nowlive.pro - urlscan.io

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3030::6812:2395, located in United States and belongs to CLOUDFLARENET, US. The main domain is nowlive.pro.

This is the only time nowlive.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3030::6812:2395	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:a710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6812:3647	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
5	4

2 2606:4700:3030::6812:2395 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nowlive.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a710 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnondemand.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6812:3647 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cdnondemand.org cdnondemand.org	21 KB
2	nowlive.pro 1 redirects nowlive.pro	6 KB
1	onclickgenius.com onclickgenius.com	2 KB
1	ufpcdn.com ufpcdn.com
5	4

	Domain	Requested by
2	cdnondemand.org	nowlive.pro
2	nowlive.pro	1 redirects
1	onclickgenius.com	nowlive.pro
1	ufpcdn.com	nowlive.pro
5	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://nowlive.pro/
Frame ID: D807F65E83C8BFEE33DE57B0B31AD4B5
Requests: 4 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 5A0C1393E0A4B10840966C828BC5C27D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://nowlive.pro/ HTTP 301
http://nowlive.pro/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

5
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

28 kB
Transfer

80 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nowlive.pro/ HTTP 301
http://nowlive.pro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response nowlive.pro/ Redirect Chain https://nowlive.pro/ http://nowlive.pro/	19 KB 5 KB	102ms 96ms	Document text/html	2606:4700:3030::6812:2395 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nowlive.pro/ Protocol HTTP/1.1 Server 2606:4700:3030::6812:2395 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `45b22a8034fe081100965633ca4eb2503c6170077affe8e73e4a3824a16d2d40` Request headers Host nowlive.pro Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 01:31:35 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d69ccade4c8c3bd5834522f9aed190c4d1604021495; expires=Sun, 29-Nov-20 01:31:35 GMT; path=/; domain=.nowlive.pro; HttpOnly; SameSite=Lax Last-Modified Tue, 27 Oct 2020 22:31:15 GMT CF-Cache-Status DYNAMIC cf-request-id 0618babdff00002b1e9982c000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nfbHOnFZT%2FsaF2pG1wXL2ufN8%2FGZDY%2FBpS8GYTs9JYnm7YwL1%2BwS4%2F5%2FB1G51d6r1wO4CU9jw0rZF0%2B4Ao11ngZD84Ifr2Y7uiPyiIhGkJ0pb%2FOrEzqf6A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5ea160a99e942b1e-FRA Content-Encoding gzip Redirect headers status 301 date Fri, 30 Oct 2020 01:31:35 GMT cache-control max-age=3600 expires Fri, 30 Oct 2020 02:31:35 GMT location http://nowlive.pro/ cf-request-id 0618babdee0000c29a0a8b6000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GQBeQ457ySpnn7RPrWpA4C2QAzTVhI6%2B8yvsT%2Fc7AcpDYqncGYNlzxfsvMd1d2c9ATQTbhh4THAPL0MiGtmomdq4iHSkoh%2BAh2bmkRXN8QrS%2FM3xpRXdtA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 5ea160a979ccc29a-FRA
GET H/1.1	200 OK	compatibility.js Show response cdnondemand.org/script/	20 KB 9 KB	33ms 21ms	Script application/javascript	2606:4700::6810:a710 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdnondemand.org/script/compatibility.js Requested by Host: nowlive.pro URL: http://nowlive.pro/ Protocol HTTP/1.1 Server 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac` Request headers Referer http://nowlive.pro/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 01:31:35 GMT Content-Encoding gzip CF-Cache-Status HIT Age 928 X-GUploader-UploadID ABg5-UyGkwerUdVfuR9O3DJWs3t7Aj5Q4n9va83kbIQQy3FT5u3gkx7Wu2QFITWIaydIYJIpHEFQEvjxOVeFZq1xSOdMD2VbkA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 0618babe7500001f31d397f000000001 Last-Modified Tue, 15 Sep 2020 12:10:32 GMT Server cloudflare ETag W/"c2bbc1e2544049cb035c321919bef2bc" Vary Accept-Encoding x-goog-hash crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA== x-goog-generation 1600171832181211 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 20647 CF-RAY 5ea160aa59b41f31-FRA Expires Fri, 30 Oct 2020 05:31:35 GMT
GET H/1.1	200 OK	Cookie set identify.html ufpcdn.com/script/ Frame 5A0C	0 0	329ms 323ms	Document text/html	2606:4700:3034::6812:3647 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: nowlive.pro URL: http://nowlive.pro/ Protocol HTTP/1.1 Server 2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://nowlive.pro/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://nowlive.pro/ Response headers Date Fri, 30 Oct 2020 01:31:35 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=de8ec3dc9360ffe0cf2ea497211ae90901604021495; expires=Sun, 29-Nov-20 01:31:35 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=2aa4d7fab78ce4ac6833b83f0b29f60d2398a413-1604021495-1800-AZOS9jglZy9TDZFfTvi3cxdXR29R+vRg4K6mVY+n4U0Kquela7Nm1hBqs6zRTrs8vkJ4QO5adJmNBdPsvNPcoTs=; path=/; expires=Fri, 30-Oct-20 02:01:35 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None Last-Modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC cf-request-id 0618babea100002bf63c948000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TSqdBz%2FeZHtRy1C0KkGHnnHLg6lthaAbLb%2BaK18EfQqDXZU7RXJmOmdtIF6WDcg5dxW31yM05v3sFv3Mgf%2FHRg3G8e3%2F5dE79Ma6ko0l%2B9%2BrmLd3flyO"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5ea160aa9b602bf6-FRA Content-Encoding gzip
GET H/1.1	200 OK	suurl.php Show response onclickgenius.com/script/	5 KB 2 KB	297ms 280ms	Script application/javascript	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=1846339&cbrandom=0.004413307377458375&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org Requested by Host: nowlive.pro URL: http://nowlive.pro/ Protocol HTTP/1.1 Server 35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash `e4df280f7d4ea5b405156f3852012bcf46f584ebad3653ef6119d5689d0bc5f0` Request headers Referer http://nowlive.pro/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 30 Oct 2020 01:31:35 GMT Content-Encoding gzip Transfer-Encoding chunked Server openresty Via 1.1 google Content-Type application/javascript; charset=utf-8
GET H/1.1	200 OK	chrome.js Show response cdnondemand.org/script/	36 KB 12 KB	12ms 12ms	Script application/javascript	2606:4700::6810:a710 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdnondemand.org/script/chrome.js Requested by Host: nowlive.pro URL: http://nowlive.pro/ Protocol HTTP/1.1 Server 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946` Request headers Referer http://nowlive.pro/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 30 Oct 2020 01:31:35 GMT Content-Encoding gzip CF-Cache-Status HIT Age 3379 X-GUploader-UploadID ABg5-UzjdAhGvQK2XT7EqUMQ0h8TtggLA284hfvePTwegnuGVGTu-5C9Tv5kRLeA57rkuqI3C-TTPniuONITlOrjN9fAqlU3Sg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 0618babf6300001f31c6085000000001 Last-Modified Mon, 14 Sep 2020 09:15:29 GMT Server cloudflare ETag W/"ef6565ab259dafbc08468b4d0bb46762" Vary Accept-Encoding x-goog-hash crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg== x-goog-generation 1600074929755781 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 37300 CF-RAY 5ea160abdaec1f31-FRA Expires Fri, 30 Oct 2020 05:31:35 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nowlive.pro/	1970-01-19 14:16:53	Name: __cfduid Value: d69ccade4c8c3bd5834522f9aed190c4d1604021495

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnondemand.org
nowlive.pro
onclickgenius.com
ufpcdn.com
2606:4700:3030::6812:2395
2606:4700:3034::6812:3647
2606:4700::6810:a710
35.190.71.96
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
45b22a8034fe081100965633ca4eb2503c6170077affe8e73e4a3824a16d2d40
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
e4df280f7d4ea5b405156f3852012bcf46f584ebad3653ef6119d5689d0bc5f0

nowlive.pro Open in urlscan Pro 2606:4700:3030::6812:2395 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

0 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

28 kBTransfer

80 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

Indicators

nowlive.pro Open in urlscan Pro
2606:4700:3030::6812:2395 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

28 kB
Transfer

80 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions