urlscan.io logo urlscan.io
SecurityTrails logo

download-final-step.com Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rrq2313.xyz/3mjzEGIFN1?fbclid=IwAR1zq1NoLc-7KRZtpu4dhWwlt5z0Nh48QCwvQ01A9GBoq67-E1sFW9ucwL4
Effective URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Submission Tags: falconsandbox
Submission: On September 11 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is download-final-step.com. The Cisco Umbrella rank of the primary domain is 89108.
TLS certificate: Issued by E1 on September 2nd 2022. Valid for: 3 months.
This is the only time download-final-step.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 64.227.23.114 14061 (DIGITALOC...)
2 3 35.186.243.67 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 5
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
rrq2313.xyz
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    35.186.243.67 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 67.243.186.35.bc.googleusercontent.com
buzzonclick.com
4    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
download-final-step.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 download-final-step.com
download-final-step.com — Cisco Umbrella Rank: 89108
25 KB
3 buzzonclick.com
buzzonclick.com — Cisco Umbrella Rank: 331244
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
2 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 thegadgetguru.club
polo.thegadgetguru.club
328 B
1 rrq2313.xyz
rrq2313.xyz
712 B
0 Failed
function sub() { [native code] }. Failed
12 7
Domain Requested by
4 download-final-step.com buzzonclick.com
download-final-step.com
3 buzzonclick.com 2 redirects
2 fonts.googleapis.com download-final-step.com
1 fonts.gstatic.com fonts.googleapis.com
1 polo.thegadgetguru.club 1 redirects
1 rrq2313.xyz 1 redirects
0 jfeofbkfcmflbdpoalgojinabfcmlnhd Failed download-final-step.com
12 7

This site contains links to these domains. Also see Links.

Domain
adblock-max.com
Subject Issuer Validity Valid
buzzonclick.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-30 -
2023-06-30		 a year crt.sh
*.download-final-step.com
E1		 2022-09-02 -
2022-12-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Frame ID: A6BA4491C81A29088BE5EDACE9F4FA67
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ready

Page URL History Show full URLs

  1. https://rrq2313.xyz/3mjzEGIFN1?fbclid=IwAR1zq1NoLc-7KRZtpu4dhWwlt5z0Nh48QCwvQ01A9GBoq67-E1sFW9ucwL4 HTTP 302
    https://polo.thegadgetguru.club/?k=f459ce2bdfa0fff818ddd014931d3fb6&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=55... Page URL
  2. https://buzzonclick.com/jump/next.php?stamat=m%257CZnt2Eq9iaQdH8AH0dEdHP3xP.42f%252C7H0PozvLiGV-YkDx... HTTP 302
    https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252CQ2O2IiMSoGU3BP-GH0dEdHP3xP.ce4%252C27T6_... HTTP 302
    https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

67 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

74 kB
Transfer

92 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rrq2313.xyz/3mjzEGIFN1?fbclid=IwAR1zq1NoLc-7KRZtpu4dhWwlt5z0Nh48QCwvQ01A9GBoq67-E1sFW9ucwL4 HTTP 302
    https://polo.thegadgetguru.club/?k=f459ce2bdfa0fff818ddd014931d3fb6&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10 Page URL
  2. https://buzzonclick.com/jump/next.php?stamat=m%257CZnt2Eq9iaQdH8AH0dEdHP3xP.42f%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrqQxkaFYg3u9S_TmPY2hF2oUbFKwOb3rNBqsq6Tg8ilADm9ZLjH70B8EFQmdW5w0GiMsJX6vp3lNn0s8gmr-8C&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10&cbur=0.18490353281042626&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252CQ2O2IiMSoGU3BP-GH0dEdHP3xP.ce4%252C27T6_eSGR9aSSbP5FxLYViwMOCxC93qbK68Y1XvBnGLkcs9Gli2WekjNHVlQL_aX-rLZb1dEtRuf0LotPOGfSvlLmaRGUVpQK6cCc72cf75lqyKhLBb5Rgw-iCenO2ZLUBTEav6hA_ThZMItws3CIUAviUkyJi2o2u64G182Xzha2LtXntqCM61C5X1ygY1XcPwRsJMf53OjVwjFSMOpuJl3aQcsxvBb5syJL-kbDv2UpQyANHIPlKzEeIswemwLeN1z6RxHBh2KCDHgr3sqyHeSPr4Pp7d4IdCPoQEjOiWgFkl5KrroGE16hy6_N8jHaNbSPqH4t_gU2x-B9p_xor-CMyCgZ-6Ip00oFyQEJwD3Wpe7x9Y153mR9JZRmy6IshceZbBruIZsAo_ZNgOTEPcD6wtyghI4Po8ES-r6G5upWXatj-FNz51hjCxyIuU7nm5THPmhSs7ItIOZcep52D61h9DqCRzQpNFs4esopxbVedQBLX9LT76Xr68MToK_t06OihYL5v2su-UtsYvoW7ZP7X8SibLuQ9ucmxJIApXF0euW_gzSSiscrZZWE8Rq0XR8NBAlnurfAW4FjcGJPsuSs7SFabpEELgS6EzEDD2iHNv0fvUJDR3PDyXn-3Gd HTTP 302
    https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rrq2313.xyz/3mjzEGIFN1?fbclid=IwAR1zq1NoLc-7KRZtpu4dhWwlt5z0Nh48QCwvQ01A9GBoq67-E1sFW9ucwL4 HTTP 302
  • https://polo.thegadgetguru.club/?k=f459ce2bdfa0fff818ddd014931d3fb6&type=mainstream&subtype=global HTTP 302
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
buzzonclick.com/jump/
Redirect Chain
  • https://rrq2313.xyz/3mjzEGIFN1?fbclid=IwAR1zq1NoLc-7KRZtpu4dhWwlt5z0Nh48QCwvQ01A9GBoq67-E1sFW9ucwL4
  • https://polo.thegadgetguru.club/?k=f459ce2bdfa0fff818ddd014931d3fb6&type=mainstream&subtype=global
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.67 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
67.243.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 11 Sep 2022 12:47:48 GMT
server
openresty
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 11 Sep 2022 12:47:48 GMT
Location
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10
Server
nginx/1.16.1 (Ubuntu)
Primary Request notification.html
download-final-step.com/
Redirect Chain
  • https://buzzonclick.com/jump/next.php?stamat=m%257CZnt2Eq9iaQdH8AH0dEdHP3xP.42f%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrqQxkaFYg3u9S_TmPY2hF2oUbFKwOb3rNBqsq6Tg8ilADm9ZLjH70B8EFQmdW5w0GiMsJX6...
  • https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252CQ2O2IiMSoGU3BP-GH0dEdHP3xP.ce4%252C27T6_eSGR9aSSbP5FxLYViwMOCxC93qbK68Y1XvBnGLkcs9Gli2WekjNHVlQL_aX-rLZb1dEtRuf0LotPOGfSvlLmaRGUVpQK6cCc7...
  • https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Requested by
Host: buzzonclick.com
URL: https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8a0af938f1a4ebefdf6d882b6cccd2f1a07c1b9889cfed98e0ebd1f2a76519
Security Headers
Name Value
Strict-Transport-Security max-age=16000000 max-age=16000000

Request headers

Referer
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=acaf03d854d362ebc7db2872fc60bb10&sub1=5532&clickid=acaf03d854d362ebc7db2872fc60bb10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7490839a7e849273-FRA
content-encoding
br
content-type
text/html
date
Sun, 11 Sep 2022 12:47:48 GMT
last-modified
Tue, 05 Jul 2022 07:24:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaEpspOhcYJ27VW2VCnWlirrcduNDmM7hIMq%2B5qxWJ%2Fb6%2BTViakBZrWrBtgjS6LREF2yV0u0XHwXawS%2F2m97kdXKKNos6KSpz0m8av39ozmYtv%2FUbYoJD5dhT7R4JWTNuXgXojJDIVjwdyRBQuPY4kLEgSr0Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=16000000 max-age=16000000
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sun, 11 Sep 2022 12:47:48 GMT
location
https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
referrer-policy
no-referrer
server
openresty
via
1.1 google
chrome-notification-LP.css
download-final-step.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download-final-step.com/chrome-notification-LP.css
Requested by
Host: download-final-step.com
URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c88396d4f4808ac5fc4d65ca8924451d13ceff3cdeccc0669f53633f9a4c84b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000, max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 12:47:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1547
cf-polished
origSize=2700
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Jul 2022 07:24:24 GMT
server
cloudflare
etag
W/"a8c-5e309bdf22b94-gzip"
strict-transport-security
max-age=16000000, max-age=16000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ByWJ7InVFF%2Bphg8V4mMhauy9aPoGXGD6FX47e31kVoh6Ou9QEUFw5nsj9cszJ6WiyfIPhIChsXugVF%2Bla9iLmh9EagnwnwvamQgHuGOpd%2Fy4HgGS%2BFZUgtvqS70xyj6Dd0c7tfy%2FKatjxkt%2FqWXd%2B8bSVs52A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7490839b1c3d92c5-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		8 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Requested by
Host: download-final-step.com
URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1dab49c7e7f030b2673f47a20ce13a30211a6c8c3699456d233453fe94e751a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://download-final-step.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Sep 2022 11:51:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 11 Sep 2022 12:47:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Sep 2022 12:47:49 GMT
css
fonts.googleapis.com/ 		1 KB
992 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&display=swap
Requested by
Host: download-final-step.com
URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
caa761f345bab156984d7a0a5c51062cbc19dbecf61dc28a7972756bda9dc914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://download-final-step.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Sep 2022 11:49:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 11 Sep 2022 12:47:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Sep 2022 12:47:49 GMT
gear.png
download-final-step.com/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-final-step.com/img/gear.png
Requested by
Host: download-final-step.com
URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6004485d4591d0541dae0fcd5d1f0acd0f045a438319dc512553daececdfd420
Security Headers
Name Value
Strict-Transport-Security max-age=16000000, max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 12:47:48 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 12:32:48 GMT
server
cloudflare
age
970
etag
W/"35d4-5e427aea4a132-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdSVRCKnJe8gn5HaEknsfavorlgVfNB6a1D8HrkCVUMNdAWL%2FPjU3uulk9adBNxDtLpKUbDSdx9fN1I8eUGVYiH5R3pTrCyDw3o5w1SJG%2BzS65R1nI3F0e3hhP6v0mp5XLvLwFoK1N7h08OoTkC4khGEoxSwzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000, max-age=16000000
cf-ray
7490839b1c4192c5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ChromeWebStore_Badge_v2_340x96.png
download-final-step.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download-final-step.com/img/ChromeWebStore_Badge_v2_340x96.png
Requested by
Host: download-final-step.com
URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49e4bff319083c20b3386f23547315773631e155e389ed42550295e4913e12d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000, max-age=16000000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 12:47:48 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 12:32:48 GMT
server
cloudflare
age
4472
etag
W/"1608-5e427aea63772-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYM2zQWuDb6kbmEQJTjty%2FCh%2BbTeb1F8c9%2Bc7erWW7S1hqGZM4Z1Mg%2BnGdYciI8GEswVC3VMWgBqg6V4HFPGWsDZClxqGP7dYcxFmy%2FpBby8LaqzKCbu3GMLgmjThqtP8Dht37zywkEClg%2FWkAwy8PbpyyacUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16000000, max-age=16000000
cf-ray
7490839b1c4392c5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo@128.png
jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/ 		0
0
logo@128.png
jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/ 		0
0
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://download-final-step.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 18:50:24 GMT
x-content-type-options
nosniff
age
496646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 18:50:24 GMT
logo@128.png
jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/ 		0
0
logo@128.png
jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jfeofbkfcmflbdpoalgojinabfcmlnhd
URL
chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Domain
jfeofbkfcmflbdpoalgojinabfcmlnhd
URL
chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Domain
jfeofbkfcmflbdpoalgojinabfcmlnhd
URL
chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Domain
jfeofbkfcmflbdpoalgojinabfcmlnhd
URL
chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| popupchrome undefined| source string| navlangue number| checker function| chromeinitcontrol object| h function| g

0 Cookies

8 Console Messages

Source Level URL
Text
javascript error URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0(Line 119)
Message:
Access to XMLHttpRequest at 'chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png' from origin 'https://download-final-step.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network error URL: chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Message:
Access to XMLHttpRequest at 'chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png' from origin 'https://download-final-step.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network error URL: chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Message:
Access to XMLHttpRequest at 'chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png' from origin 'https://download-final-step.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network error URL: chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://download-final-step.com/notification.html?an=ac&cid=166290046810000TDETV416077147124Va5&sid=5660982-4172137540-0
Message:
Access to XMLHttpRequest at 'chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png' from origin 'https://download-final-step.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network error URL: chrome-extension://jfeofbkfcmflbdpoalgojinabfcmlnhd/assets/logo@128.png
Message:
Failed to load resource: net::ERR_FAILED