urlscan.io logo urlscan.io
SecurityTrails logo

nodkw.baseresults.com Open in urlscan Pro
34.98.97.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRm...
Effective URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Submission: On December 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 35 HTTP transactions. The main IP is 34.98.97.120, located in United States and belongs to GOOGLE - Google LLC, US. The main domain is nodkw.baseresults.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 15th 2019. Valid for: 3 months.
This is the only time nodkw.baseresults.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 151.101.2.217 54113 (FASTLY)
1 11 34.98.97.120 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
35 8
10    2606:4700:30::6812:28cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
safely.pdf-convert.online
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
2    151.101.2.217 (United States)

ASN54113 (FASTLY - Fastly, US)
browser.sentry-cdn.com
11    34.98.97.120 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 120.97.98.34.bc.googleusercontent.com
gate.baseresults.com
nodkw.baseresults.com
1    2606:4700:30::681f:5cf0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.cherami-cloud.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
10 nodkw.baseresults.com safely.pdf-convert.online
nodkw.baseresults.com
browser.sentry-cdn.com
10 safely.pdf-convert.online 1 redirects safely.pdf-convert.online
code.jquery.com
3 www.google-analytics.com www.googletagmanager.com
2 browser.sentry-cdn.com safely.pdf-convert.online
nodkw.baseresults.com
1 www.googletagmanager.com nodkw.baseresults.com
1 www.cherami-cloud.com
1 gate.baseresults.com 1 redirects
1 code.jquery.com safely.pdf-convert.online
0 music.globalappz.live Failed safely.pdf-convert.online
35 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-05-05 -
2020-05-05		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
v2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-09-11 -
2020-02-26		 6 months crt.sh
*.baseresults.com
Let's Encrypt Authority X3		 2019-10-15 -
2020-01-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Frame ID: 5E91BE23B911532D0E7F7573D855B92C
Requests: 34 HTTP requests in this frame

Frame: https://music.globalappz.live/wim/static/wi/install.php?cid=_fid6_lp7.3_wit1575467067&yid=c8ds&clickid=null&vert=music&days=180&extid=jgofjiialcpbongknpjkllipmecbkcic&npage=skip&bnp=1&icon=icons&res=1200x1600&step=0&extType=ds
Frame ID: DA70B5770F7EE7CCBBF5A2FA6BBB5768
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQ... Page URL
  2. https://safely.pdf-convert.online/wim/wi/incog-rdr.php?browserName=Chrome&dkw=null&clickid=null&vertical=music... HTTP 302
    https://gate.baseresults.com/gate/index.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsa... HTTP 302
    https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

35
Requests

77 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

424 kB
Transfer

731 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D Page URL
  2. https://safely.pdf-convert.online/wim/wi/incog-rdr.php?browserName=Chrome&dkw=null&clickid=null&vertical=music&dp=%3Ftp%253Diw%26v%253D34.2%26gnum%253D15%26cid%253D8500%26gclid%253DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE%26clickid%253D77224123032%26cachecode%253DmKFHbI1JHKVNc%2BRSjJWqbA%253D%253D HTTP 302
    https://gate.baseresults.com/gate/index.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D HTTP 302
    https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
main.html
safely.pdf-convert.online/wim/static/wi/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80359910cbda13e256fa6d08250a906494b273fff2b52cea9554fbbdec8c3b54

Request headers

:method
GET
:authority
safely.pdf-convert.online
:scheme
https
:path
/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 04 Dec 2019 13:44:27 GMT
content-type
text/html
set-cookie
__cfduid=da7a3915a0b5e6c4e68770926823ff4101575467067; expires=Fri, 03-Jan-20 13:44:27 GMT; path=/; domain=.pdf-convert.online; HttpOnly
last-modified
Mon, 02 Dec 2019 13:19:39 GMT
vary
Accept-Encoding
expires
Wed, 04 Dec 2019 14:44:27 GMT
cache-control
max-age=3600
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53fe37114825cb9c-VIE
content-encoding
br
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: safely.pdf-convert.online
URL: https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 13:44:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1575467067.dop016.fr8.shc,1575467067.dop016.fr8.t,1575467067.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
bundle.min.js
browser.sentry-cdn.com/4.3.2/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/4.3.2/bundle.min.js
Requested by
Host: safely.pdf-convert.online
URL: https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
Origin
https://safely.pdf-convert.online

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
content-encoding
gzip
last-modified
Fri, 16 Nov 2018 15:29:19 GMT
server
Fastly
age
1136618
etag
"822e7271fe55bfac69f10bbd728a60c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
access-control-allow-origin
*
content-length
21433
expires
Fri, 20 Nov 2020 10:00:49 GMT
bundle.js
safely.pdf-convert.online/wim/static/dist/ 		114 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/dist/bundle.js
Requested by
Host: safely.pdf-convert.online
URL: https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72e66bb6c2e90c1b0a5e5e506dd8bd75a63dbd326c8e043a497eb5c0a16ae42

Request headers

Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
HIT
age
388
status
200
content-encoding
br
last-modified
Tue, 03 Dec 2019 16:28:08 GMT
server
cloudflare
etag
W/"5de68d18-1c94d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
53fe3711996acb9c-VIE
expires
Wed, 04 Dec 2019 14:37:59 GMT
index.html
safely.pdf-convert.online/wim/static/lps/music/7.3/ 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/lps/music/7.3/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
53fe3711ea43cb9c-VIE
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 02 Dec 2019 13:19:38 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Wed, 04 Dec 2019 14:44:27 GMT
Primary Request index.html
nodkw.baseresults.com/static/lp/1/
Redirect Chain
  • https://safely.pdf-convert.online/wim/wi/incog-rdr.php?browserName=Chrome&dkw=null&clickid=null&vertical=music&dp=%3Ftp%253Diw%26v%253D34.2%26gnum%253D15%26cid%253D8500%26gclid%253DEAIaIQobChMIsaLW...
  • https://gate.baseresults.com/gate/index.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RS...
  • https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Requested by
Host: safely.pdf-convert.online
URL: https://safely.pdf-convert.online/wim/static/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3d6ba80b2afad9e3807e4fd02fefa431e5542b9ce7aab41f5bac6158a0fb2967

Request headers

:method
GET
:authority
nodkw.baseresults.com
:scheme
https
:path
/static/lp/1/index.html?clickid=0000&q=null
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
accept-encoding
gzip, deflate, br
cookie
hsp_0=X8a3WMEj2XDLR5gdPUoh9P%2Fa%2F4sgNo2lOVa97QnF%2BZUL6D68GZqbNXul7YAEoh92OufZIS6amV%2FJV8kmo7vqFwOSKc4RvhMXTQEs%2F4cV9L5JL5Ssn0PeR4mM4EFE7spP4fQoF6F0FHH1bu4MJSPRhOn1Xh892L1fTqfzZrX8ZYwZIGx1TOpWJMEXFILDzx9rV0Q76eeP%2Bz9CL6ymMVaaK97xQWOsq5y8meIUiAkx71gV4Zd%2BgOos1XWGliDS6WB5y2aLZc%2FWDJ5U2F%2BePyfCpVDrRwzjv0EYae1%2B0UFstjw0%2BbTrFxmXv8PQsJfAxwqV%2FxFx5JMCSfa0D%2Fpit%2BZWfHFjkPSO7VvRbaCNqVYHKVMjqudREY2KdUTZEMuHAYDSobiFBnteT%2BbfgFDwR4kJ7AhF6F1n1Qv123v5F%2Bdi3tw5pwRNF7ADYuDWg6g7%2FBU8k7thFCfdSl2stf7ZLiZtJQgMcvjhoRPObznIuZghuGUGzlg1Vvzsbhqxfp%2BqL8zZB2x072a08YLsssMveukTTqsPMms2J6iLXdiIUYM8XVnhs8Prjg%2FAjopYTFgAPY07uMaBHKPa1DBkPR7%2BGz4yxA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D

Response headers

status
200
x-powered-by
Express
accept-ranges
bytes
cache-control
public, max-age=0
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
etag
W/"354d-16bae1d5f68"
content-type
text/html; charset=UTF-8
content-length
13645
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
alt-svc
clear

Redirect headers

status
302
x-powered-by
Express
set-cookie
hsp_0=X8a3WMEj2XDLR5gdPUoh9P%2Fa%2F4sgNo2lOVa97QnF%2BZUL6D68GZqbNXul7YAEoh92OufZIS6amV%2FJV8kmo7vqFwOSKc4RvhMXTQEs%2F4cV9L5JL5Ssn0PeR4mM4EFE7spP4fQoF6F0FHH1bu4MJSPRhOn1Xh892L1fTqfzZrX8ZYwZIGx1TOpWJMEXFILDzx9rV0Q76eeP%2Bz9CL6ymMVaaK97xQWOsq5y8meIUiAkx71gV4Zd%2BgOos1XWGliDS6WB5y2aLZc%2FWDJ5U2F%2BePyfCpVDrRwzjv0EYae1%2B0UFstjw0%2BbTrFxmXv8PQsJfAxwqV%2FxFx5JMCSfa0D%2Fpit%2BZWfHFjkPSO7VvRbaCNqVYHKVMjqudREY2KdUTZEMuHAYDSobiFBnteT%2BbfgFDwR4kJ7AhF6F1n1Qv123v5F%2Bdi3tw5pwRNF7ADYuDWg6g7%2FBU8k7thFCfdSl2stf7ZLiZtJQgMcvjhoRPObznIuZghuGUGzlg1Vvzsbhqxfp%2BqL8zZB2x072a08YLsssMveukTTqsPMms2J6iLXdiIUYM8XVnhs8Prjg%2FAjopYTFgAPY07uMaBHKPa1DBkPR7%2BGz4yxA%3D%3D; Domain=.baseresults.com; Path=/; HttpOnly
location
https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
vary
Accept
content-type
text/html; charset=utf-8
content-length
196
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
alt-svc
clear
wa
www.cherami-cloud.com/report/ 		2 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cherami-cloud.com/report/wa?ctag=_fid6_lp7.3_wit1575467067&clickid=&yid=c8ds&vertical=music&step=0&res=1600X1200&lang=en&extType=ds&action=inc&inc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5cf0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
*
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
cf-ray
53fe37124b08cbac-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length
2
style.css
safely.pdf-convert.online/wim/static/lps/music/7.3/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/lps/music/7.3/css/style.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 02 Dec 2019 13:19:38 GMT
server
cloudflare
access-control-allow-origin
*
etag
W/"5de50f6a-d76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
content-encoding
br
cache-control
max-age=14400
cf-ray
53fe37123b30cb9c-VIE
expires
Wed, 04 Dec 2019 14:44:27 GMT
register.js
safely.pdf-convert.online/wim/static/wi/ 		404 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/wi/register.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
HIT
age
386
status
200
content-encoding
br
last-modified
Mon, 02 Dec 2019 13:19:39 GMT
server
cloudflare
etag
W/"5de50f6b-194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
53fe37123b32cb9c-VIE
expires
Wed, 04 Dec 2019 14:38:01 GMT
ar2.png
safely.pdf-convert.online/wim/static/lps/music/7.3/images/ 		0
0
download-icon.png
safely.pdf-convert.online/wim/static/lps/music/7.3/images/ 		0
0
Chrome_badge.png
safely.pdf-convert.online/wim/static/lps/music/7.3/images/ 		0
0
index.html
safely.pdf-convert.online/wim/static/components/retry/3/ 		122 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/components/retry/3/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
53fe37125b83cb9c-VIE
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 02 Dec 2019 13:19:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Wed, 04 Dec 2019 14:44:27 GMT
index.html
safely.pdf-convert.online/wim/static/components/stepsspinner/1/ 		2 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/components/stepsspinner/1/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
53fe37125b85cb9c-VIE
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 02 Dec 2019 13:19:38 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Wed, 04 Dec 2019 14:44:27 GMT
index.html
safely.pdf-convert.online/wim/static/components/ty/4/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/components/ty/4/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
53fe37125b88cb9c-VIE
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 02 Dec 2019 13:19:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Wed, 04 Dec 2019 14:44:27 GMT
index.html
safely.pdf-convert.online/wim/static/components/info/2/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://safely.pdf-convert.online/wim/static/components/info/2/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:28cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://safely.pdf-convert.online/wim/static/wi/main.html?tp%3Diw&v%3D34.2&gnum%3D15&cid%3D8500&gclid%3DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE&clickid%3D77224123032&cachecode%3DmKFHbI1JHKVNc+RSjJWqbA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
53fe37125b8acb9c-VIE
date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
last-modified
Mon, 02 Dec 2019 13:19:38 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Wed, 04 Dec 2019 14:44:27 GMT
flow.js
safely.pdf-convert.online/wim/static/components/flows/5.2.1/ 		0
0
install.php
music.globalappz.live/wim/static/wi/ Frame DA70 		0
0
wa
www.cherami-cloud.com/report/ 		0
0
slickModal.min.css
safely.pdf-convert.online/wim/static/assets/slick-modal/ 		0
0
slickModal.min.js
safely.pdf-convert.online/wim/static/assets/slick-modal/ 		0
0
bootstrap.min.css
nodkw.baseresults.com/static/lp/1/bootstrap/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/bootstrap/css/bootstrap.min.css
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"1d970-16bae1d5f68"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
121200
bootstrap-theme.min.css
nodkw.baseresults.com/static/lp/1/bootstrap/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/bootstrap/css/bootstrap-theme.min.css
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Request headers

Referer
https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"5b71-16bae1d5f68"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
23409
main.css
nodkw.baseresults.com/static/lp/1/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/css/main.css
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
93dcca5c75fe3e39641e2c76ccd5dd577a0d1356e69dee810dbb4bd247f105c4

Request headers

Referer
https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"10bc-16bae1d5f68"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
4284
main.css
nodkw.baseresults.com/static/lp/components/loadings/1/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/components/loadings/1/css/main.css
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5634c22b2498f39b13d05dae7bfb663943571ac1822a185e955bbc3a3e196656

Request headers

Referer
https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"786-16bae1d5f68"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
1926
ar.css
nodkw.baseresults.com/static/lp/1/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/css/ar.css
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
315543a77010b766a0fd87caa5b8aa03bb274afe3a1995c67024cc42435efebb

Request headers

Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"1193-16bae1d5f68"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
4499
bundle.min.js
browser.sentry-cdn.com/5.4.3/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Fastly /
Resource Hash
0b1bf0ba071662ebd49cde2146940aaf3e1ddd6eed66889a88e6c3cf14880cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nodkw.baseresults.com/
Origin
https://nodkw.baseresults.com

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 13:28:31 GMT
server
Fastly
age
1136620
etag
"658e7d6e9cc33e3c79aa42a86a2d16ad"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
access-control-allow-origin
*
content-length
16214
expires
Fri, 20 Nov 2020 10:00:48 GMT
jquery.min.js
nodkw.baseresults.com/static/lp/1/jquery/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/jquery/js/jquery.min.js
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
cd84df48595080acd304cca7309c2c94a15433829039ae6a75b5381ba46bb9bc

Request headers

Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"1528d-16bae1d5f68"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
86669
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-141362071-4
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/index.html?clickid=0000&q=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e67cf65b12db5714a98a47e9569bc505532b2746de5f5879f201c176d9e46a5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
content-encoding
br
last-modified
Wed, 04 Dec 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27666
x-xss-protection
0
expires
Wed, 04 Dec 2019 13:44:27 GMT
index.html
nodkw.baseresults.com/analytics/ 		2 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/analytics/index.html?clickid=0000&q=null&action=pageLoad&
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:27 GMT
via
1.1 google
access-control-allow-headers
*
x-powered-by
Express
etag
W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
status
200
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*.baseresults.com
access-control-allow-credentials
true
alt-svc
clear
content-length
2
index.html
nodkw.baseresults.com/search/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/search/index.html?cata=10&adsa=4&clickid=0000&ttl=&qs=&
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.3/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2ba352fa886a4fc58876bf06225881dded47631bcaca11d385491f40461eb034

Request headers

Accept
*/*
Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Dec 2019 13:44:29 GMT
via
1.1 google
access-control-allow-headers
*
x-powered-by
Express
etag
W/"35b5-Ay63qh/tD5uuE6vgCfxZbiIrrW8"
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*.baseresults.com
access-control-allow-credentials
true
alt-svc
clear
content-length
13749
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-141362071-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4250
date
Wed, 04 Dec 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 04 Dec 2019 14:33:37 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1329591236&t=pageview&_s=1&dl=https%3A%2F%2Fnodkw.baseresults.com%2Fstatic%2Flp%2F1%2Findex.html%3Fclickid%3D0000%26q%3Dnull&dr=https%3A%2F%2Fsafely.pdf-convert.online%2Fwim%2Fstatic%2Fwi%2Fmain.html%3Ftp%253Diw%26v%253D34.2%26gnum%253D15%26cid%253D8500%26gclid%253DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE%26clickid%253D77224123032%26cachecode%253DmKFHbI1JHKVNc%2BRSjJWqbA%253D%253D&ul=en-us&de=UTF-8&dt=nodkw&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1386852731&gjid=680467050&cid=129506678.1575467067&tid=UA-141362071-4&_gid=717142717.1575467067&_r=1&gtm=2ouav9&z=1536284066
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Dec 2019 13:44:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1329591236&t=event&_s=2&dl=https%3A%2F%2Fnodkw.baseresults.com%2Fstatic%2Flp%2F1%2Findex.html%3Fclickid%3D0000%26q%3Dnull&dr=https%3A%2F%2Fsafely.pdf-convert.online%2Fwim%2Fstatic%2Fwi%2Fmain.html%3Ftp%253Diw%26v%253D34.2%26gnum%253D15%26cid%253D8500%26gclid%253DEAIaIQobChMIsaLWjIqc5gIVRmt-Ch0IhwXQEAEYASAAEgKXxfD_BwE%26clickid%253D77224123032%26cachecode%253DmKFHbI1JHKVNc%2BRSjJWqbA%253D%253D&ul=en-us&de=UTF-8&dt=nodkw&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=LP.1&_u=IEBAAUAB~&jid=&gjid=&cid=129506678.1575467067&tid=UA-141362071-4&_gid=717142717.1575467067&gtm=2ouav9&z=1163403414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nodkw.baseresults.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Nov 2019 03:54:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1072187
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
glyphicons-halflings-regular.woff2
nodkw.baseresults.com/static/lp/1/bootstrap/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nodkw.baseresults.com/static/lp/1/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: nodkw.baseresults.com
URL: https://nodkw.baseresults.com/static/lp/1/jquery/js/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.98.97.120 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
120.97.98.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nodkw.baseresults.com/static/lp/1/bootstrap/css/bootstrap.min.css
Origin
https://nodkw.baseresults.com

Response headers

date
Wed, 04 Dec 2019 13:44:30 GMT
via
1.1 google
last-modified
Mon, 01 Jul 2019 15:18:09 GMT
x-powered-by
Express
etag
W/"466c-16bae1d5f68"
content-type
application/font-woff2
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
18028

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
safely.pdf-convert.online
URL
https://safely.pdf-convert.online/wim/static/lps/music/7.3/images/ar2.png
Domain
safely.pdf-convert.online
URL
https://safely.pdf-convert.online/wim/static/lps/music/7.3/images/download-icon.png
Domain
safely.pdf-convert.online
URL
https://safely.pdf-convert.online/wim/static/lps/music/7.3/images/Chrome_badge.png
Domain
safely.pdf-convert.online
URL
https://safely.pdf-convert.online/wim/static/components/flows/5.2.1/flow.js?_=1575467067168
Domain
music.globalappz.live
URL
https://music.globalappz.live/wim/static/wi/install.php?cid=_fid6_lp7.3_wit1575467067&yid=c8ds&clickid=null&vert=music&days=180&extid=jgofjiialcpbongknpjkllipmecbkcic&npage=skip&bnp=1&icon=icons&res=1200x1600&step=0&extType=ds
Domain
www.cherami-cloud.com
URL
https://www.cherami-cloud.com/report/wa?ctag=_fid6_lp7.3_wit1575467067&clickid=&yid=c8ds&vertical=music&step=0&res=1600X1200&lang=en&extType=ds&action=pageload
Domain
safely.pdf-convert.online
URL
https://safely.pdf-convert.online/wim/static/assets/slick-modal/slickModal.min.css
Domain
safely.pdf-convert.online
URL
https://safely.pdf-convert.online/wim/static/assets/slick-modal/slickModal.min.js

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Sentry object| __SENTRY__ function| $ function| jQuery object| lpAction function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

1 Cookies

Domain/Path Name / Value
.baseresults.com/ Name: hsp_0
Value: X8a3WMEj2XDLR5gdPUoh9P%2Fa%2F4sgNo2lOVa97QnF%2BZUL6D68GZqbNXul7YAEoh92OufZIS6amV%2FJV8kmo7vqFwOSKc4RvhMXTQEs%2F4cV9L5JL5Ssn0PeR4mM4EFE7spP4fQoF6F0FHH1bu4MJSPRhOn1Xh892L1fTqfzZrX8ZYwZIGx1TOpWJMEXFILDzx9rV0Q76eeP%2Bz9CL6ymMVaaK97xQWOsq5y8meIUiAkx71gV4Zd%2BgOos1XWGliDS6WB5y2aLZc%2FWDJ5U2F%2BePyfCpVDrRwzjv0EYae1%2B0UFstjw0%2BbTrFxmXv8PQsJfAxwqV%2FxFx5JMCSfa0D%2Fpit%2BZWfHFjkPSO7VvRbaCNqVYHKVMjqudREY2KdUTZEMuHAYDSobiFBnteT%2BbfgFDwR4kJ7AhF6F1n1Qv123v5F%2Bdi3tw5pwRNF7ADYuDWg6g7%2FBU8k7thFCfdSl2stf7ZLiZtJQgMcvjhoRPObznIuZghuGUGzlg1Vvzsbhqxfp%2BqL8zZB2x072a08YLsssMveukTTqsPMms2J6iLXdiIUYM8XVnhs8Prjg%2FAjopYTFgAPY07uMaBHKPa1DBkPR7%2BGz4yxA%3D%3D

1 Console Messages

Source Level URL
Text
console-api log URL: https://safely.pdf-convert.online/wim/static/dist/bundle.js(Line 1)
Message:
OfferManager: No chrome object

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
code.jquery.com
gate.baseresults.com
music.globalappz.live
nodkw.baseresults.com
safely.pdf-convert.online
www.cherami-cloud.com
www.google-analytics.com
www.googletagmanager.com
music.globalappz.live
safely.pdf-convert.online
www.cherami-cloud.com
151.101.2.217
2001:4de0:ac19::1:b:3a
2606:4700:30::6812:28cc
2606:4700:30::681f:5cf0
2a00:1450:4001:81b::200e
2a00:1450:4001:821::2008
34.98.97.120
0b1bf0ba071662ebd49cde2146940aaf3e1ddd6eed66889a88e6c3cf14880cfd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ba352fa886a4fc58876bf06225881dded47631bcaca11d385491f40461eb034
315543a77010b766a0fd87caa5b8aa03bb274afe3a1995c67024cc42435efebb
3d6ba80b2afad9e3807e4fd02fefa431e5542b9ce7aab41f5bac6158a0fb2967
5634c22b2498f39b13d05dae7bfb663943571ac1822a185e955bbc3a3e196656
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
80359910cbda13e256fa6d08250a906494b273fff2b52cea9554fbbdec8c3b54
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93dcca5c75fe3e39641e2c76ccd5dd577a0d1356e69dee810dbb4bd247f105c4
cd84df48595080acd304cca7309c2c94a15433829039ae6a75b5381ba46bb9bc
d72e66bb6c2e90c1b0a5e5e506dd8bd75a63dbd326c8e043a497eb5c0a16ae42
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e67cf65b12db5714a98a47e9569bc505532b2746de5f5879f201c176d9e46a5a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c