nowforfile.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u
Effective URL:
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246a...
Submission: On May 12 via api (May 12th 2024, 1:22:18 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 9 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is nowforfile.com. The Cisco Umbrella rank of the primary domain is 516871.
TLS certificate: Issued by GTS CA 1P5 on May 6th 2024. Valid for: 3 months.

This is the only time nowforfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a05:d018:483... 2a05:d018:483:6130:5877:415b:10dc:4366	16509 (AMAZON-02) (AMAZON-02)
2 3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.174.130 172.67.174.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	172.67.68.197 172.67.68.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
9	8

1 2a05:d018:483:6130:5877:415b:10dc:4366 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

eastrk-dl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

adspredictiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.130 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk.glasssmash.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

nowforfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.197 (United States)

ASN13335 (CLOUDFLARENET, US)

yourjsdelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

nostop.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	adspredictiv.com 2 redirects adspredictiv.com	5 KB
2	gstatic.com fonts.gstatic.com	98 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	36 KB
2	nowforfile.com nowforfile.com — Cisco Umbrella Rank: 516871	5 KB
1	go2cloud.org nostop.go2cloud.org — Cisco Umbrella Rank: 454737	523 B
1	yourjsdelivery.com yourjsdelivery.com — Cisco Umbrella Rank: 452769	7 KB
1	glasssmash.site 1 redirects trk.glasssmash.site	551 B
1	eastrk-dl.com 1 redirects eastrk-dl.com	3 KB
9	8

	Domain	Requested by
3	adspredictiv.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	nowforfile.com	adspredictiv.com
1	nostop.go2cloud.org	nowforfile.com
1	ajax.googleapis.com	nowforfile.com
1	yourjsdelivery.com	nowforfile.com
1	fonts.googleapis.com	nowforfile.com
1	trk.glasssmash.site	1 redirects
1	eastrk-dl.com	1 redirects
9	9

This site contains links to these domains. Also see Links.

Domain
www.7-zip.org

Subject Issuer	Validity	Valid
adspredictiv.com GTS CA 1P5	`2024-04-27` - `2024-07-26`	3 months	crt.sh
nowforfile.com GTS CA 1P5	`2024-05-06` - `2024-08-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
yourjsdelivery.com GTS CA 1P5	`2024-03-21` - `2024-06-19`	3 months	crt.sh
*.go2cloud.org Amazon RSA 2048 M02	`2024-01-22` - `2025-02-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
Frame ID: C9B3918876E26443DABD0044AB87A10E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download SETUP FILE - Free

Page URL History Show full URLs

https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&su... Page URL
https://adspredictiv.com/jump/next.php?stamat=m%257CO-djdzYhaQdH8AH0dEdHP3xP.5f8%252C7H0PozvLiGV-YkDx... HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23538268&stamat=m%257C%252C%252CQ3Ki4iN-oGU3Bf-GH0dEdHP3x... HTTP 302
https://trk.glasssmash.site/j79xu4?title=SETUP%20FILE&t=download_o1&source=6536622-1984015597-0&click_id... HTTP 302
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae64081... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

150 kB
Transfer

251 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.7-zip.org/a/7z2401.msi
Title: Download Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2= Page URL
https://adspredictiv.com/jump/next.php?stamat=m%257CO-djdzYhaQdH8AH0dEdHP3xP.5f8%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHSBwbLkSKlFDxRNthCVePnEwJnA6dUG1PeFHgdCp2-hjcDGXCsXuPqwFp3dqt7_1-&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=&cbur=0.7193917454170564&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81724%20bits HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23538268&stamat=m%257C%252C%252CQ3Ki4iN-oGU3Bf-GH0dEdHP3xP.2da%252C1pBr4EfzAS96Eq4A-AU0iqJDThiUMqLyW1uv-4XxN-IK0_bnQqsbdiIGKvuXoS1EZhMEWtpEAZZCKvN7NzqVzRAOquB90tRIMZJq72AvOCvJnvm31unBoUCCjOcxGXXtoDppiM21qFW6pZimFL8eYsX1JiaGDT3RvEIRxkapLTLUx_Nhe-1XIbvChFoh77h6qM_Vjx3T_6jlO5TQR1T73gbkjw9OVAhQDMYcRWXHvZHLanQhhaeQ8PLeYuh1EPDn7UtzHJsVBkNyjp_37UHjWNl4bWNMn40ZqisKZx7DMJUZ8Jkrc2gYymkUrPQVjUmuExAECwtk5lSEC-MLzfZ6nnK_Pi9lu9GpviifFs5F-TAv-_D__aMff2ntOI1Pg6L1QJALy4cVz90_OqvgxlmPzSE_-lIlnztJSe9yq0-vHSF2_TjGQm1q19Vr-vBbqTtE3PryBebEK0FuUyddtHb3Qk8bB797_-HCcLuFjln5T1Ei4VnZ7SkyZMwp51_INQMfFowK0X2JlkgpPymXEEDQPF8h4-Ci2ht6rUjRQuRKoOg0cHY6Aa_tQG2mA5eLyrQGsAAobImMpeNhry6OhJu4CR9Gerza7PBVSzv_j_avI7VHGX4Qoek7qOqPl4ZM26ic1pZOSL6tX2At2kC3F5md_js96xxzHEInSh5TS5f6mcVSz0NQnOSVPfs5eFXHqS8S HTTP 302
https://trk.glasssmash.site/j79xu4?title=SETUP%20FILE&t=download_o1&source=6536622-1984015597-0&click_id=171552013210000TDETV413588908744Vee HTTP 302
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=

9 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

next.php
adspredictiv.com/jump/
Redirect Chain

https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=

8 KB
3 KB

231ms
182ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 882ab758a9dc1e4d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 12 May 2024 13:22:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=olD63UY6ypO%2BDD%2Fyz%2BX7GxB03cahF7WrW5BkxDCD%2F6S9x%2BSIJeAULAC7oisoBxN9Z3NzVCTioGdqfm2%2F0fDCts96DncHk1PdW5nLT5BDKp%2BWyYr6BG16xepckbJYi8%2B1tPU3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-language: en-US
content-type: text/html;charset=ISO-8859-1
date: Sun, 12 May 2024 13:22:11 GMT
location: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=
server: nginx

GET
H3

200

Primary Request d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5 Show response
nowforfile.com/
Redirect Chain

https://adspredictiv.com/jump/next.php?stamat=m%257CO-djdzYhaQdH8AH0dEdHP3xP.5f8%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHSBwbLkSKlFDxRNthCVePnEwJnA6dUG1PeFHgdCp2-hjcDGXC...
https://adspredictiv.com/script/i.php?t=1&c=23538268&stamat=m%257C%252C%252CQ3Ki4iN-oGU3Bf-GH0dEdHP3xP.2da%252C1pBr4EfzAS96Eq4A-AU0iqJDThiUMqLyW1uv-4XxN-IK0_bnQqsbdiIGKvuXoS1EZhMEWtpEAZZCKvN7NzqVzR...
https://trk.glasssmash.site/j79xu4?title=SETUP%20FILE&t=download_o1&source=6536622-1984015597-0&click_id=171552013210000TDETV413588908744Vee
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5

9 KB
4 KB

566ms
503ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
Requested by: Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.27
Resource Hash: 1e754f4fa261fddfb5680fd6de0d08f94a70a79e7928f1189026e31be011ef31

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 882ab75ee9471d8a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 12 May 2024 13:22:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsIJ%2FD6zC1N7UpdSFFlIjFkDexdlvCzcZPQntx02oYQA3r1Wz6qlznMwbnvyUtNg2MRZmiihx3eR8seHki6PJ6DlCYQ4QMNb4Z77a6kOf63lmqUxV001qaRGBme2eVn%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.27

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 882ab75d5c679bb0-FRA
content-type: text/html; charset=UTF-8
date: Sun, 12 May 2024 13:22:12 GMT
location: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FWmwmuuU3vA6Xig2TKKnZehdVk0LRGRf9kTTJg%2FjWRkJIDe290MFYd8UCxOJjL9dVdCbH%2BHuy9Yvk1Ig0Q98PIaTpbJ2T2tZAcwW5S9F2NfrFl6BpKsM0je6tRXsuGxbrr6xhPL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.27

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 144ms
50ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400

Requested by

Host: nowforfile.com
URL: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c35dc762a8d6fd2185602ba6195aba04bf0d437ce5f3af58a4edd39bdefb62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowforfile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 May 2024 13:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 May 2024 13:13:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 May 2024 13:22:13 GMT

GET
H2 200 dl.min.js Show response
yourjsdelivery.com/ 18 KB
7 KB 358ms
250ms Script
text/html 172.67.68.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourjsdelivery.com/dl.min.js
Requested by: Host: nowforfile.com
URL: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowforfile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 13:22:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M2kisxIloXQGQ6prtLnB3UL1PV5oWa06aCGmPFOqQYmWK2zkj49x2mijqX%2BbskZ4bxfyaWAhDhKJuUrltRyyA1mV4DMVFA3tvlnQm1P%2BddVaBkQZoF49vSNgRJQfPeMvrIL%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 882ab762cc4d9a1e-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 95 KB
34 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js

Requested by

Host: nowforfile.com
URL: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowforfile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 16:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34044
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 16:16:27 GMT

GET
H/1.1 200
OK aff_i
nostop.go2cloud.org/ 43 B
523 B 193ms
65ms Image
image/gif 18.202.12.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nostop.go2cloud.org/aff_i?offer_id=235&aff_id=2267&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=2267-6536622-1984015597-0&adv_sub=https%3A%2F%2Fwww.7-zip.org%2Fa%2F7z2401.msi&adv_sub5=Chrome&adv_sub4=&adv_sub3=trk.glasssmash.site&adv_sub2=nowforfile.com
Requested by: Host: nowforfile.com
URL: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowforfile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 12 May 2024 13:22:13 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 102eafc199ee2d7c341ca84b249b51
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: ecfdc50bc62b2f31ba087e7d02eb2174
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5abb3576ba4898e8735e6ca8cab8fb1da65da48cd821e9ce6822d8768d09ddb7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b72763b1cc36380518c7e97fb87e2b243d3f90eaf9ffb9253ae5ad6d1bb5f39

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://nowforfile.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 477081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 00:50:53 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 171ms
85ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700|Roboto+Condensed:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://nowforfile.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:34:49 GMT
x-content-type-options: nosniff
age: 373645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 05:34:49 GMT

GET
H3 404 favicon.ico
nowforfile.com/ 571 B
573 B 61ms
61ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nowforfile.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 023c54a1285c76d07951260b121e14893cd199ae0e557e479c7796f5212709dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 13:22:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6kXxrG32AjMj7xZhIQc1mS7myX77dnJUaRY5ptLJbuvaySfXtf9U%2FCHwdlz%2FLkx%2FKS2k1QGkvQvkI85quIZ60CUiHuJ2YYNeA0ciOt7ltqAD8mLkS39j4irm49737HVow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 882ab7668c131d8a-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_click_freq_v2_1_001 Value: OxGjV6XpcXangzh4Sty+jsw9nFUY10s4i/6MZUU4fWtkGoOh31N3YAoPwKLYXMNn
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_sid_v2_3_001 Value: HvMT+7D4db3U5EEnOMIp5tmgplBIAV29zxLjt1qcmHjfM1vFj684Tfl9U4YZmVHZvzeFjHviLjJqIMRhWX4jX77kalfswSLuiPvZWuMjG7F0IRo4z/kV4cvUJBEuJlpNGNd4+1ftr98HUyTMjPkvV/l0IeBOYRIPg7bl8sNnWwrZAQJGMlmZY3TG4j2AGUmwRV0OrqN8wriqQ/Q/s5puCKr2i23Jv9AuNc2kfrniAOtM6lMr6PG9Fx0W7JLX5CHp6Bm+SURLIhsXjgDz9RntPEG57tqwc0JmgS8kqBH2DYyHwCd0pzHCdXe/28tIpjpC+DVi9i43wWsL+bUD9yJ8BRDXVWLPim6JUz5GcNi1Ti8WfnpnRJg4z/Glg/Pmp2ppgItbG5/2PfzcyipufLpWptKbTB8C9Im5fwhRmSx3qK57IgMWnHIZxvLci8mUKWILYz+ZQGD8e673Jgj2pEH4ZFwy8btLKlEcitaxsSt08J+hHwIxOnI/89Dz3ylTcnu0/yPpOlfhoP9VQPF6DgKQ/naVSlgeM4ttRfFy++M6FAsiaKk2do04rn/8W2F0U33KFu3ETloHrb9TJLZFil6p0cyVK/viVhTyiUbkFGMsNsgTO6UwDEGX1yO3NoQi79RC7HL9sqggJV7UMzemKtqKdv75f9PR+EIkDQml7WHWAN6gWYip+K8pUHL5ZPbkCmniM+wRbtFo+YwEgT4Sfw0YaqWrLApeKk2SCpL/ZWAOCtmS5C/1kRUUh9bK0KfGyZUnCwRYQfHFpaiVQEsw86uZkNMHUfhdYR7+0A9Q/XsKtdjabxj27ztoPK7tf3ymv5dGPtDzcsq2cIzqb6apVqNBssk/VnT++EoLr8KkV42i9XyI5WsamhG4ri+6dOV0qiB3PlLTBRM6/k2G4B5alGKM4z3W/uJlwaazVkAmx16ebhlaryyCCa+4pkga6GTfEA0NqJjccv84stqm08f+DUytYYACQX0low3LTBylh/z+3qA3zlri7d55WUrHvXjDjLOSFpk9tHdKqtS8bwMI7O+hxDxZ88pt4k81EpZ6rwUglKfwJCNJeO7bQDD2X+aaOrpBiyqWyFHC++MDjSRG4fxRXsfy20k/I1HdNr+8g4750lU=
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_click_freq_v1_1_001 Value: OxGjV6XpcXangzh4Sty+jsw9nFUY10s4i/6MZUU4fWtkGoOh31N3YAoPwKLYXMNn
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_uid_v2_1_001 Value: iCnsq8/lZC/3B0TvVuaPcNw3whBclXl0Wy7MehxFzExqdgzdpu69JGntZ3tVyODo
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_uid_v1_1_001 Value: iCnsq8/lZC/3B0TvVuaPcNw3whBclXl0Wy7MehxFzExqdgzdpu69JGntZ3tVyODo
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_sid_v1_3_001 Value: HvMT+7D4db3U5EEnOMIp5tmgplBIAV29zxLjt1qcmHjfM1vFj684Tfl9U4YZmVHZvzeFjHviLjJqIMRhWX4jX77kalfswSLuiPvZWuMjG7F0IRo4z/kV4cvUJBEuJlpNGNd4+1ftr98HUyTMjPkvV/l0IeBOYRIPg7bl8sNnWwrZAQJGMlmZY3TG4j2AGUmwRV0OrqN8wriqQ/Q/s5puCKr2i23Jv9AuNc2kfrniAOtM6lMr6PG9Fx0W7JLX5CHp6Bm+SURLIhsXjgDz9RntPEG57tqwc0JmgS8kqBH2DYyHwCd0pzHCdXe/28tIpjpC+DVi9i43wWsL+bUD9yJ8BRDXVWLPim6JUz5GcNi1Ti8WfnpnRJg4z/Glg/Pmp2ppgItbG5/2PfzcyipufLpWptKbTB8C9Im5fwhRmSx3qK57IgMWnHIZxvLci8mUKWILYz+ZQGD8e673Jgj2pEH4ZFwy8btLKlEcitaxsSt08J+hHwIxOnI/89Dz3ylTcnu0/yPpOlfhoP9VQPF6DgKQ/naVSlgeM4ttRfFy++M6FAsiaKk2do04rn/8W2F0U33KFu3ETloHrb9TJLZFil6p0cyVK/viVhTyiUbkFGMsNsgTO6UwDEGX1yO3NoQi79RC7HL9sqggJV7UMzemKtqKdv75f9PR+EIkDQml7WHWAN6gWYip+K8pUHL5ZPbkCmniM+wRbtFo+YwEgT4Sfw0YaqWrLApeKk2SCpL/ZWAOCtmS5C/1kRUUh9bK0KfGyZUnCwRYQfHFpaiVQEsw86uZkNMHUfhdYR7+0A9Q/XsKtdjabxj27ztoPK7tf3ymv5dGPtDzcsq2cIzqb6apVqNBssk/VnT++EoLr8KkV42i9XyI5WsamhG4ri+6dOV0qiB3PlLTBRM6/k2G4B5alGKM4z3W/uJlwaazVkAmx16ebhlaryyCCa+4pkga6GTfEA0NqJjccv84stqm08f+DUytYYACQX0low3LTBylh/z+3qA3zlri7d55WUrHvXjDjLOSFpk9tHdKqtS8bwMI7O+hxDxZ88pt4k81EpZ6rwUglKfwJCNJeO7bQDD2X+aaOrpBiyqWyFHC++MDjSRG4fxRXsfy20k/I1HdNr+8g4750lU=
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_click_adv_freq_v1_1_001 Value: WGP2hL1mCj4amHrx09xyl/fq1o6OiGBQgCMomCP6mAjjErJFC7+Y6unea8Alv8V2
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/	1970-01-20 22:41:36	Name: gdm_click_adv_freq_v2_1_001 Value: WGP2hL1mCj4amHrx09xyl/fq1o6OiGBQgCMomCP6mAjjErJFC7+Y6unea8Alv8V2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nowforfile.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
ajax.googleapis.com
eastrk-dl.com
fonts.googleapis.com
fonts.gstatic.com
nostop.go2cloud.org
nowforfile.com
trk.glasssmash.site
yourjsdelivery.com
172.67.174.130
172.67.68.197
18.202.12.61
188.114.96.3
188.114.97.3
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200a
2a05:d018:483:6130:5877:415b:10dc:4366
023c54a1285c76d07951260b121e14893cd199ae0e557e479c7796f5212709dc
1e754f4fa261fddfb5680fd6de0d08f94a70a79e7928f1189026e31be011ef31
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5abb3576ba4898e8735e6ca8cab8fb1da65da48cd821e9ce6822d8768d09ddb7
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6b72763b1cc36380518c7e97fb87e2b243d3f90eaf9ffb9253ae5ad6d1bb5f39
9c35dc762a8d6fd2185602ba6195aba04bf0d437ce5f3af58a4edd39bdefb62b
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574

nowforfile.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

8 IPs

4 Countries

150 kBTransfer

251 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

10 Cookies

1 Console Messages

Indicators

nowforfile.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

150 kB
Transfer

251 kB
Size

10
Cookies

9 HTTP transactions
2 data transactions