Submitted URL: https://www.secureupload.nowdownload.eu/
Effective URL: https://secureupload.nowdownload.eu/
Submission: On October 06 via automatic, source certstream-suspicious

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 50 HTTP transactions. The main IP is 2a04:5b82:8:200::3, located in Germany and belongs to SMARTINTERNET Smart Internet Solutions, DE. The main domain is secureupload.nowdownload.eu.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 6th 2020. Valid for: 3 months.
This is the only time secureupload.nowdownload.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a04:5b82:8:2... 202265 (SMARTINTE...)
1 25 2a04:5b82:8:2... 202265 (SMARTINTE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 195.181.175.46 60068 (CDN77)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
50 10
Domain Requested by
25 secureupload.nowdownload.eu 1 redirects secureupload.nowdownload.eu
6 fonts.gstatic.com fonts.googleapis.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com secureupload.nowdownload.eu
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 tracking.sis-cdn.de secureupload.nowdownload.eu
tracking.sis-cdn.de
2 fonts.googleapis.com secureupload.nowdownload.eu
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.youtube.com secureupload.nowdownload.eu
1 cdn.sendpulse.com secureupload.nowdownload.eu
1 www.secureupload.nowdownload.eu 1 redirects
0 static.smartdomainsale.com Failed secureupload.nowdownload.eu
50 14
Subject Issuer Validity Valid
secureupload.nowdownload.eu
Let's Encrypt Authority X3
2020-10-06 -
2021-01-04
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-06 -
2021-07-06
a year crt.sh
*.sendpulse.com
COMODO RSA Domain Validation Secure Server CA
2018-10-30 -
2020-10-29
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.google.de
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh

This page contains 7 frames:

Primary Page: https://secureupload.nowdownload.eu/
Frame ID: B948F4E1BC980E270620BF88E4CED23D
Requests: 44 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o-vGV1rxdw4?feature=oembed
Frame ID: FCA5DE6CDD5914468E635E8B2BB53028
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/zrt_lookup.html
Frame ID: 96381F14578D710A47E06E18F093150A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6548445994798329&output=html&h=90&slotname=7748906134&adk=530571561&adf=1754252219&w=740&fwrn=4&lmt=1602021801&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=740x90_0ads_al&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&flash=0&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021800935&bpp=41&bdt=217&idt=153&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3257467687507&frm=20&pv=2&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=52760093655039&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=f9YZezCXpF&p=https%3A//secureupload.nowdownload.eu&dtd=171
Frame ID: DAF63BDBFA805DDFD9B0AAADF078517F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6548445994798329&output=html&h=280&slotname=9225639338&adk=1401410408&adf=352488452&w=740&fwrn=4&fwrnh=100&lmt=1602021801&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=740x280&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021800976&bpp=10&bdt=258&idt=137&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x90_0ads_al&correlator=3257467687507&frm=20&pv=1&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=193497582010367&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JUrExaAVwe&p=https%3A//secureupload.nowdownload.eu&dtd=142
Frame ID: 42832B80AC0789D89403D9DE162F5F5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6548445994798329&output=html&adk=1812271804&adf=3025194257&lmt=1602021801&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021801071&bpp=1&bdt=353&idt=91&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x90_0ads_al%2C740x280&nras=1&correlator=3257467687507&frm=20&pv=1&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=193497582010367&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=97
Frame ID: 63F7FDE64202FD9596F81B102A2ECA8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 7B2E1A478B0EE3B8099938D428489F7F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.secureupload.nowdownload.eu/ HTTP 301
    http://secureupload.nowdownload.eu/ HTTP 301
    https://secureupload.nowdownload.eu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<div class=(?:"|')[^"']*elementor/i
  • html /<section class=(?:"|')[^"']*elementor/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<div class=(?:"|')[^"']*elementor/i
  • html /<section class=(?:"|')[^"']*elementor/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<div class=(?:"|')[^"']*elementor/i
  • html /<section class=(?:"|')[^"']*elementor/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<div class=(?:"|')[^"']*elementor/i
  • html /<section class=(?:"|')[^"']*elementor/i
  • html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i
  • html /<link [^>]*href=(?:"|')[^"']*uploads\/elementor\/css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery\.flexslider(?:\.min)?\.js$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery\.flexslider(?:\.min)?\.js$/i

Page Statistics

50
Requests

98 %
HTTPS

90 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

518 kB
Transfer

1508 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.secureupload.nowdownload.eu/ HTTP 301
    http://secureupload.nowdownload.eu/ HTTP 301
    https://secureupload.nowdownload.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
secureupload.nowdownload.eu/
Redirect Chain
  • https://www.secureupload.nowdownload.eu/
  • http://secureupload.nowdownload.eu/
  • https://secureupload.nowdownload.eu/
30 KB
11 KB
Document
General
Full URL
https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
b6824d48adad07d43062ae9f4b553b5830be1a6805dc07fe8cea603a3e399831

Request headers

Host
secureupload.nowdownload.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

HSTS
Strict-Transport-Security: max-age=86400; preload
server
nginx
date
Tue, 06 Oct 2020 22:03:20 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
connection
close
link
<https://secureupload.nowdownload.eu/wp-json/>; rel="https://api.w.org/", <https://secureupload.nowdownload.eu/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json", <https://secureupload.nowdownload.eu/>; rel=shortlink
content-encoding
gzip
Vary
Accept-Encoding

Redirect headers

Location
https://secureupload.nowdownload.eu/
Date
Tue, 06 Oct 2020 22:03:20 GMT
Connection
keep-alive
Transfer-Encoding
chunked
style.min.css
secureupload.nowdownload.eu/wp-includes/css/dist/block-library/
53 KB
8 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Wed, 02 Sep 2020 01:02:06 GMT
server
nginx
etag
"5f4eef0e-d293"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
style.css
secureupload.nowdownload.eu/wp-content/themes/edupress/
53 KB
12 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/style.css?ver=5.5.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
dd98adf88c2233a0a634485d13da98ccde4c8ad7bfa3c5f7cffc91926c29b465

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-d4fe"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
genericons.css
secureupload.nowdownload.eu/wp-content/themes/edupress/genericons/
27 KB
17 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/genericons/genericons.css?ver=3.3.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
298e7d88ffb5e462b32c0eeff712cd62b3419743d287dbf7312214cc1b2f5fad

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-6b83"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
css
fonts.googleapis.com/
18 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25852543a448ba3265a0e2dfd1c4af9ed01c58e288e079fbe3e6764ca85318ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 22:03:20 GMT
server
ESF
date
Tue, 06 Oct 2020 22:03:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Oct 2020 22:03:20 GMT
elementor-icons.min.css
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/eicons/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
c6c2559bbfbd75165fa07056d46bf0403d126ed4cdb71e6de2e624b534a3bcd7

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-40fc"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
animations.min.css
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.11
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-4824"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
frontend-legacy.min.css
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/css/
4 KB
1014 B
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.11
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
e47b68f3dca533145fa901e7a5fb87db4adb3cbf594b6c490d74009ce376f8d4

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-f0f"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
frontend.min.css
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/css/
110 KB
16 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.11
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
482d35350c909e1ce1b5a9fbcbf00ebd0decbd0ec9742698b62a150a5e98f4f4

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-1b6ff"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
global.css
secureupload.nowdownload.eu/wp-content/uploads/elementor/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://secureupload.nowdownload.eu/wp-content/uploads/elementor/css/global.css?ver=1559091667
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
7237e565eec0896c08578538e358567814b1de94b3d248b9e4f483604c8e96b7

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Wed, 29 May 2019 01:01:07 GMT
server
nginx
etag
"5cedd9d3-12c1"
Vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
css
fonts.googleapis.com/
47 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
810bcf37c433416bf09691155966e58f4009692c5920e055c274907ba63ca9cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 21:57:04 GMT
server
ESF
date
Tue, 06 Oct 2020 22:03:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Oct 2020 22:03:20 GMT
jquery.js
secureupload.nowdownload.eu/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Wed, 22 May 2019 01:29:26 GMT
server
nginx
etag
"5ce4a5f6-17a69"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
jquery.slicknav.min.js
secureupload.nowdownload.eu/wp-content/themes/edupress/js/
8 KB
3 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/js/jquery.slicknav.min.js
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-20df"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
superfish.min.js
secureupload.nowdownload.eu/wp-content/themes/edupress/js/
4 KB
2 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/js/superfish.min.js
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-117a"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
jquery.flexslider.js
secureupload.nowdownload.eu/wp-content/themes/edupress/js/
54 KB
12 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/js/jquery.flexslider.js
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
474740e862702b7f8c7060b8537f6832f900454828531ef360bf4b37e6b183fc

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-d82a"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
client.js
tracking.sis-cdn.de/
2 KB
1 KB
Script
General
Full URL
https://tracking.sis-cdn.de/client.js
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:ad5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7376c991bf9f486035f522c133d9ded89416adeb8aab80e09182033e0a54b971

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
05a189d3c20000d6f91d806200000001
last-modified
Mon, 13 Apr 2020 12:47:34 GMT
server
cloudflare
etag
W/"622-1717394a670"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021801"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
5de2abff9ce2d6f9-FRA
3ecbfe15af9d0d603aa7d9bc9bff888e_1.js
cdn.sendpulse.com/js/push/
50 KB
17 KB
Script
General
Full URL
https://cdn.sendpulse.com/js/push/3ecbfe15af9d0d603aa7d9bc9bff888e_1.js
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2b7a3ad62586b01066130392c68c8065d26ffe0aebb85fe8c5b53a818f120ec9
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-pop
frankfurtDE
x-cache
HIT
status
200
x-age
125961
x-xss-protection
1; mode=block
x-77-nzt
AcO1ryxdnsvvCewBAA==
x-sp-ma
ma5
last-modified
Mon, 05 Oct 2020 08:45:05 GMT
server
CDN77-Turbo
etag
W/"c800-5b0e87fbbf594"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type
application/javascript
x-sp-pr
lpr7
cache-control
max-age=604800
x-edge-ip
195.181.175.44
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires
Mon, 12 Oct 2020 11:03:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
130 KB
45 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
918eccd63c5fc468af3108abc4078b9774d303298ac58a7c57f9e418d22e253a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45748
x-xss-protection
0
server
cafe
etag
81603445910454524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Oct 2020 22:03:20 GMT
ilovewp-logo-white.png
secureupload.nowdownload.eu/wp-content/themes/edupress/images/
652 B
1 KB
Image
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/images/ilovewp-logo-white.png
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3fec467a6bb63cc6efd1f7adf1f68643205cd1949d1417dc60d497f89f01bd2

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-28c"
content-type
image/png
cache-control
max-age=2592000
content-length
652
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
v1.0.js
static.smartdomainsale.com/tracking/
0
0

edupress.js
secureupload.nowdownload.eu/wp-content/themes/edupress/js/
2 KB
1 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/themes/edupress/js/edupress.js?ver=20160820
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
02d21b0fd13637676842a0aab4f8d00e5a2feac4062102cf6bc0799d5b8e8c7c

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Tue, 14 Aug 2018 13:28:11 GMT
server
nginx
etag
"5b72d8eb-76c"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
wp-embed.min.js
secureupload.nowdownload.eu/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Wed, 01 Apr 2020 02:52:58 GMT
server
nginx
etag
"5e84020a-59a"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
frontend-modules.min.js
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/js/
63 KB
18 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.0.11
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
ccf725ce07c3a39a2e42e06bf3e5c2b870543ff83b18c067f3593265392b9ccf

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-fa7a"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
position.min.js
secureupload.nowdownload.eu/wp-includes/js/jquery/ui/
6 KB
3 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Wed, 13 Nov 2019 02:04:28 GMT
server
nginx
etag
"5dcb64ac-1952"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
dialog.min.js
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/dialog/
11 KB
4 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-2a6f"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
waypoints.min.js
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/waypoints/
12 KB
3 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-2fa6"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
swiper.min.js
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/swiper/
136 KB
35 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-21f91"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
share-link.min.js
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/share-link/
3 KB
2 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.0.11
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-a12"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
frontend.min.js
secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/js/
117 KB
32 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.0.11
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
b09c98645afb557a865ee0ab55a00a75e4e833e0a121673480a909a2b3cfca3a

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Thu, 01 Oct 2020 00:20:18 GMT
server
nginx
etag
"5f7520c2-1d586"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
wp-emoji-release.min.js
secureupload.nowdownload.eu/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://secureupload.nowdownload.eu/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:5b82:8:200::3 , Germany, ASN202265 (SMARTINTERNET Smart Internet Solutions, DE),
Reverse DNS
Software
nginx /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
Content-Encoding
gzip
last-modified
Wed, 12 Aug 2020 01:10:44 GMT
server
nginx
etag
"5f334194-37a6"
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
Transfer-Encoding
chunked
connection
close
accept-ranges
bytes
HSTS
Strict-Transport-Security: max-age=86400; preload
expires
Thu, 05 Nov 2020 22:03:20 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secureupload.nowdownload.eu
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 18:24:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
13102
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Wed, 06 Oct 2021 18:24:58 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secureupload.nowdownload.eu
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 11:04:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
125945
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 05 Oct 2021 11:04:15 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secureupload.nowdownload.eu
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 18:23:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
13162
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Wed, 06 Oct 2021 18:23:58 GMT
o-vGV1rxdw4
www.youtube.com/embed/ Frame FCA5
0
0
Document
General
Full URL
https://www.youtube.com/embed/o-vGV1rxdw4?feature=oembed
Requested by
Host: secureupload.nowdownload.eu
URL: https://secureupload.nowdownload.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/o-vGV1rxdw4?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secureupload.nowdownload.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secureupload.nowdownload.eu/

Response headers

status
200
cache-control
no-cache
content-encoding
br
content-length
10899
expires
Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
date
Tue, 06 Oct 2020 22:03:20 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=0Cp-PUU1uUU; path=/; domain=.youtube.com; secure; expires=Sun, 04-Apr-2021 22:03:20 GMT; httponly; samesite=None YSC=5ScNUFgeZCE; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 06-Oct-2020 22:33:20 GMT VISITOR_INFO1_LIVE=0Cp-PUU1uUU; path=/; domain=.youtube.com; secure; expires=Sun, 04-Apr-2021 22:03:20 GMT; httponly; samesite=None
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secureupload.nowdownload.eu
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 14:47:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
26128
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 06 Oct 2021 14:47:52 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/
230 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
767c091d7a3eb3434e7b67d7fa5c6ab78d551b6c8a3fb8d3a1ca81be45a9a350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88649
x-xss-protection
0
server
cafe
etag
14171272713373412384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Oct 2020 22:03:20 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secureupload.nowdownload.eu
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 18:22:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
13257
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 06 Oct 2021 18:22:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/ Frame 9638
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201001/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201001/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secureupload.nowdownload.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secureupload.nowdownload.eu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 06 Oct 2020 17:14:50 GMT
expires
Tue, 20 Oct 2020 17:14:50 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
17310
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v16/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v16/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secureupload.nowdownload.eu
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%7CLato%3A400%2C400i%2C700%2C700i%7CLora%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 11:09:37 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:28:09 GMT
server
sffe
age
125623
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34172
x-xss-protection
0
expires
Tue, 05 Oct 2021 11:09:37 GMT
/
tracking.sis-cdn.de/
7 B
347 B
Other
General
Full URL
https://tracking.sis-cdn.de/
Requested by
Host: tracking.sis-cdn.de
URL: https://tracking.sis-cdn.de/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:ad5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAA9RniBSx7Qc0Op7

Response headers

date
Tue, 06 Oct 2020 22:03:21 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
201
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7
cf-request-id
05a189d4730000d6f91d80c200000001
server
cloudflare
etag
W/"7-rM9AyJuqT6iOan/xHh+AW+7K/T8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602021801"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://secureupload.nowdownload.eu
access-control-allow-credentials
true
cf-ray
5de2ac00befcd6f9-FRA
integrator.js
adservice.google.de/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=secureupload.nowdownload.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Oct 2020 22:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=secureupload.nowdownload.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Oct 2020 22:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DAF6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6548445994798329&output=html&h=90&slotname=7748906134&adk=530571561&adf=1754252219&w=740&fwrn=4&lmt=1602021801&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=740x90_0ads_al&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&flash=0&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021800935&bpp=41&bdt=217&idt=153&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3257467687507&frm=20&pv=2&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=52760093655039&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=f9YZezCXpF&p=https%3A//secureupload.nowdownload.eu&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6548445994798329&output=html&h=90&slotname=7748906134&adk=530571561&adf=1754252219&w=740&fwrn=4&lmt=1602021801&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=740x90_0ads_al&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&flash=0&fwr=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021800935&bpp=41&bdt=217&idt=153&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3257467687507&frm=20&pv=2&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=52760093655039&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=f9YZezCXpF&p=https%3A//secureupload.nowdownload.eu&dtd=171
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secureupload.nowdownload.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secureupload.nowdownload.eu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 06 Oct 2020 22:03:21 GMT
server
cafe
content-length
5915
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 06-Oct-2020 22:18:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Oct 2020 22:03:21 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6879bf69ca14159cb61c4420c496946a303da8a9a37f6e0b4f4e12e79cbbf06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601897795664432"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27576
x-xss-protection
0
expires
Tue, 06 Oct 2020 22:03:21 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4283
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6548445994798329&output=html&h=280&slotname=9225639338&adk=1401410408&adf=352488452&w=740&fwrn=4&fwrnh=100&lmt=1602021801&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=740x280&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021800976&bpp=10&bdt=258&idt=137&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x90_0ads_al&correlator=3257467687507&frm=20&pv=1&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=193497582010367&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JUrExaAVwe&p=https%3A//secureupload.nowdownload.eu&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6548445994798329&output=html&h=280&slotname=9225639338&adk=1401410408&adf=352488452&w=740&fwrn=4&fwrnh=100&lmt=1602021801&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=740x280&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021800976&bpp=10&bdt=258&idt=137&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x90_0ads_al&correlator=3257467687507&frm=20&pv=1&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=193497582010367&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=320&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JUrExaAVwe&p=https%3A//secureupload.nowdownload.eu&dtd=142
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secureupload.nowdownload.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secureupload.nowdownload.eu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 06 Oct 2020 22:03:21 GMT
server
cafe
content-length
22488
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 06-Oct-2020 22:18:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Oct 2020 22:03:21 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 63F7
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6548445994798329&output=html&adk=1812271804&adf=3025194257&lmt=1602021801&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021801071&bpp=1&bdt=353&idt=91&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x90_0ads_al%2C740x280&nras=1&correlator=3257467687507&frm=20&pv=1&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=193497582010367&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6548445994798329&output=html&adk=1812271804&adf=3025194257&lmt=1602021801&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecureupload.nowdownload.eu%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602021801071&bpp=1&bdt=353&idt=91&shv=r20201001&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x90_0ads_al%2C740x280&nras=1&correlator=3257467687507&frm=20&pv=1&ga_vid=2046886490.1602021801&ga_sid=1602021801&ga_hid=112964234&ga_fc=0&iag=0&icsg=193497582010367&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21067466&oid=3&pvsid=490395606565356&pem=990&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secureupload.nowdownload.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secureupload.nowdownload.eu/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 06 Oct 2020 22:03:21 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 06-Oct-2020 22:18:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Oct 2020 22:03:21 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201001&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ae6f72d59a07d5cec78e11d2ef300becad0814c02556f94a948967d72a4772a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Oct 2020 22:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6554
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201001/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 22:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Tue, 06 Oct 2020 22:03:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 7B2E
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secureupload.nowdownload.eu/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secureupload.nowdownload.eu/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Tue, 06 Oct 2020 20:55:13 GMT
expires
Wed, 06 Oct 2021 20:55:13 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4088
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
702 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201001&jk=490395606565356&bg=!X1ylXERYIA6SbIpe4DsCAAAATlIAAAAMCgGHyuzU8ob9aR3lXk7hWavTsi2V1mXSN-UoWtCm2SP-bwRXraahg3jIO3wPJwh-t3uRRXe0exPSFD9a8TduqMr-4xGl-InwqimmRTntVzVZeBKQl9NtFpbOOWZAHgiTpUGwm-O6drElobj8gPra_b-wzni2g_WNCBmQQgLUXwYiPOU76SxW37YTKq2uwBDehw6sm2anGBclhYEKoi53KACLu_rpdmZH-ohSmznPrCkGnYZXM4WeLQ0S858aQMN4u5lMLv35GhmjoXO-MH-8abT-8TsYgN7Pexfpg7_XsVjb_SE0USZ1Ods1fjo7Voy22xl8loZc3HPWNJ3nXX1WbGxMZR4wnrwDpK0Ccr9FeqKdczwANOyCNids5T9SJ2gaYRtbIIujsnk6n4Zhvd0VKwrH55XYl9hPrVRCFDuO4TOld479X5-VUrRmNhEjrgKMh1L9uhhfkkNk_mcfWGcPvYIzmII7Nz_zoeyjWB5_64JQkZ_3Xz3n7x9Qc4wVB-cbEqUNYbo1nBtdvpkBtAZ-0x6eE3xwf4ir4utjVOcAZsExDKHsK37prgji21W6PqoIdIX7Ow1DB_Vp7bacTHVfVz0nGE26HwDInVVVWIOWoVdbh-N97n_gomd-x_QBuR5tXjItfCVsuqfW4KOwv8dZ8NZUOF7VgKfpBQ3wwufBIIX77CqdEaIh5qrRZovrx645HU9lagPoa6tyTlZ6N5IpFPyWolpgcCwPrep4gkeWbG8FbPsTOVVkaivWUqJ8lDY0AcqX8egrAKd1P3BQBGuxWaIdsz22uWvAnvC60PaCj0ZuI2dqnqS5Wo5NPVXhWLeKnaxbCQSKKiyOaQOdM2J-5iiZpF4GjkTaYvaEDdfwhR7f5YPYfbG8YC9mg5KSaD82_VsyAzouqHODZLcLDvdNsZLHplhNelgqqbJ5RJEPqZrflhsmP_YFt_ehBw-62QllM6FPdwhXUlrgUanyYeeW-EABiyPhCmR-Lf54xqcN_7KfY7Lsjpiua3vgqTrarefu8nCvNH-lKXFLqgVaHhzj_f4v1g8Zq93Z_1-KChOE-3m0pZWQ-mPRHb7Y1eIqqEPyPolfNXDe6AFiQix6GlmZUXA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secureupload.nowdownload.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 22:03:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.smartdomainsale.com
URL
https://static.smartdomainsale.com/tracking/v1.0.js

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery object| jQuery112408839884742826256 object| adsbygoogle object| edupressStrings object| wp object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| __core-js_shared__ object| core object| elementorModules object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontendConfig object| elementorFrontend object| twemoji object| oSpPOptions function| oPromptPush object| oSpP function| UAParser function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlWUelkgcphrGjrhFaSY980ONlFih7xiIvdvcOgRvoE_BVQhypETOsfCI2M
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 0Cp-PUU1uUU
.youtube.com/ Name: YSC
Value: 5ScNUFgeZCE
secureupload.nowdownload.eu/ Name: de.sis-cdn.tracking:clientId
Value: 1328dfaf-ddbb-4f4c-a20f-ae4a1fa8fa36
secureupload.nowdownload.eu/ Name: __pegasus
Value: pass

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.sendpulse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
secureupload.nowdownload.eu
static.smartdomainsale.com
tpc.googlesyndication.com
tracking.sis-cdn.de
www.googletagservices.com
www.secureupload.nowdownload.eu
www.youtube.com
static.smartdomainsale.com
195.181.175.46
2606:4700:3037::681b:ad5d
2a00:1450:4001:800::200a
2a00:1450:4001:808::2003
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:820::200e
2a00:1450:4001:824::2002
2a04:5b82:8:200::2
2a04:5b82:8:200::3
02d21b0fd13637676842a0aab4f8d00e5a2feac4062102cf6bc0799d5b8e8c7c
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
25852543a448ba3265a0e2dfd1c4af9ed01c58e288e079fbe3e6764ca85318ac
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
298e7d88ffb5e462b32c0eeff712cd62b3419743d287dbf7312214cc1b2f5fad
2b7a3ad62586b01066130392c68c8065d26ffe0aebb85fe8c5b53a818f120ec9
3ae6f72d59a07d5cec78e11d2ef300becad0814c02556f94a948967d72a4772a
474740e862702b7f8c7060b8537f6832f900454828531ef360bf4b37e6b183fc
482d35350c909e1ce1b5a9fbcbf00ebd0decbd0ec9742698b62a150a5e98f4f4
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7237e565eec0896c08578538e358567814b1de94b3d248b9e4f483604c8e96b7
7376c991bf9f486035f522c133d9ded89416adeb8aab80e09182033e0a54b971
767c091d7a3eb3434e7b67d7fa5c6ab78d551b6c8a3fb8d3a1ca81be45a9a350
810bcf37c433416bf09691155966e58f4009692c5920e055c274907ba63ca9cd
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
918eccd63c5fc468af3108abc4078b9774d303298ac58a7c57f9e418d22e253a
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b09c98645afb557a865ee0ab55a00a75e4e833e0a121673480a909a2b3cfca3a
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b6824d48adad07d43062ae9f4b553b5830be1a6805dc07fe8cea603a3e399831
c6879bf69ca14159cb61c4420c496946a303da8a9a37f6e0b4f4e12e79cbbf06
c6c2559bbfbd75165fa07056d46bf0403d126ed4cdb71e6de2e624b534a3bcd7
ccf725ce07c3a39a2e42e06bf3e5c2b870543ff83b18c067f3593265392b9ccf
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
dd98adf88c2233a0a634485d13da98ccde4c8ad7bfa3c5f7cffc91926c29b465
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fec467a6bb63cc6efd1f7adf1f68643205cd1949d1417dc60d497f89f01bd2
e47b68f3dca533145fa901e7a5fb87db4adb3cbf594b6c490d74009ce376f8d4
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c