googlefreedownload.com Open in urlscan Pro
66.235.200.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://googlefreedownload.com/
Submission Tags: @phishunt_io
Submission: On April 11 via api (April 11th 2022, 11:55:25 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 66.235.200.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is googlefreedownload.com.

This is the only time googlefreedownload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	66.235.200.146 66.235.200.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	40.114.178.124 40.114.178.124	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	173.231.244.236 173.231.244.236	54641 (IMH-IAD) (IMH-IAD)
2	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
9	5

1 66.235.200.146 (United States)

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

googlefreedownload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gigaglitters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.114.178.124 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

external-content.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.244.236 (United States)

ASN54641 (IMH-IAD, US)
PTR: server.expmg.com

www.theworldsworstwebsiteever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	duckduckgo.com external-content.duckduckgo.com — Cisco Umbrella Rank: 5339	2 MB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 5403	148 KB
2	theworldsworstwebsiteever.com www.theworldsworstwebsiteever.com	19 KB
1	gigaglitters.com www.gigaglitters.com	20 KB
1	googlefreedownload.com googlefreedownload.com	2 KB
9	5

	Domain	Requested by
3	external-content.duckduckgo.com	googlefreedownload.com
2	i.imgur.com	googlefreedownload.com
2	www.theworldsworstwebsiteever.com	googlefreedownload.com
1	www.gigaglitters.com	googlefreedownload.com
1	googlefreedownload.com
9	5

This site contains links to these domains. Also see Links.

Domain
contrachrome.com
creativecommons.org
lowell.edu
www.openoffice.org
www.libreoffice.org
opencog.org
www.opennn.net
www.frontlinesms.com
librecad.org
solvespace.com
www.kicad.org
signal.org
bitwarden.com
github.com
www.openssl.org
clamwin.com
www.blender.org
www.flightgear.org
www.7-zip.org
www.gimp.org
krita.org
www.pencil2d.org
opentoonz.github.io
www.audacityteam.org
lmms.io
www.famitracker.com
stockfishchess.org
lczero.org
mpv.io
www.videolan.org
www.qbittorrent.org
ffmpeg.org
www.openshot.org
openvpn.net
www.rdesktop.org
torproject.org
www.bugzilla.org
www.gnu.org
www.virtualbox.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-11-26`	a year	crt.sh
twwwe.com cPanel, Inc. Certification Authority	`2022-03-27` - `2022-06-25`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://googlefreedownload.com/
Frame ID: F4C0EE17F2B75F58D42149A0FA78D828
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OpenSpot

Page Statistics

9
Requests

89 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2529 kB
Transfer

2523 kB
Size

0
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://contrachrome.com/
Title: ContraChrome

Search URL Search Domain Scan URL

URL: https://creativecommons.org/
Title: Creative Commons

Search URL Search Domain Scan URL

URL: https://lowell.edu/support/donate/
Title: Donate 2 Lowell Observatory

Search URL Search Domain Scan URL

URL: https://www.openoffice.org/
Title: Older Office Eco (openoffice.org)

Search URL Search Domain Scan URL

URL: https://www.libreoffice.org/
Title: LibreOffice (libreoffice.org)

Search URL Search Domain Scan URL

URL: https://opencog.org/
Title: Artifical General Intelligence (opencog.org)

Search URL Search Domain Scan URL

URL: https://www.opennn.net/
Title: C++ Neural Networks (opennn.net)

Search URL Search Domain Scan URL

URL: https://www.frontlinesms.com/
Title: Frontline SMS (frontlinesms.com)

Search URL Search Domain Scan URL

URL: https://librecad.org/
Title: Librecad (librecad.org)

Search URL Search Domain Scan URL

URL: https://solvespace.com/index.pl
Title: Parametric CAD (solvespace.com)

Search URL Search Domain Scan URL

URL: https://www.kicad.org/
Title: KiCad EDA (kicad.org)

Search URL Search Domain Scan URL

URL: https://signal.org/
Title: Secure Messenger (signal.org)

Search URL Search Domain Scan URL

URL: https://bitwarden.com/
Title: Password Manager (bitwarden.com)

Search URL Search Domain Scan URL

URL: https://github.com/hephaest0s/usbkill
Title: Anti-forensics (git)

Search URL Search Domain Scan URL

URL: https://www.openssl.org/
Title: OpenSSL Cryptography (openssl.org)

Search URL Search Domain Scan URL

URL: https://clamwin.com/
Title: Clamwin, Old antivirus, fun to play with (clamwin.com)

Search URL Search Domain Scan URL

URL: https://www.blender.org/
Title: Blender, duh (blender.org)

Search URL Search Domain Scan URL

URL: https://www.flightgear.org/
Title: Atmospheric and Aerospace (flightgear.org)

Search URL Search Domain Scan URL

URL: https://www.7-zip.org/
Title: 7zip File Manager (7-zip.org)

Search URL Search Domain Scan URL

URL: https://www.gimp.org/
Title: Gimp Image Editor (gimp.org)

Search URL Search Domain Scan URL

URL: https://krita.org/en/
Title: Krita Art Software (krita.org)

Search URL Search Domain Scan URL

URL: https://www.pencil2d.org/
Title: Pencil2D Animation (pencil2d.org)

Search URL Search Domain Scan URL

URL: https://opentoonz.github.io/e/
Title: OpenToonz 2D Animation (opentoonz.github.io)

Search URL Search Domain Scan URL

URL: https://www.audacityteam.org/
Title: Audactiy Audio Software (audacityteam.org)

Search URL Search Domain Scan URL

URL: https://lmms.io/
Title: LMMS Music (lmms.io)

Search URL Search Domain Scan URL

URL: http://www.famitracker.com/
Title: Famitracker chiptune maker (famitracker.com *not https*)

Search URL Search Domain Scan URL

URL: https://stockfishchess.org/
Title: Stockfish Chess Engine (stockfishchess.org)

Search URL Search Domain Scan URL

URL: https://lczero.org/
Title: Leela Chess Zero (lczero.org)

Search URL Search Domain Scan URL

URL: https://mpv.io/
Title: MPV Video Player (mpv.io)

Search URL Search Domain Scan URL

URL: https://www.videolan.org/vlc/
Title: VLC Media Player (videolan.org/vlc)

Search URL Search Domain Scan URL

URL: https://www.qbittorrent.org/
Title: qBittorent (qbittorent.org)

Search URL Search Domain Scan URL

URL: https://ffmpeg.org/
Title: ffmpeg (ffmpeg.org)

Search URL Search Domain Scan URL

URL: https://www.openshot.org/
Title: OpenShot Video Editor (openshot.org)

Search URL Search Domain Scan URL

URL: https://openvpn.net/
Title: OpenVPN (openvpn.net)

Search URL Search Domain Scan URL

URL: http://www.rdesktop.org/
Title: Rdesktop Remote Access (rdesktop.org)

Search URL Search Domain Scan URL

URL: https://torproject.org/
Title: Tor (torproject.org)

Search URL Search Domain Scan URL

URL: https://www.bugzilla.org/
Title: Bugzilla (bugzilla.org)

Search URL Search Domain Scan URL

URL: https://www.gnu.org/software/gdb
Title: Gnu Debugger(gnu.org)

Search URL Search Domain Scan URL

URL: https://www.virtualbox.org/
Title: VirtualBox Virtual Machine (virtualbox.org)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
googlefreedownload.com/ 6 KB
2 KB 268ms
28ms Document
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://googlefreedownload.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e87739555120c323fb22ed120aff763ea80a4bb8505a7e1cbf39a2c701e10c7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 4749
CF-Cache-Status: HIT
CF-RAY: 6fa3885abf8f68f5-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 11 Apr 2022 11:55:20 GMT
Last-Modified: Sat, 09 Apr 2022 19:51:57 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 JWUxls5JhB.gif
www.gigaglitters.com/created/ 20 KB
20 KB 86ms
33ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gigaglitters.com/created/JWUxls5JhB.gif
Requested by: Host: googlefreedownload.com
URL: http://googlefreedownload.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5f07e47c2086e304a61b3d8c4cc89ce4aafbe64f1cba4255b217d551604840

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:55:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20256
last-modified: Sat, 09 Apr 2022 18:46:35 GMT
server: cloudflare
etag: "6251d48b-4f20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ehl8VnCRnJJvAAc4oNjiI231LRHpqHuwk6X7ZSfDyuQceq1tFWPYkCLkk1zCL6x02nqMK7WicpnC%2BKOxnJKK7cBVxwwnl3PHdGsu9Gf3vf5%2BgWHcFCalCa%2F%2BbalciFysMEqZoI03c4SIv64QpXZTy%2F%2BWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6fa3885b5a269b63-FRA

GET
H2 200 /
external-content.duckduckgo.com/iu/ 1021 KB
1024 KB 127ms
70ms Image
image/gif 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fmedia1.tenor.com%2Fimages%2F4ad399d542a084897c1091d3fcce1c22%2Ftenor.gif%3Fitemid%3D19117932&f=1&nofb=1

Requested by

Host: googlefreedownload.com
URL: http://googlefreedownload.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8a7809e38d80d0d8b0e0568e844ae030a49d5c51521b87687db5200ea9eef59e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Mon, 11 Apr 2022 11:55:20 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/gif
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Tue, 11 Apr 2023 11:55:20 GMT

GET
H/1.1 200
OK 2_workers.gif
www.theworldsworstwebsiteever.com/images/ 4 KB
4 KB 1054ms
600ms Image
image/gif 173.231.244.236
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theworldsworstwebsiteever.com/images/2_workers.gif
Requested by: Host: googlefreedownload.com
URL: http://googlefreedownload.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.244.236 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.expmg.com
Software: Apache /
Resource Hash: e326a54ac51d2076481b6a33b76d0dfe49bdc1f11bab695eddaede69305c1086

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 11:55:20 GMT
Last-Modified: Tue, 08 Jan 2019 17:31:32 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4147

GET
H/1.1 200
OK email_10_animated.gif
www.theworldsworstwebsiteever.com/images/ 15 KB
15 KB 558ms
103ms Image
image/gif 173.231.244.236
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theworldsworstwebsiteever.com/images/email_10_animated.gif
Requested by: Host: googlefreedownload.com
URL: http://googlefreedownload.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.244.236 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: server.expmg.com
Software: Apache /
Resource Hash: 005ab2867a9838f11cf5ff8eded325105df61bcd2e5a6dd183204b544fed8ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 11:55:20 GMT
Last-Modified: Tue, 08 Jan 2019 17:31:33 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14954

GET
H2 200 /
external-content.duckduckgo.com/iu/ 265 KB
267 KB 103ms
46ms Image
image/gif 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fmedia.giphy.com%2Fmedia%2FgU25raLP4pUu4%2Fgiphy.gif&f=1&nofb=1

Requested by

Host: googlefreedownload.com
URL: http://googlefreedownload.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

024e8600257d61bb91edc3ca34908c7b2b7707b7aea7a651f63cd599bcac2c98

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Mon, 11 Apr 2022 11:55:20 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/gif
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Tue, 11 Apr 2023 11:55:20 GMT

GET
H2 200 nFxdG0l.gif
i.imgur.com/ 116 KB
116 KB 65ms
24ms Image
image/gif 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/nFxdG0l.gif

Requested by

Host: googlefreedownload.com
URL: http://googlefreedownload.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

caa2e5b653ff63eee9f5c4889c606a6b198dccb049b8442a8299f830ce568d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:55:20 GMT
x-content-type-options: nosniff
age: 145002
x-cache: HIT, HIT
content-length: 118471
x-served-by: cache-iad-kjyo7100131-IAD, cache-fra19148-FRA
last-modified: Sat, 09 Apr 2022 19:38:38 GMT
server: cat factory 1.0
x-timer: S1649678120.209047,VS0,VE2
etag: "bbbfbc3da3582148c00e298c58de6420"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 m2fPoAN.jpg
i.imgur.com/ 32 KB
32 KB 59ms
18ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/m2fPoAN.jpg

Requested by

Host: googlefreedownload.com
URL: http://googlefreedownload.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f3089a069df4970a57d5c19c1d5507949dfbe2db40e88215c5a46c5852c8a988

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 11:55:20 GMT
x-content-type-options: nosniff
age: 144657
x-cache: HIT, HIT
content-length: 32720
x-served-by: cache-iad-kiad7000076-IAD, cache-fra19148-FRA
last-modified: Sat, 09 Apr 2022 19:44:24 GMT
server: cat factory 1.0
x-timer: S1649678120.208917,VS0,VE1
etag: "d4e0ee629bb867ad7ec9462145f0cf47"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 /
external-content.duckduckgo.com/iu/ 1 MB
1 MB 480ms
424ms Image
image/gif 40.114.178.124
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-content.duckduckgo.com/iu/?u=http%3A%2F%2Fcdn.wallpapersafari.com%2F87%2F92%2F47ib9y.gif&f=1&nofb=1

Requested by

Host: googlefreedownload.com
URL: http://googlefreedownload.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

83b97791471b5c9248239043bfc9bf8ea601202ef3702ace9b9307374df0885d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://googlefreedownload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-duckduckgo-locale: de_DE
strict-transport-security: max-age=31536000
referrer-policy: origin
server: nginx
date: Mon, 11 Apr 2022 11:55:20 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/gif
x-xss-protection: 1;mode=block
cache-control: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
x-content-type-options: nosniff
expires: Tue, 11 Apr 2023 11:55:20 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

external-content.duckduckgo.com
googlefreedownload.com
i.imgur.com
www.gigaglitters.com
www.theworldsworstwebsiteever.com
151.101.12.193
173.231.244.236
2a06:98c1:3120::7
40.114.178.124
66.235.200.146
005ab2867a9838f11cf5ff8eded325105df61bcd2e5a6dd183204b544fed8ee5
024e8600257d61bb91edc3ca34908c7b2b7707b7aea7a651f63cd599bcac2c98
1b5f07e47c2086e304a61b3d8c4cc89ce4aafbe64f1cba4255b217d551604840
83b97791471b5c9248239043bfc9bf8ea601202ef3702ace9b9307374df0885d
8a7809e38d80d0d8b0e0568e844ae030a49d5c51521b87687db5200ea9eef59e
caa2e5b653ff63eee9f5c4889c606a6b198dccb049b8442a8299f830ce568d5f
e326a54ac51d2076481b6a33b76d0dfe49bdc1f11bab695eddaede69305c1086
e87739555120c323fb22ed120aff763ea80a4bb8505a7e1cbf39a2c701e10c7b
f3089a069df4970a57d5c19c1d5507949dfbe2db40e88215c5a46c5852c8a988

googlefreedownload.com Open in urlscan Pro 66.235.200.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

89 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

2529 kBTransfer

2523 kBSize

0 Cookies

39 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

googlefreedownload.com Open in urlscan Pro
66.235.200.146 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2529 kB
Transfer

2523 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions