/?rpid=9PO5645V6 Page URL
  3. http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f HTTP 302
    http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&ckReS=1625257002.1881592 Page URL
  4. https://mybetterdl.com/aS/sfclick?u=a0e7e2f5-013c-4a30-90e7-89869d3df020 HTTP 302
    https://p249699.mybetterdl.com/adServe/domainClick?ai=fYa9dieACW0dQtTPcr3350gVC1O3-bnb7_IelWe6lN0ZO2nesGcmidiCi2zntGmB7MPYArjGx3rCgSShOmxmLGXlioRif7KEnpVNaTrCa-jSPHmbpZ6ZesRjSmmVzlfqr6r1g3MD9FlVXikWi85y7faav-Zkw2CH4LaOsP4sCN9pBywaVtGFoc-2I7eBIqmBkulPixzU1IAKXz7vUl-LhQrtJvpQj25ftvcgAHqq7IEPdhGn3_C1PnzMxTSW33E-llpg4FhZfxTN71ArBr0VGkyjFk6vZAEtsbSNFrqENK7r2iPLc49PEcrbabRiKuIrBCYZTkmtq6G-gEB7vmGY6m_yptHFu45v-Iy3H1kdGeiYJ6TuXk5DWd347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCZEWaA5Ezek0Lg4vWacia8T9PVemRXHa6nHN_l2WpCnzhCcIiriXVPlnBy1AN6m2jMRwf_khkulFzb8xqxPI4f4&ui=JeDvPDaZQnclhU85fCeDrPbWwvziNp_1xLgNeF8Zj-jia60buq2FRkbtZdTi4-jfWxTLwEnrwpIy8yqflHihG8xV0x9JBz7e-M9DcYpngjcWz1MmCLDRng&si=1&oref=b5f218eb4b92fd271baa91fd7627715f&optunit=qIxiPfHd2N7F7vfoDqSeamWSQsQHXjql&rb=rT7dKGQjiqc&rr=1&abtg=0 HTTP 302
    https://yslqczldaxcy.unicornpride123.com/l.php?p=c:ugnhcfxgtvkugt&d=60c9dfb4ff0d573e2312359e&s=434964780&b=@@CREATIVE-ID@@&bid=0.008&pid=86373833873&cmp=60c9dfb4ff0d573e2312359e&keyword=india+result+KW+exam+find+results+of+chkdsk+requirements+Jobs+Education+findresults.site+sat+score+standardized+testing+test+score+KW+exam+find+results+of+chkdsk+requirements+Jobs+Education+sat+score+standardized+testing+test+score HTTP 302
    https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f HTTP 302
  • http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&ckReS=1625257002.1881592

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
capitalone.com.zip
www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/ 		583 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/capitalone.com.zip
Protocol
HTTP/1.1
Server
116.206.104.141 , Seychelles, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
bh-in-35.webhostbox.net
Software
Apache /
Resource Hash
50e0767f2731da7ddb56d719dc85a7f830c4a860d8f09d0f25401d3dc7097d7d

Request headers

Host
www.saadhagaparavaigal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 20:16:40 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Tue, 09 Mar 2021 05:25:46 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
355
Keep-Alive
timeout=5, max=75
Content-Type
text/html
sk-jspark_init.php
cdn.jsinit.directfwd.com/ 		2 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.jsinit.directfwd.com/sk-jspark_init.php
Requested by
Host: www.saadhagaparavaigal.com
URL: http://www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/capitalone.com.zip
Protocol
HTTP/1.1
Server
2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-121.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0fc455d7d663bb4f301d853723776bd51d544abca607c33842d4d539f7b7a2f8

Request headers

Referer
http://www.saadhagaparavaigal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 20:16:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
604
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
sk-jspark.php
freeresultsguide.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://freeresultsguide.com/sk-jspark.php?dn=www.saadhagaparavaigal.com&pid=9PO5645V6&kwrf=http%3A%2F%2Fwww.saadhagaparavaigal.com%2Fproimage%2Fcontractdoc%2FCdoc%2Finvoice.php%2Fcapitalone.com.zip&reqref=
Requested by
Host: cdn.jsinit.directfwd.com
URL: http://cdn.jsinit.directfwd.com/sk-jspark_init.php
Protocol
HTTP/1.1
Server
208.91.196.4 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://www.saadhagaparavaigal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Jul 2021 20:16:41 GMT
Server
Apache
Content-Type
text/javascript;charset=UTF-8
Cache-Control
private, no-cache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=126
Content-Length
1914
Expires
Mon, 22 Jul 2002 11:12:01 GMT
Cookie set /
findresults.site/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://findresults.site/?rpid=9PO5645V6
Requested by
Host: www.saadhagaparavaigal.com
URL: http://www.saadhagaparavaigal.com/proimage/contractdoc/Cdoc/invoice.php/capitalone.com.zip
Protocol
HTTP/1.1
Server
103.224.182.251 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-251.above.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
4eabbb86ce163c5cf22652fd23959eb07327dc2464301c4877cb08bea2fffb96

Request headers

Host
findresults.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.saadhagaparavaigal.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.saadhagaparavaigal.com/

Response headers

Date
Fri, 02 Jul 2021 20:16:41 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
__tad=1625257001.3013517; expires=Mon, 30-Jun-2031 20:16:41 GMT; Max-Age=315360000
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1536
Connection
close
Content-Type
text/html; charset=UTF-8
swfobject.js
findresults.site/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://findresults.site/js/swfobject.js
Requested by
Host: findresults.site
URL: http://findresults.site/?rpid=9PO5645V6
Protocol
HTTP/1.1
Server
103.224.182.251 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-251.above.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
findresults.site
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://findresults.site/?rpid=9PO5645V6
Cookie
__tad=1625257001.3013517
Connection
keep-alive
Cache-Control
no-cache
Referer
http://findresults.site/?rpid=9PO5645V6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 20:16:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Nov 2019 00:58:34 GMT
Server
Apache/2.4.25 (Debian)
ETag
"27ef-598497efe82ed-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jr.php
0redirc.com/
Redirect Chain
  • http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLn...
  • http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLn...
372 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&ckReS=1625257002.1881592
Requested by
Host: findresults.site
URL: http://findresults.site/?rpid=9PO5645V6
Protocol
HTTP/1.1
Server
103.224.212.247 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-212-247.above.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
42c574cf2381d8bf135fcc3759abd55a8749970492caf322550e73073c1cafad

Request headers

Host
0redirc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://findresults.site/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__tad=1625257002.1881592
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://findresults.site/?rpid=9PO5645V6

Response headers

Date
Fri, 02 Jul 2021 20:16:43 GMT
Server
Apache/2.4.25 (Debian)
X-JR-Code
s
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
239
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 02 Jul 2021 20:16:42 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
__tad=1625257002.1881592; expires=Mon, 30-Jun-2031 20:16:42 GMT; Max-Age=315360000
Location
jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&ckReS=1625257002.1881592
X-JR-Code
cr
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request google.html
download-now.org/
Redirect Chain
  • https://mybetterdl.com/aS/sfclick?u=a0e7e2f5-013c-4a30-90e7-89869d3df020
  • https://p249699.mybetterdl.com/adServe/domainClick?ai=fYa9dieACW0dQtTPcr3350gVC1O3-bnb7_IelWe6lN0ZO2nesGcmidiCi2zntGmB7MPYArjGx3rCgSShOmxmLGXlioRif7KEnpVNaTrCa-jSPHmbpZ6ZesRjSmmVzlfqr6r1g3MD9FlVXik...
  • https://yslqczldaxcy.unicornpride123.com/l.php?p=c:ugnhcfxgtvkugt&d=60c9dfb4ff0d573e2312359e&s=434964780&b=@@CREATIVE-ID@@&bid=0.008&pid=86373833873&cmp=60c9dfb4ff0d573e2312359e&keyword=india+resul...
  • https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Requested by
Host: 0redirc.com
URL: http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&ckReS=1625257002.1881592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0b941211ca27b0a584d6e6c7f8018b2142e442ac66fc3c5dc362fe34cbeae6
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:method
GET
:authority
download-now.org
:scheme
https
:path
/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://0redirc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://0redirc.com/jr.php?gz=qOXuB%2BQzVUvDGYxoqvRok5rU0P99llSvy5nCtbWN23DAHMJBkXC5FhjEwW9tBko%2BP60ItPK%2FlkRYP41lBDbd8H5LRx8InzYd8voODgE%2F8hcFpEB9KltskZAJfNWHJWfFJpwQh8Yg9llinRpm8qx0XENlIw5rsRLnk4uwlT15cPHX0OBpJkjPlwVAGnLdg2mdmS%2BlhUYh%2BUdRQBZA20DDAspi4AeQ0blAXdlSJnmMlTy0KIEEG7tWJwSCijOwi7sZQPbIc1eRodT7xqZPTbx43D%2Fn%2B3cBIK%2Fgww2GiX2kmuOpg%2Bfp9R0Kq9K9RE0MVdT51XJs%2BCHbsvShqmjwVHaO8fjCpzeA7jL6EzNAlfPzdLiPzXeZlYOsXDaEfbsQ6fahCEk%2BT52u0nuaGsqRm%2FdcOpweVNpoQx2uyZz2%2FeahBgbMlK0gemACSJ8b0c%2BsChdifE5cMY7UynVyP%2BseI4KQLTGn5U%2BYY1W0fHukmvYb31cFst%2BPUoF%2BFhf4dywamxycKKQjXdK1CNVrmwQQTWvkT8nlikGGkk7Vlr4QA4j2MVpT9LuQWhiU%2BAvoi8z9jAuW08W1g3KRI6rfXTFr8KNUu9inqIygsnYIiybvhm9PIDFGocbETVAhhkOcezEoj5KtdjV5XAfLwjMB%2FexpjoQbUo7ngS4G5lrCMnV1hIDCWDqGxk583yaGei%2BfpgT6QFsQEopmtHX9EoJqsk5uXFJn7GQF5x1nntaDqtaq%2FBpYtdObVePCn6cmr4mxxOW0KeBPWog3zc5eFLMOvSY5owaYj%2BwPYa6PVYWKFZ%2B7a0kwSBc%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&ckReS=1625257002.1881592

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
content-type
text/html
strict-transport-security
max-age=16000000
last-modified
Wed, 23 Jun 2021 09:08:12 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ffCNou6l8l1YMljaHgxKI60nGBWvHvTv6IUtw0xgvb0FpwwLmGd%2BbrEvhFkp%2FeQFVDH0S4AL0oshq3mdoa1ktxDur2ffFTK0yNKsfXdPBpi91lUn5GvDXG9vyZvpJvNbahRoIPozaUsg6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
668a8db27df52b71-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server
nginx
Date
Fri, 02 Jul 2021 20:16:43 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
11qjavnkyb
Raund
c7
Location
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
google.css
download-now.org/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-now.org/css/google.css
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1a7649aff16708ed07194240ecb50abf4a0adba93805438ed32879639c13aa
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/css/google.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
893
cf-polished
origSize=4307
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 23 Jun 2021 09:08:31 GMT
server
cloudflare
etag
W/"10d3-5c56b4025238e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rGCHwTS6zOpWr8niw0hzc6PWxJ6DIA23fYQgWdzz7ocnR%2FSQhpOQHOgG5npnKH%2FkXQ9bXO4dVAZRwGgMIRMd4C8Gn%2B%2FjOSOZaHf3wAjb4vkkZB6bSmcnoG5Nn1JWux%2FVG0DwyyfHNOlw4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=172800
cf-ray
668a8db51b9b4a56-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		7 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16c45b725f4501b58513b0b3681ac4f10dec56498c1a7f37ac7a1dee3cd092ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://download-now.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 19:28:23 GMT
server
ESF
date
Fri, 02 Jul 2021 20:16:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jul 2021 20:16:44 GMT
css
fonts.googleapis.com/ 		1 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&display=swap
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://download-now.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 19:12:10 GMT
server
ESF
date
Fri, 02 Jul 2021 20:16:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jul 2021 20:16:44 GMT
api.js
download-now.org/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download-now.org/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CUHbZKOcnQgQM2mr5pCGmnszY3km7jO7Tqs7iAACPTkgrUhtD9tu7lT9uowU7zWd9wgu9zGg7U2toQlbtS878p38C%2FL%2B2S0iUnyQMKHgnNEsu5jFJxkZpzmkm7aPik9nx181dK4Eow%2BD0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
668a8db51b994a56-FRA
cf-request-id
0b0a76e53100004a561f1c8000000001
close.png
download-now.org/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-now.org/img/close.png
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59bf8a3c6eebb0f8f660d8a83f2f86d919761412875bad6f1050904f97f269a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/img/close.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=16000000
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56
date
Fri, 02 Jul 2021 20:16:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-language,accept-charset, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YHrFBXlDBySl7pcphBSKK%2B9niDAw%2BYDTBvvQj00HfxevnjwlkV3azVlhMPucxSZt1OUvzf1NWmKuKW9Gun9k7VqvZ5IyTxu7lEuIIpNSv6vS7oEWWJEaKI4JrVpv7acBSIdTtzEAju1%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
content-type
text/html; charset=utf-8
cache-control
max-age=172800
cf-ray
668a8db51b984a56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mustache.png
download-now.org/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-now.org/img/mustache.png
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5a7ff04e3ff17c76ec198276737b974ebbcdc100ac75a9d6317a8efaff239b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/img/mustache.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Jun 2021 09:08:27 GMT
server
cloudflare
age
893
etag
W/"6ea-5c56b3fddaaae-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vda4nv67%2B9nvOQomZVheXMxuKgByYCr2cXic%2BFCkyO1srOBG8DvgitFz9c0%2FfuHNi0%2FT4YBlIwcbp06J8Q063zMS3sOsLbOqZGju%2BWYQZeXmCAccUXSnA7y%2FJSzWNuy6%2Bq4mInrcjK7l6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000
cf-ray
668a8db51b924a56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
tv.png
download-now.org/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-now.org/img/tv.png
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b04247847ccc662b8da5d619dec3fa4edbb7b1ba400d460fbcb6a3b8fe92c4
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/img/tv.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Jun 2021 09:08:20 GMT
server
cloudflare
age
1002
etag
W/"5af-5c56b3f7bc42e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lZTqmfWwjVC%2ByORg%2BFuJp9KC7guZvE9AJIlPjiNYGVzWmLpXlTxurPDpxTVaVcIdZGt89vFQljafzNXRbEvVRpwquS9DSUGO8PwHYvJrs6WTF5UjR7CZlXtxiggTToFC26caODvt8BNyIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000
cf-ray
668a8db51b934a56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
weigh.png
download-now.org/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-now.org/img/weigh.png
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33551f03fef7d0e7c544b7cb774d11e6115efdba1336625853e7142a572378d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/img/weigh.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Jun 2021 09:08:28 GMT
server
cloudflare
age
997
etag
W/"7ad-5c56b3fedd74e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RavlsHW9wMRJ2x6E6R%2BSdRU38gUuhngp8rEMM7mdDu6Ew8nNHFyICknymyYas40bnFA40ANXy3LkofFZCvjOnCCun1aaYKwyPSISmwwNj24s2EgH6h%2FUoB%2FiHYfEXwK4YlZm9LvSVxUX9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000
cf-ray
668a8db51b8d4a56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ChromeWebStore_Badge_v2_206x58.png
download-now.org/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-now.org/img/ChromeWebStore_Badge_v2_206x58.png
Requested by
Host: download-now.org
URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/img/ChromeWebStore_Badge_v2_206x58.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Jun 2021 09:08:26 GMT
server
cloudflare
age
2445
etag
W/"d6b-5c56b3fcdbc8e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=35MhTUq4iwEunD7dYtzELBdeJCn0LqudnT9pchbi4UKAsjlD%2FKfClTxq9fT1q8RkBrFBG%2BRh2nQv29uZNXY8lPCg6bSqRYW%2BIBv021A3bor9h2p8CpPHCla9rnBrCXsumEzHuyyImBawyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000
cf-ray
668a8db51b954a56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 		0
0
google-bg.jpg
download-now.org/img/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-now.org/img/google-bg.jpg
Requested by
Host: download-now.org
URL: https://download-now.org/css/google.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d2a5630bbedc6f9a51a090c000d52016d0e55b276da035e1e724f7004a755b4
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

:path
/img/google-bg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
download-now.org
referer
https://download-now.org/css/google.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://download-now.org/css/google.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Jun 2021 09:08:24 GMT
server
cloudflare
age
997
etag
W/"998d-5c56b3fb7d32e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w8gZ1mFfG4hdz7wJERA0P33XJ9laV6g7omfKa3SRzt0iO29sTDiX518hlI2XwYXurXrK7Y921CIfmqFlqXP03ciNttXqx7nVGXsMsd5qUQhLXbTypLylIBeZxV8S7bWSVDBPwE8jw3XRpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=172800
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000
cf-ray
668a8db54c014a56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://download-now.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:31:16 GMT
x-content-type-options
nosniff
age
272728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 16:31:16 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://download-now.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options
nosniff
age
198429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 13:09:35 GMT
result
download-now.org/cdn-cgi/bm/cv/ 		0
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://download-now.org/cdn-cgi/bm/cv/result?req_id=668a8db27df52b71
Requested by
Host: download-now.org
URL: https://download-now.org/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://download-now.org
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
content-length
488
:path
/cdn-cgi/bm/cv/result?req_id=668a8db27df52b71
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
download-now.org
referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Jul 2021 20:16:44 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TX6sscOJEycdVyaXltehNMUjNonC7r%2Fj0ePGnWP5i8j%2Bka7sw2%2Fm9XWXDE3igXKG51VshAWgCh%2Fx%2FY52uTvB48lx2YyugqwpjeAzHoLLjnRQI%2BEsWUCo8EWZSv8EZXjjmNd3l1UMyyCkxw%3D%3D"}],"group":"cf-nel","max_age":604800}
set-cookie
__cf_bm=afd905ed2bb31e3d6700d0ba93977fb38af9e43c-1625257004-1800-AX28b2t4A1YJdHBKBoQT3n10fbgpxc+v2/7OPSXtlts3l1DrqvIIDvd7o2FM+8yrJpKEuJ9ePsNzMmkbVcMcZSxdHs92LBku0DWn6km/iOSr2I6/7pyjqEHJAHDvvNbwv7Odq6Xev+RziAySorDKNk4=; path=/; expires=Fri, 02-Jul-21 20:46:44 GMT; domain=.download-now.org; HttpOnly; Secure; SameSite=None
cf-ray
668a8db5ed6c4a56-FRA
cf-request-id
0b0a76e5b200004a56c1818000000001
128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 		0
0
128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 		0
0
128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 		0
0
128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 		0
0
128.png
ckkjmlodapiblpkhgkhlehfdmconemfe/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ckkjmlodapiblpkhgkhlehfdmconemfe
URL
chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png
Domain
ckkjmlodapiblpkhgkhlehfdmconemfe
URL
chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png
Domain
ckkjmlodapiblpkhgkhlehfdmconemfe
URL
chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png
Domain
ckkjmlodapiblpkhgkhlehfdmconemfe
URL
chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png
Domain
ckkjmlodapiblpkhgkhlehfdmconemfe
URL
chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png
Domain
ckkjmlodapiblpkhgkhlehfdmconemfe
URL
chrome-extension://ckkjmlodapiblpkhgkhlehfdmconemfe/128.png

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| chromeinitcontrol function| popupchrome string| an string| cid string| sid string| storeurl string| iconcheck number| checker object| main string| navlangue string| browser object| __CF$cv$params object| a0_0x433e function| a0_0x3d7e

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780(Line 54)
Message:
Chrome Extension Not installed
console-api log URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780(Line 54)
Message:
Chrome Extension Not installed
console-api log URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780(Line 54)
Message:
Chrome Extension Not installed
console-api log URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780(Line 54)
Message:
Chrome Extension Not installed
console-api log URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780(Line 54)
Message:
Chrome Extension Not installed
console-api log URL: https://download-now.org/google.html?an=un&cid=60df742b143c0d78027a43a2&sid=434964780(Line 54)
Message:
Chrome Extension Not installed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0redirc.com
cdn.jsinit.directfwd.com
ckkjmlodapiblpkhgkhlehfdmconemfe
download-now.org
findresults.site
fonts.googleapis.com
fonts.gstatic.com
freeresultsguide.com
mybetterdl.com
p249699.mybetterdl.com
www.saadhagaparavaigal.com
yslqczldaxcy.unicornpride123.com
ckkjmlodapiblpkhgkhlehfdmconemfe
103.224.182.251
103.224.212.247
116.206.104.141
173.192.101.24
2.16.107.121
208.91.196.4
2606:4700:3030::6815:4222
2a00:1450:4001:802::200a
2a00:1450:4001:827::2003
51.38.254.255
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0fc455d7d663bb4f301d853723776bd51d544abca607c33842d4d539f7b7a2f8
16c45b725f4501b58513b0b3681ac4f10dec56498c1a7f37ac7a1dee3cd092ba
1b1a7649aff16708ed07194240ecb50abf4a0adba93805438ed32879639c13aa
1d2a5630bbedc6f9a51a090c000d52016d0e55b276da035e1e724f7004a755b4
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
42c574cf2381d8bf135fcc3759abd55a8749970492caf322550e73073c1cafad
4eabbb86ce163c5cf22652fd23959eb07327dc2464301c4877cb08bea2fffb96
50e0767f2731da7ddb56d719dc85a7f830c4a860d8f09d0f25401d3dc7097d7d
56b04247847ccc662b8da5d619dec3fa4edbb7b1ba400d460fbcb6a3b8fe92c4
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
c59bf8a3c6eebb0f8f660d8a83f2f86d919761412875bad6f1050904f97f269a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0b941211ca27b0a584d6e6c7f8018b2142e442ac66fc3c5dc362fe34cbeae6
f33551f03fef7d0e7c544b7cb774d11e6115efdba1336625853e7142a572378d
fc5a7ff04e3ff17c76ec198276737b974ebbcdc100ac75a9d6317a8efaff239b