urlscan.io logo urlscan.io
SecurityTrails logo

qpdownload.com Open in urlscan Pro
192.81.212.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://qpdownload.com/thankyou.php?offers=2
Submission: On December 18 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 192.81.212.18, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is qpdownload.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 22nd 2018. Valid for: 2 years.
This is the only time qpdownload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 192.81.212.18 14061 (DIGITALOC...)
1 205.185.208.52 20446 (HIGHWINDS3)
2 7 2a02:6b8::1:119 13238 (YANDEX)
1 2600:9000:204... 16509 (AMAZON-02)
1 74.117.182.93 40824 (WZCOM-US)
1 52.218.224.136 16509 (AMAZON-02)
20 6
11    192.81.212.18 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
qpdownload.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
7    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    2600:9000:2047:7600:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.ywxi.net
1    74.117.182.93 (Fort Lauderdale, United States)

ASN40824 (WZCOM-US - WZ Communications Inc., US)
www.directionforest.com
1    52.218.224.136 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
Domain Requested by
11 qpdownload.com qpdownload.com
code.jquery.com
7 mc.yandex.ru 2 redirects qpdownload.com
1 s3-us-west-2.amazonaws.com code.jquery.com
1 www.directionforest.com qpdownload.com
1 cdn.ywxi.net qpdownload.com
1 code.jquery.com qpdownload.com
20 6

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
Subject Issuer Validity Valid
qpdownload.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-22 -
2020-05-21		 2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
*.ywxi.net
Amazon		 2018-09-14 -
2019-10-14		 a year crt.sh
www.directionforest.com
Let's Encrypt Authority X3		 2018-12-13 -
2019-03-13		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-11-08 -
2019-11-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://qpdownload.com/thankyou.php?offers=2
Frame ID: FDD11406B9207795C408A4AF4D4A1774
Requests: 19 HTTP requests in this frame

Frame: https://www.directionforest.com/ads?key=5bbd8e0ff58dd0c16053966987a7e19f&ch=
Frame ID: F746D46C0093DE21221C92A614C516E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

210 kB
Transfer

389 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://mc.yandex.ru/watch/27954822?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021705%3Aet%3A1545099425%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A805793409%3Ahid%3A347391003%3Ads%3A16%2C1217%2C117%2C1%2C0%2C0%2C0%2C407%2C73%2C%2C%2C%2C1761%3Awn%3A54626%3Ahl%3A2%3Agdpr%3A14%3Av%3A1367%3Ast%3A1545099425%3Au%3A154509942522988921%3At%3AQP%20Download%20-%20The%20Biggest%20Download%20Portal! HTTP 302
  • https://mc.yandex.ru/watch/27954822/1?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021705%3Aet%3A1545099425%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A805793409%3Ahid%3A347391003%3Ads%3A16%2C1217%2C117%2C1%2C0%2C0%2C0%2C407%2C73%2C%2C%2C%2C1761%3Awn%3A54626%3Ahl%3A2%3Agdpr%3A14%3Av%3A1367%3Ast%3A1545099425%3Au%3A154509942522988921%3At%3AQP%20Download%20-%20The%20Biggest%20Download%20Portal%21
Request Chain 18
  • https://mc.yandex.ru/watch/27954822?page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021720%3Aet%3A1545099440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Aar%3A1%3Anb%3A1%3Acl%3A79%3Arn%3A445958239%3Ahid%3A347391003%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2686%2C2686%2C0%2C%3Afp%3A1868%3Agdpr%3A14%3Aeu%3A1%3Av%3A1367%3Ast%3A1545099440%3Au%3A154509942522988921%3App%3A2587583065 HTTP 302
  • https://mc.yandex.ru/watch/27954822/1?page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021720%3Aet%3A1545099440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Aar%3A1%3Anb%3A1%3Acl%3A79%3Arn%3A445958239%3Ahid%3A347391003%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2686%2C2686%2C0%2C%3Afp%3A1868%3Agdpr%3A14%3Aeu%3A1%3Av%3A1367%3Ast%3A1545099440%3Au%3A154509942522988921%3App%3A2587583065

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request thankyou.php
qpdownload.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx / PHP/5.6.38
Resource Hash
daf7cb1184983c7a032342dd7abae39c1d27e157271c65c7f1107cf109012ec1

Request headers

Host
qpdownload.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 18 Dec 2018 02:17:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.6.38
Content-Encoding
gzip
pure-min.css
qpdownload.com/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qpdownload.com/css/pure-min.css
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b8c21672861bfccb99a990212f63f95948be95cb181520706acf5329bfc17969

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://qpdownload.com/thankyou.php?offers=2
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 May 2018 14:43:39 GMT
Server
nginx
ETag
W/"5b042c9b-49ff"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font.css
qpdownload.com/fonts/ 		2 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qpdownload.com/fonts/font.css
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
338c9793ecc93f3797bb958ccc89b0c63fb54b144308f46b6dd6e20bd020a8a8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://qpdownload.com/thankyou.php?offers=2
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 12:44:54 GMT
Server
nginx
ETag
W/"5a770046-807"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
global.css
qpdownload.com/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qpdownload.com/css/global.css
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
5bc376b38159e7394dd1326576f2d557bffd82f61c836366236c7777b0d478e8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://qpdownload.com/thankyou.php?offers=2
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Feb 2018 12:44:46 GMT
Server
nginx
ETag
W/"5a77003e-4e8b"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.11.2.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.2.min.js
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 16:05:21 GMT
Server
nginx
ETag
W/"5491a9c1-176bb"
Vary
Accept-Encoding
X-HW
1545099424.dop011.pa1.shc,1545099424.dop011.pa1.t,1545099424.cds035.pa1.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33262
logo.png
qpdownload.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qpdownload.com/images/logo.png
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
43c390fb1bc524ba7ad44959bfd5c4626cd191c6003d39c0d65f26cda405632c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://qpdownload.com/thankyou.php?offers=2
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:04 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:43 GMT
Server
nginx
ETag
"5a770077-13b7"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
5047
Expires
Thu, 31 Dec 2037 23:55:55 GMT
watch.js
mc.yandex.ru/metrika/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5e05710be111198575acf3cade9d480673a693fe05cd76067cb186d7614907a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Dec 2018 15:38:18 GMT
Server
nginx/1.12.2
ETag
"5c127cea-ade1"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
44513
Expires
Tue, 18 Dec 2018 03:17:05 GMT
1.js
cdn.ywxi.net/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:7600:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
6b3b4b55bd4c1db53e0a2594ce4e779b94fae6f5836127f8f99c9dcc36ff1a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Dec 2018 01:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
age
3084
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
status
200
x-xss-protection
1; mode=block
content-length
2829
via
1.1 300b920cc4a53d2daec2ba8180596d82.cloudfront.net (CloudFront)
x-amz-cf-id
TiGM3E053Npm9J1V9wV1BITbmy038Ysq-fLaNBxk9ihwHgWHlHarQQ==
expires
Tue, 18 Dec 2018 02:25:41 GMT
Cookie set ads
www.directionforest.com/ Frame F746 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.directionforest.com/ads?key=5bbd8e0ff58dd0c16053966987a7e19f&ch=
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.117.182.93 Fort Lauderdale, United States, ASN40824 (WZCOM-US - WZ Communications Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
www.directionforest.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://qpdownload.com/thankyou.php?offers=2
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://qpdownload.com/thankyou.php?offers=2

Response headers

Server
Apache-Coyote/1.1
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="CAO PSA OUR"
Set-Cookie
UUID=03aa9d20-026b-11e9-a85f-f8bc12537a38; Domain=.www.directionforest.com; Expires=Thu, 17-Dec-2020 02:17:05 GMT; Path=/ crfc=10294-1545116705781--; Domain=.www.directionforest.com; Expires=Wed, 18-Dec-2019 02:17:05 GMT; Path=/
Content-Type
text/html;charset=UTF-8
Content-Length
1222
Date
Tue, 18 Dec 2018 02:17:05 GMT
opensans-regular.woff2
qpdownload.com/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qpdownload.com/fonts/opensans-regular.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
35426738101220eb0470b0bdca4b482bfb75ef674cfb6d96255d3238a61b3945

Request headers

Pragma
no-cache
Origin
https://qpdownload.com
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://qpdownload.com/fonts/font.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://qpdownload.com/fonts/font.css
Origin
https://qpdownload.com

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:11 GMT
Server
nginx
ETag
"c7d8-5646250fc2819"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
51160
btn_search.png
qpdownload.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qpdownload.com/images/btn_search.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
9d562d80c65351e07eaa3b9b93f614f032778a95580740bcd89f1385f4d204b8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://qpdownload.com/css/global.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:31 GMT
Server
nginx
ETag
"5a77006b-5a4"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1444
Expires
Thu, 31 Dec 2037 23:55:55 GMT
facebook.png
qpdownload.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qpdownload.com/images/facebook.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d1592ed1e00f6ec756d6cd6863d78401df8f9666771eed4a86beb4c74d15e15

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://qpdownload.com/css/global.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:39 GMT
Server
nginx
ETag
"5a770073-541"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter.png
qpdownload.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qpdownload.com/images/twitter.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
1b98c0c502103601e5c82629f31ab7dd59bf207e9dd017732079d122f47c0fed

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://qpdownload.com/css/global.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:54 GMT
Server
nginx
ETag
"5a770082-724"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1828
Expires
Thu, 31 Dec 2037 23:55:55 GMT
google_plus.png
qpdownload.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qpdownload.com/images/google_plus.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
108ba0a1bfbb3411ba65e04e977cad0ea43df09d680e4bdafbc07dcb5ad5d3c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://qpdownload.com/css/global.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://qpdownload.com/css/global.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:40 GMT
Server
nginx
ETag
"5a770074-93a"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
2362
Expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-semibold.woff2
qpdownload.com/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://qpdownload.com/fonts/opensans-semibold.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.81.212.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
718bf5e7a2cc7b2168737df5c97dec08172cb01472c8af4eeccd62dbae674755

Request headers

Pragma
no-cache
Origin
https://qpdownload.com
Accept-Encoding
gzip, deflate, br
Host
qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://qpdownload.com/fonts/font.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://qpdownload.com/fonts/font.css
Origin
https://qpdownload.com

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Sun, 04 Feb 2018 12:45:17 GMT
Server
nginx
ETag
"cf4c-564625152bc29"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
53068
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/qpdownload.com/ 		108 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/qpdownload.com/client.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.224.136 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0a9972fd0b58ea350d4de19cdfd6b0cb31261112f6bf42c78ddcc8b068f32f8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://qpdownload.com/thankyou.php?offers=2
Origin
https://qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:07 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
4A9D3AFB583028AA
x-amz-replication-status
COMPLETED
Content-Length
115
x-amz-id-2
Cv/BbLawKcivTBxxeSDaqiiC6iS2RIZ4GeP5M6MFNIhhVnqhOSBuYX11judTKGAEqKLs4MeojbU=
Last-Modified
Sat, 01 Dec 2018 10:27:50 GMT
Server
AmazonS3
ETag
"f387d79a9b4c62a0d13620285c70890c"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
Mjdc9e3Xjtktx0JFp21CZ82nbiaUlxIR
Access-Control-Allow-Origin
https://qpdownload.com
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
1
mc.yandex.ru/watch/27954822/
Redirect Chain
  • https://mc.yandex.ru/watch/27954822?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Af...
  • https://mc.yandex.ru/watch/27954822/1?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/27954822/1?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021705%3Aet%3A1545099425%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A805793409%3Ahid%3A347391003%3Ads%3A16%2C1217%2C117%2C1%2C0%2C0%2C0%2C407%2C73%2C%2C%2C%2C1761%3Awn%3A54626%3Ahl%3A2%3Agdpr%3A14%3Av%3A1367%3Ast%3A1545099425%3Au%3A154509942522988921%3At%3AQP%20Download%20-%20The%20Biggest%20Download%20Portal%21
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Tue, 18-Dec-2018 02:17:05 GMT
Server
nginx/1.12.2
Location
/watch/27954822/1?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021705%3Aet%3A1545099425%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A805793409%3Ahid%3A347391003%3Ads%3A16%2C1217%2C117%2C1%2C0%2C0%2C0%2C407%2C73%2C%2C%2C%2C1761%3Awn%3A54626%3Ahl%3A2%3Agdpr%3A14%3Av%3A1367%3Ast%3A1545099425%3Au%3A154509942522988921%3At%3AQP%20Download%20-%20The%20Biggest%20Download%20Portal%21
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://qpdownload.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 18-Dec-2018 02:17:05 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 02:17:05 GMT
Last-Modified
Tue, 18-Dec-2018 02:17:05 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
https://qpdownload.com
Strict-Transport-Security
max-age=31536000
Location
/watch/27954822/1?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021705%3Aet%3A1545099425%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A805793409%3Ahid%3A347391003%3Ads%3A16%2C1217%2C117%2C1%2C0%2C0%2C0%2C407%2C73%2C%2C%2C%2C1761%3Awn%3A54626%3Ahl%3A2%3Agdpr%3A14%3Av%3A1367%3Ast%3A1545099425%3Au%3A154509942522988921%3At%3AQP%20Download%20-%20The%20Biggest%20Download%20Portal%21
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 18-Dec-2018 02:17:05 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 18 Dec 2018 02:17:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Tue, 18 Dec 2018 03:17:05 GMT
1
mc.yandex.ru/watch/27954822/ 		133 B
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/27954822/1?wmode=7&page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&browser-info=ti%3A10%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021705%3Aet%3A1545099425%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A805793409%3Ahid%3A347391003%3Ads%3A16%2C1217%2C117%2C1%2C0%2C0%2C0%2C407%2C73%2C%2C%2C%2C1761%3Awn%3A54626%3Ahl%3A2%3Agdpr%3A14%3Av%3A1367%3Ast%3A1545099425%3Au%3A154509942522988921%3At%3AQP%20Download%20-%20The%20Biggest%20Download%20Portal%21
Requested by
Host: qpdownload.com
URL: https://qpdownload.com/thankyou.php?offers=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
20fc0dab62a0538d06af0d88c24788d422574dacac285b645401871dcabebce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
Origin
https://qpdownload.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 02:17:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18-Dec-2018 02:17:05 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://qpdownload.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Tue, 18-Dec-2018 02:17:05 GMT
1
mc.yandex.ru/watch/27954822/
Redirect Chain
  • https://mc.yandex.ru/watch/27954822?page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1545099423314%3As%3A1600x1...
  • https://mc.yandex.ru/watch/27954822/1?page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1545099423314%3As%3A1600...
43 B
773 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/27954822/1?page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021720%3Aet%3A1545099440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Aar%3A1%3Anb%3A1%3Acl%3A79%3Arn%3A445958239%3Ahid%3A347391003%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2686%2C2686%2C0%2C%3Afp%3A1868%3Agdpr%3A14%3Aeu%3A1%3Av%3A1367%3Ast%3A1545099440%3Au%3A154509942522988921%3App%3A2587583065
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qpdownload.com/thankyou.php?offers=2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 02:17:20 GMT
Last-Modified
Tue, 18-Dec-2018 02:17:20 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 18-Dec-2018 02:17:20 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Dec 2018 02:17:20 GMT
Last-Modified
Tue, 18-Dec-2018 02:17:20 GMT
Server
nginx/1.12.2
Location
/watch/27954822/1?page-url=https%3A%2F%2Fqpdownload.com%2Fthankyou.php%3Foffers%3D2&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1545099423314%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20181218021720%3Aet%3A1545099440%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Aar%3A1%3Anb%3A1%3Acl%3A79%3Arn%3A445958239%3Ahid%3A347391003%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2686%2C2686%2C0%2C%3Afp%3A1868%3Agdpr%3A14%3Aeu%3A1%3Av%3A1367%3Ast%3A1545099440%3Au%3A154509942522988921%3App%3A2587583065
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://qpdownload.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 18-Dec-2018 02:17:20 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| MfeSecure number| MfeSecure_done function| jQueryMs object| Ya object| yaCounter27954822

5 Cookies

Domain/Path Name / Value
.www.directionforest.com/ Name: ucv
Value: 10294-DE-1545185825933-24--
.www.directionforest.com/ Name: cfc
Value: 10294-1545116705932--
.www.directionforest.com/ Name: crfc
Value: 10294-1545116705781--
.www.directionforest.com/ Name: UUID
Value: 03aa9d20-026b-11e9-a85f-f8bc12537a38
.qpdownload.com/ Name: _ym_visorc_27954822
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ywxi.net
code.jquery.com
mc.yandex.ru
qpdownload.com
s3-us-west-2.amazonaws.com
www.directionforest.com
192.81.212.18
205.185.208.52
2600:9000:2047:7600:14:6bfc:5740:93a1
2a02:6b8::1:119
52.218.224.136
74.117.182.93
108ba0a1bfbb3411ba65e04e977cad0ea43df09d680e4bdafbc07dcb5ad5d3c4
1b98c0c502103601e5c82629f31ab7dd59bf207e9dd017732079d122f47c0fed
20fc0dab62a0538d06af0d88c24788d422574dacac285b645401871dcabebce4
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
338c9793ecc93f3797bb958ccc89b0c63fb54b144308f46b6dd6e20bd020a8a8
35426738101220eb0470b0bdca4b482bfb75ef674cfb6d96255d3238a61b3945
43c390fb1bc524ba7ad44959bfd5c4626cd191c6003d39c0d65f26cda405632c
4d1592ed1e00f6ec756d6cd6863d78401df8f9666771eed4a86beb4c74d15e15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bc376b38159e7394dd1326576f2d557bffd82f61c836366236c7777b0d478e8
5e05710be111198575acf3cade9d480673a693fe05cd76067cb186d7614907a0
6b3b4b55bd4c1db53e0a2594ce4e779b94fae6f5836127f8f99c9dcc36ff1a0d
718bf5e7a2cc7b2168737df5c97dec08172cb01472c8af4eeccd62dbae674755
9d562d80c65351e07eaa3b9b93f614f032778a95580740bcd89f1385f4d204b8
b8c21672861bfccb99a990212f63f95948be95cb181520706acf5329bfc17969
c0a9972fd0b58ea350d4de19cdfd6b0cb31261112f6bf42c78ddcc8b068f32f8
daf7cb1184983c7a032342dd7abae39c1d27e157271c65c7f1107cf109012ec1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855