zipitnow.cfd - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is zipitnow.cfd.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.

This is the only time zipitnow.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	188.114.97.3 188.114.97.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	1

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

securedownloads.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zipitnow.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	securedownloads.cfd securedownloads.cfd	5 KB
1	zipitnow.cfd zipitnow.cfd	718 B
4	2

	Domain	Requested by
3	securedownloads.cfd	securedownloads.cfd
1	zipitnow.cfd	securedownloads.cfd
4	2

This site contains no links.

Subject Issuer	Validity	Valid
securedownloads.cfd WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
zipitnow.cfd WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zipitnow.cfd/download?7a87=056127eedc6976ae6f49&filehost=5694a0df20d1c472&8a9e=056127eedc6976ae6f49
Frame ID: 1B83A80104872E594CC128813DDF4D18
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 HTTP 307
https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 Page URL
https://securedownloads.cfd/requesting?2ecd=9b30897d08ce820bbbdc&&redirect=2&55a1=8f8258c3cb6cf677bd33 Page URL
https://securedownloads.cfd/requesting?a0aa=087f1e417daabe9e78fb&&redirect=1&ead7=691e12767a44b8f306b5 Page URL
https://zipitnow.cfd/download?7a87=056127eedc6976ae6f49&filehost=5694a0df20d1c472&8a9e=056127eedc... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

5 kB
Transfer

6 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 HTTP 307
https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 Page URL
https://securedownloads.cfd/requesting?2ecd=9b30897d08ce820bbbdc&&redirect=2&55a1=8f8258c3cb6cf677bd33 Page URL
https://securedownloads.cfd/requesting?a0aa=087f1e417daabe9e78fb&&redirect=1&ead7=691e12767a44b8f306b5 Page URL
https://zipitnow.cfd/download?7a87=056127eedc6976ae6f49&filehost=5694a0df20d1c472&8a9e=056127eedc6976ae6f49 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 HTTP 307
https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	requesting securedownloads.cfd/ Redirect Chain http://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54	2 KB 2 KB	682ms 474ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e0591465f3b7763-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 10 Nov 2024 11:05:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3AE8WPw%2BMWb9wpiLkIAUjLZpVzO5yCl5vFYZnb2IdykuIirPlTpZ40DXh9HiUjvhMoJZhPS9Qrh3Lr%2Fj6%2BH%2BB7cJ9VESTXJ4TmlT%2B0GbYSzWJNJx6jlV3w2frgjFl4TIMrSUIY5z"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=13005&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4189&recv_bytes=4591&delivery_rate=736&cwnd=12000&unsent_bytes=0&cid=8bc1394c4511d089&ts=652&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding,User-Agent x-powered-by PHP/8.0.30 Redirect headers Location https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 Non-Authoritative-Reason HttpsUpgrades
GET H3	200	requesting securedownloads.cfd/	2 KB 1 KB	181ms 181ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://securedownloads.cfd/requesting?2ecd=9b30897d08ce820bbbdc&&redirect=2&55a1=8f8258c3cb6cf677bd33 Requested by Host: securedownloads.cfd URL: https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 Resource Hash Request headers Referer https://securedownloads.cfd/requesting?75c0=2309f1ac5373a2c6ad21&redirect=3&110c=054d11ff520cca902e54 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e05914b8d8c7763-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 10 Nov 2024 11:05:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHNmDZpIOZf7WND0zRw2SmUQqEzgtW3yURu25DIt6TNjdLzGSmYD8zab7EKVb8gwr%2FjOikD2rqynsCg7UNTw%2B1s40tVNF328FrvTJ6pRi5loeL8ys9%2BM7eJrR48SJq2lAdn73XyC"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=12877&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5819&recv_bytes=5138&delivery_rate=133964&cwnd=12000&unsent_bytes=0&cid=8bc1394c4511d089&ts=1185&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding,User-Agent x-powered-by PHP/8.0.30
GET H3	200	requesting securedownloads.cfd/	2 KB 2 KB	182ms 181ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://securedownloads.cfd/requesting?a0aa=087f1e417daabe9e78fb&&redirect=1&ead7=691e12767a44b8f306b5 Requested by Host: securedownloads.cfd URL: https://securedownloads.cfd/requesting?2ecd=9b30897d08ce820bbbdc&&redirect=2&55a1=8f8258c3cb6cf677bd33 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 Resource Hash Request headers Referer https://securedownloads.cfd/requesting?2ecd=9b30897d08ce820bbbdc&&redirect=2&55a1=8f8258c3cb6cf677bd33 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e05914e7a3b7763-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 10 Nov 2024 11:05:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MSzyW0PGJ%2FFo4lFs1%2Bkdibp8%2BkHKGzei%2BxgUeNQaKkd%2FjaP8tFcGicvnPhaEmTsK%2Fs%2F1ZqoHHPbAeu4sZyhcWcICY5ogqXgJ%2FSiPr9jYWrl%2BRo3si5nqxIoLzdMaAqLhv3H2Dan"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=12755&sent=18&recv=15&lost=0&retrans=0&sent_bytes=7411&recv_bytes=5688&delivery_rate=8793&cwnd=12000&unsent_bytes=0&cid=8bc1394c4511d089&ts=1662&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding,User-Agent x-powered-by PHP/8.0.30
GET H3	200	Primary Request download Show response zipitnow.cfd/	25 B 718 B	561ms 463ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zipitnow.cfd/download?7a87=056127eedc6976ae6f49&filehost=5694a0df20d1c472&8a9e=056127eedc6976ae6f49 Requested by Host: securedownloads.cfd URL: https://securedownloads.cfd/requesting?a0aa=087f1e417daabe9e78fb&&redirect=1&ead7=691e12767a44b8f306b5 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 Resource Hash `e850d785566577c38637fd86c57d404e76bd0789c3cc485360b7562f3604aa4b` Request headers Referer https://securedownloads.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e0591505aeb06da-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 10 Nov 2024 11:05:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ssJ4uCbqWfMXdiySRn4Eh4WHgY1sfPj4LQxjZUi0WcLRDh5XXf2B2wZciec6btVbUI8GplzEYlpO3Y4VC0utDgLI0y590srNhY%2BbG3grA5W5kePjUQ9GvNwyS%2BNcOZc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=13955&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4201&recv_bytes=4610&delivery_rate=674&cwnd=12000&unsent_bytes=0&cid=66f94fe1adcb2ece&ts=521&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding,User-Agent x-powered-by PHP/8.0.30

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

securedownloads.cfd
zipitnow.cfd
188.114.97.3
e850d785566577c38637fd86c57d404e76bd0789c3cc485360b7562f3604aa4b

zipitnow.cfd Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

5 kBTransfer

6 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

zipitnow.cfd Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

5 kB
Transfer

6 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions