nowforfile.com
Open in
urlscan Pro
188.114.97.3
Public Scan
Effective URL: https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246a...
Submission: On May 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 6th 2024. Valid for: 3 months.
This is the only time nowforfile.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a05:d018:483... 2a05:d018:483:6130:5877:415b:10dc:4366 | 16509 (AMAZON-02) (AMAZON-02) | |
2 3 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.174.130 172.67.174.130 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.67.68.197 172.67.68.197 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.202.12.61 18.202.12.61 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
9 | 8 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
nostop.go2cloud.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
adspredictiv.com
2 redirects
adspredictiv.com |
5 KB |
2 |
gstatic.com
fonts.gstatic.com |
98 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380 |
36 KB |
2 |
nowforfile.com
nowforfile.com — Cisco Umbrella Rank: 516871 |
5 KB |
1 |
go2cloud.org
nostop.go2cloud.org — Cisco Umbrella Rank: 454737 |
523 B |
1 |
yourjsdelivery.com
yourjsdelivery.com — Cisco Umbrella Rank: 452769 |
7 KB |
1 |
glasssmash.site
1 redirects
trk.glasssmash.site |
551 B |
1 |
eastrk-dl.com
1 redirects
eastrk-dl.com |
3 KB |
9 | 8 |
Domain | Requested by | |
---|---|---|
3 | adspredictiv.com | 2 redirects |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | nowforfile.com |
adspredictiv.com
|
1 | nostop.go2cloud.org |
nowforfile.com
|
1 | ajax.googleapis.com |
nowforfile.com
|
1 | yourjsdelivery.com |
nowforfile.com
|
1 | fonts.googleapis.com |
nowforfile.com
|
1 | trk.glasssmash.site | 1 redirects |
1 | eastrk-dl.com | 1 redirects |
9 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.7-zip.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
adspredictiv.com GTS CA 1P5 |
2024-04-27 - 2024-07-26 |
3 months | crt.sh |
nowforfile.com GTS CA 1P5 |
2024-05-06 - 2024-08-04 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
yourjsdelivery.com GTS CA 1P5 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
*.go2cloud.org Amazon RSA 2048 M02 |
2024-01-22 - 2025-02-19 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
Frame ID: C9B3918876E26443DABD0044AB87A10E
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Download SETUP FILE - FreePage URL History Show full URLs
-
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u
HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&su... Page URL
-
https://adspredictiv.com/jump/next.php?stamat=m%257CO-djdzYhaQdH8AH0dEdHP3xP.5f8%252C7H0PozvLiGV-YkDx...
HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23538268&stamat=m%257C%252C%252CQ3Ki4iN-oGU3Bf-GH0dEdHP3x... HTTP 302
https://trk.glasssmash.site/j79xu4?title=SETUP%20FILE&t=download_o1&source=6536622-1984015597-0&click_id... HTTP 302
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae64081... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Download Now
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u
HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2= Page URL
-
https://adspredictiv.com/jump/next.php?stamat=m%257CO-djdzYhaQdH8AH0dEdHP3xP.5f8%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHSBwbLkSKlFDxRNthCVePnEwJnA6dUG1PeFHgdCp2-hjcDGXCsXuPqwFp3dqt7_1-&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=&cbur=0.7193917454170564&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81724%20bits
HTTP 302
https://adspredictiv.com/script/i.php?t=1&c=23538268&stamat=m%257C%252C%252CQ3Ki4iN-oGU3Bf-GH0dEdHP3xP.2da%252C1pBr4EfzAS96Eq4A-AU0iqJDThiUMqLyW1uv-4XxN-IK0_bnQqsbdiIGKvuXoS1EZhMEWtpEAZZCKvN7NzqVzRAOquB90tRIMZJq72AvOCvJnvm31unBoUCCjOcxGXXtoDppiM21qFW6pZimFL8eYsX1JiaGDT3RvEIRxkapLTLUx_Nhe-1XIbvChFoh77h6qM_Vjx3T_6jlO5TQR1T73gbkjw9OVAhQDMYcRWXHvZHLanQhhaeQ8PLeYuh1EPDn7UtzHJsVBkNyjp_37UHjWNl4bWNMn40ZqisKZx7DMJUZ8Jkrc2gYymkUrPQVjUmuExAECwtk5lSEC-MLzfZ6nnK_Pi9lu9GpviifFs5F-TAv-_D__aMff2ntOI1Pg6L1QJALy4cVz90_OqvgxlmPzSE_-lIlnztJSe9yq0-vHSF2_TjGQm1q19Vr-vBbqTtE3PryBebEK0FuUyddtHb3Qk8bB797_-HCcLuFjln5T1Ei4VnZ7SkyZMwp51_INQMfFowK0X2JlkgpPymXEEDQPF8h4-Ci2ht6rUjRQuRKoOg0cHY6Aa_tQG2mA5eLyrQGsAAobImMpeNhry6OhJu4CR9Gerza7PBVSzv_j_avI7VHGX4Qoek7qOqPl4ZM26ic1pZOSL6tX2At2kC3F5md_js96xxzHEInSh5TS5f6mcVSz0NQnOSVPfs5eFXHqS8S HTTP 302
https://trk.glasssmash.site/j79xu4?title=SETUP%20FILE&t=download_o1&source=6536622-1984015597-0&click_id=171552013210000TDETV413588908744Vee HTTP 302
https://nowforfile.com/d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wp2t9u35f179aoqu2183v18u HTTP 302
- https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=e2d64cc10143461b9471f2c1559c1c5c2099a&sub1=35429&sub2=
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
next.php
adspredictiv.com/jump/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
d50d5ea8f836d9ebcbfaccdac528d51fe07b14e2fafd4c434d1a245df5cc187807c2aae640810a5707acfa080f39246ac5c06734d45c0ab5
nowforfile.com/ Redirect Chain
|
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
21 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dl.min.js
yourjsdelivery.com/ |
18 KB 7 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ |
95 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aff_i
nostop.go2cloud.org/ |
43 B 523 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
442 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ |
50 KB 50 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
nowforfile.com/ |
571 B 573 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| UAParser function| $ function| jQuery function| helpMe10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.eastrk-dl.com/ | Name: gdm_click_freq_v2_1_001 Value: OxGjV6XpcXangzh4Sty+jsw9nFUY10s4i/6MZUU4fWtkGoOh31N3YAoPwKLYXMNn |
|
.eastrk-dl.com/ | Name: gdm_sid_v2_3_001 Value: HvMT+7D4db3U5EEnOMIp5tmgplBIAV29zxLjt1qcmHjfM1vFj684Tfl9U4YZmVHZvzeFjHviLjJqIMRhWX4jX77kalfswSLuiPvZWuMjG7F0IRo4z/kV4cvUJBEuJlpNGNd4+1ftr98HUyTMjPkvV/l0IeBOYRIPg7bl8sNnWwrZAQJGMlmZY3TG4j2AGUmwRV0OrqN8wriqQ/Q/s5puCKr2i23Jv9AuNc2kfrniAOtM6lMr6PG9Fx0W7JLX5CHp6Bm+SURLIhsXjgDz9RntPEG57tqwc0JmgS8kqBH2DYyHwCd0pzHCdXe/28tIpjpC+DVi9i43wWsL+bUD9yJ8BRDXVWLPim6JUz5GcNi1Ti8WfnpnRJg4z/Glg/Pmp2ppgItbG5/2PfzcyipufLpWptKbTB8C9Im5fwhRmSx3qK57IgMWnHIZxvLci8mUKWILYz+ZQGD8e673Jgj2pEH4ZFwy8btLKlEcitaxsSt08J+hHwIxOnI/89Dz3ylTcnu0/yPpOlfhoP9VQPF6DgKQ/naVSlgeM4ttRfFy++M6FAsiaKk2do04rn/8W2F0U33KFu3ETloHrb9TJLZFil6p0cyVK/viVhTyiUbkFGMsNsgTO6UwDEGX1yO3NoQi79RC7HL9sqggJV7UMzemKtqKdv75f9PR+EIkDQml7WHWAN6gWYip+K8pUHL5ZPbkCmniM+wRbtFo+YwEgT4Sfw0YaqWrLApeKk2SCpL/ZWAOCtmS5C/1kRUUh9bK0KfGyZUnCwRYQfHFpaiVQEsw86uZkNMHUfhdYR7+0A9Q/XsKtdjabxj27ztoPK7tf3ymv5dGPtDzcsq2cIzqb6apVqNBssk/VnT++EoLr8KkV42i9XyI5WsamhG4ri+6dOV0qiB3PlLTBRM6/k2G4B5alGKM4z3W/uJlwaazVkAmx16ebhlaryyCCa+4pkga6GTfEA0NqJjccv84stqm08f+DUytYYACQX0low3LTBylh/z+3qA3zlri7d55WUrHvXjDjLOSFpk9tHdKqtS8bwMI7O+hxDxZ88pt4k81EpZ6rwUglKfwJCNJeO7bQDD2X+aaOrpBiyqWyFHC++MDjSRG4fxRXsfy20k/I1HdNr+8g4750lU= |
|
.eastrk-dl.com/ | Name: gdm_click_freq_v1_1_001 Value: OxGjV6XpcXangzh4Sty+jsw9nFUY10s4i/6MZUU4fWtkGoOh31N3YAoPwKLYXMNn |
|
.eastrk-dl.com/ | Name: gdm_uid_v2_1_001 Value: iCnsq8/lZC/3B0TvVuaPcNw3whBclXl0Wy7MehxFzExqdgzdpu69JGntZ3tVyODo |
|
.eastrk-dl.com/ | Name: gdm_uid_v1_1_001 Value: iCnsq8/lZC/3B0TvVuaPcNw3whBclXl0Wy7MehxFzExqdgzdpu69JGntZ3tVyODo |
|
.eastrk-dl.com/ | Name: gdm_sid_v1_3_001 Value: HvMT+7D4db3U5EEnOMIp5tmgplBIAV29zxLjt1qcmHjfM1vFj684Tfl9U4YZmVHZvzeFjHviLjJqIMRhWX4jX77kalfswSLuiPvZWuMjG7F0IRo4z/kV4cvUJBEuJlpNGNd4+1ftr98HUyTMjPkvV/l0IeBOYRIPg7bl8sNnWwrZAQJGMlmZY3TG4j2AGUmwRV0OrqN8wriqQ/Q/s5puCKr2i23Jv9AuNc2kfrniAOtM6lMr6PG9Fx0W7JLX5CHp6Bm+SURLIhsXjgDz9RntPEG57tqwc0JmgS8kqBH2DYyHwCd0pzHCdXe/28tIpjpC+DVi9i43wWsL+bUD9yJ8BRDXVWLPim6JUz5GcNi1Ti8WfnpnRJg4z/Glg/Pmp2ppgItbG5/2PfzcyipufLpWptKbTB8C9Im5fwhRmSx3qK57IgMWnHIZxvLci8mUKWILYz+ZQGD8e673Jgj2pEH4ZFwy8btLKlEcitaxsSt08J+hHwIxOnI/89Dz3ylTcnu0/yPpOlfhoP9VQPF6DgKQ/naVSlgeM4ttRfFy++M6FAsiaKk2do04rn/8W2F0U33KFu3ETloHrb9TJLZFil6p0cyVK/viVhTyiUbkFGMsNsgTO6UwDEGX1yO3NoQi79RC7HL9sqggJV7UMzemKtqKdv75f9PR+EIkDQml7WHWAN6gWYip+K8pUHL5ZPbkCmniM+wRbtFo+YwEgT4Sfw0YaqWrLApeKk2SCpL/ZWAOCtmS5C/1kRUUh9bK0KfGyZUnCwRYQfHFpaiVQEsw86uZkNMHUfhdYR7+0A9Q/XsKtdjabxj27ztoPK7tf3ymv5dGPtDzcsq2cIzqb6apVqNBssk/VnT++EoLr8KkV42i9XyI5WsamhG4ri+6dOV0qiB3PlLTBRM6/k2G4B5alGKM4z3W/uJlwaazVkAmx16ebhlaryyCCa+4pkga6GTfEA0NqJjccv84stqm08f+DUytYYACQX0low3LTBylh/z+3qA3zlri7d55WUrHvXjDjLOSFpk9tHdKqtS8bwMI7O+hxDxZ88pt4k81EpZ6rwUglKfwJCNJeO7bQDD2X+aaOrpBiyqWyFHC++MDjSRG4fxRXsfy20k/I1HdNr+8g4750lU= |
|
.eastrk-dl.com/ | Name: gdm_click_adv_freq_v1_1_001 Value: WGP2hL1mCj4amHrx09xyl/fq1o6OiGBQgCMomCP6mAjjErJFC7+Y6unea8Alv8V2 |
|
.eastrk-dl.com/ | Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.eastrk-dl.com/ | Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ== |
|
.eastrk-dl.com/ | Name: gdm_click_adv_freq_v2_1_001 Value: WGP2hL1mCj4amHrx09xyl/fq1o6OiGBQgCMomCP6mAjjErJFC7+Y6unea8Alv8V2 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adspredictiv.com
ajax.googleapis.com
eastrk-dl.com
fonts.googleapis.com
fonts.gstatic.com
nostop.go2cloud.org
nowforfile.com
trk.glasssmash.site
yourjsdelivery.com
172.67.174.130
172.67.68.197
18.202.12.61
188.114.96.3
188.114.97.3
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200a
2a05:d018:483:6130:5877:415b:10dc:4366
023c54a1285c76d07951260b121e14893cd199ae0e557e479c7796f5212709dc
1e754f4fa261fddfb5680fd6de0d08f94a70a79e7928f1189026e31be011ef31
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5abb3576ba4898e8735e6ca8cab8fb1da65da48cd821e9ce6822d8768d09ddb7
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6b72763b1cc36380518c7e97fb87e2b243d3f90eaf9ffb9253ae5ad6d1bb5f39
9c35dc762a8d6fd2185602ba6195aba04bf0d437ce5f3af58a4edd39bdefb62b
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
f878295a13ab9f922ba046207c3cb9da598d0e00cca7d488ef0cd15fc866c574