qaeasy.site Open in urlscan Pro
2606:4700:3036::6812:3f02  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://downloaderlru.web.app/blr/ju.html Page URL
2. https://qaeasy.site/?utm_term=%D8%A3%D9%88%D9%86+%D9%84%D8%A7%D9%8A%D9%86 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	ju.html Show response downloaderlru.web.app/blr/	23 KB 6 KB	460ms 414ms	Document text/html	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7fc536d9897f1c9577dc17fac37c24dcd38ade1ad8978d39ada88ad29931ce56 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority downloaderlru.web.app :scheme https :path /blr/ju.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 cache-control max-age=3600 content-encoding br content-type text/html; charset=utf-8 etag "7cedf38802c3a247cfef50dbcd46ef182009d2329af423f6d61e4d24adf905e0-br" last-modified Sat, 17 Oct 2020 19:35:15 GMT strict-transport-security max-age=31556926; includeSubDomains; preload accept-ranges bytes date Mon, 19 Oct 2020 07:06:59 GMT x-served-by cache-ams21024-AMS x-cache MISS x-cache-hits 0 x-timer S1603091219.479758,VS0,VE396 vary x-fh-requested-host, accept-encoding content-length 5641
GET H2	200	style.css downloaderlru.web.app/blr/	1 MB 84 KB	826ms 825ms	Stylesheet text/css	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://downloaderlru.web.app/blr/style.css Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ab24e83b88435f7341ecddd9c3459900fa03da889178faf47d02e1b16af86d80 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br last-modified Sat, 17 Oct 2020 19:35:15 GMT x-timer S1603091220.898957,VS0,VE810 etag "083db7871f11d6488e59978c0a521d711ebb85cf279bbb8bd452913296d5b45d-br" x-served-by cache-ams21024-AMS vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/css; charset=utf-8 status 200 cache-control max-age=3600 date Mon, 19 Oct 2020 07:07:00 GMT accept-ranges bytes content-length 85335 x-cache-hits 0
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 5 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 16 Oct 2020 10:10:35 GMT content-encoding gzip x-content-type-options nosniff age 248184 status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Oct 2021 10:10:35 GMT
GET H2	200	contact.js Show response downloaderlru.web.app/blr/js/	936 B 451 B	387ms 386ms	Script text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://downloaderlru.web.app/blr/js/contact.js Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 248f06f67492b53cde7b63ae063299aa3b3afb516740656feab9bfd9c351d05c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br last-modified Sat, 17 Oct 2020 19:35:15 GMT x-timer S1603091220.899115,VS0,VE370 etag "6db27bc35d6e1337ef9e5be53c5bcca88b9ef4c0cbd7cbb8e20de7697dd1550a-br" x-served-by cache-ams21024-AMS vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 status 200 cache-control max-age=3600 date Mon, 19 Oct 2020 07:07:00 GMT accept-ranges bytes content-length 293 x-cache-hits 0
GET H2	200	58b853dcfde5fda107f5affb_webflow-black-tight.svg assets-global.website-files.com/583347ca8f6c7ee058111b3b/	2 KB 1 KB	33ms 7ms	Image image/svg+xml	2600:9000:2057:800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/583347ca8f6c7ee058111b3b/58b853dcfde5fda107f5affb_webflow-black-tight.svg Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 340706612c8cb54f609dddcb9123d3ec93b9f95a55be2a99fa398d2cf4ffb7ad Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 16 Oct 2020 10:28:56 GMT content-encoding gzip last-modified Mon, 08 May 2017 22:58:56 GMT server AmazonS3 age 247085 etag W/"61bfee89f09bb3b8d0eb9a225a397aae" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id Sw8AZyGtLm0k2KHHnjCvvIgHLOhdaPjK status 200 cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA6-C1 content-type image/svg+xml x-amz-cf-id R2hG3Vm813RmINAe1vJQZQzf7tyeaVY-HalujCeDtLHisqAIsu0X_w== via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
GET H2	200	5ca6f3be04fdce5073916019_b-nav-icon-black.svg assets-global.website-files.com/583347ca8f6c7ee058111b3b/	588 B 993 B	8ms 8ms	Image image/svg+xml	2600:9000:2057:800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/583347ca8f6c7ee058111b3b/5ca6f3be04fdce5073916019_b-nav-icon-black.svg Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 00fe5ce466ba32494167ce2d91c91e0295b41ea712823bab0a575f40fcddc51a Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 19 Sep 2020 16:38:27 GMT via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) last-modified Fri, 05 Apr 2019 06:20:48 GMT server AmazonS3 age 2557714 etag "5a04205b775a23c078300917109174a2" x-cache Hit from cloudfront x-amz-version-id K8.IaZ_eOw91.1KrhCgvSm5oNSiCZOm2 status 200 cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/svg+xml content-length 588 x-amz-cf-id F_lw3pPTo7xxWNDiI6lOekBdvQndoKNT4D0LYtlWJFZ7nE7VnuswOA==
GET H2	200	5a24ba89a1816d000132d768_b-nav-icon.svg assets-global.website-files.com/583347ca8f6c7ee058111b3b/	379 B 784 B	7ms 7ms	Image image/svg+xml	2600:9000:2057:800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/583347ca8f6c7ee058111b3b/5a24ba89a1816d000132d768_b-nav-icon.svg Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d698d1918abe9250964360fdd8484ba8ed2f3fcecae7b0c25617961a368fa1c3 Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Sep 2020 03:17:31 GMT via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2017 03:01:30 GMT server AmazonS3 age 1914570 etag "d9ee44be1d9d5983cea30fab025d5e14" x-cache Hit from cloudfront x-amz-version-id RBmetI0q90AFRBFUe05E7KeCE3XlT2S_ status 200 cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/svg+xml content-length 379 x-amz-cf-id 2jxafK7TiNwxm1k9lDUhRvGg6BllbcG-nNKdEosz3wQ8XQcjxFmTjA==
GET H2	200	5890d5e13a93be960c0c2f9d_webflow-logo-black.svg assets-global.website-files.com/583347ca8f6c7ee058111b3b/	2 KB 1 KB	8ms 7ms	Image image/svg+xml	2600:9000:2057:800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/583347ca8f6c7ee058111b3b/5890d5e13a93be960c0c2f9d_webflow-logo-black.svg Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ffbfed3c4e15d2df477ccc2b11462d8b32d3b0a5c75593ef9c90bca7c8afc654 Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Sep 2020 03:17:36 GMT content-encoding gzip last-modified Tue, 31 Jan 2017 18:22:26 GMT server AmazonS3 age 1914564 etag W/"ed1dfe88c06102c59b1dfa77361a7628" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id JHPhbqyCeLsDMdhI8iy4de0AvMMnr5mF status 200 cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA6-C1 content-type image/svg+xml x-amz-cf-id 4DZ4BnFg5hHuQ1E92cEM_Bc_MkF3V2bUHCbwQNnqWY5TeHCfoLNWhQ== via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
GET H2	200	dlyy611 clicko.icu/	474 B 1 KB	287ms 257ms	Script application/javascript	2606:4700:3035::681b:ab27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://clicko.icu/dlyy611?se_referrer=&default_keyword=%D8%A3%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86&&frm5f6de3a66fd9a=script5f6de3a66fd9d&_cid=4281d415-cee3-9260-8ab7-b6cbadc9bfbf Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/js/contact.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681b:ab27 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 19 Oct 2020 07:07:01 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 19 Oct 2020 07:07:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603091221"}],"group":"cf-nel","max_age":604800} content-type application/javascript status 200 cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 cf-ray 5e48a8e1fbe5dffb-FRA cf-request-id 05e147e1400000dffb35035000000001 expires 0
GET H2	200	css fonts.googleapis.com/	6 KB 820 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:81a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d53eed63fe0d349f14549f30c89d91936322986ef2906af735f551ab1152756b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 19 Oct 2020 07:07:00 GMT server ESF date Mon, 19 Oct 2020 07:07:00 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Oct 2020 07:07:00 GMT
GET H2	200	592f64fdbbbc0b3897e41c3d_blog-image.jpg assets-global.website-files.com/583347ca8f6c7ee058111b55/	78 KB 78 KB	13ms 13ms	Image image/jpeg	2600:9000:2057:800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/583347ca8f6c7ee058111b55/592f64fdbbbc0b3897e41c3d_blog-image.jpg Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e6efdee6588d63d3dd1fb734ed3e7dbf486e83b5cb6f2021eecba267c7053232 Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 29 Sep 2020 09:52:18 GMT via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) last-modified Fri, 20 Sep 2019 22:16:34 GMT server AmazonS3 age 1718083 etag "28ab245663a6c838f912adf02b3702e9" x-cache Hit from cloudfront x-amz-version-id LFbZB0FC2czB7N2H0XOXao2p31JcZwNa status 200 cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/jpeg content-length 79669 x-amz-cf-id nS0XhL2UUYYpoF_9skOppm9i1sWgqtItebyWiUrYOH_RC7gMUJhNiQ==
GET H2	200	588bb31854a1f4ca2715aa8b__headshot.jpg assets-global.website-files.com/583347ca8f6c7ee058111b55/	27 KB 27 KB	22ms 22ms	Image image/jpeg	2600:9000:2057:800:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/583347ca8f6c7ee058111b55/588bb31854a1f4ca2715aa8b__headshot.jpg Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/ju.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9c518c229bc3aaf1f06bb916faec139368ec3260ae2c82501da09d42fa23d699 Request headers Referer https://downloaderlru.web.app/blr/ju.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 20:36:37 GMT via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) last-modified Fri, 27 Jan 2017 20:52:42 GMT server AmazonS3 age 3321024 etag "21e67f0044f9a86b9bab24af03cd97c5" x-cache Hit from cloudfront x-amz-version-id R_Ato7swmaR5gv0D7CupgjLC6WxhaRPu status 200 cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA6-C1 accept-ranges bytes content-type image/jpeg content-length 27648 x-amz-cf-id jEBPQ_4EdYuIA3y6n__Z_u_vz5N8v20RV3K4isb5iC5NPvsbkWqcFw==
GET H2	200	586c538cd989cc36168ae806_Graphik-Regular-Web.woff2 assets.website-files.com/583347ca8f6c7ee058111b3b/	30 KB 31 KB	148ms 122ms	Font application/octet-stream	2600:9000:20eb:1800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/583347ca8f6c7ee058111b3b/586c538cd989cc36168ae806_Graphik-Regular-Web.woff2 Requested by Host: downloaderlru.web.app URL: https://downloaderlru.web.app/blr/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:1800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ccde0cf7ce5d0767eba8aabd07f8537f24e5097cfb5e1f08e1685926efcfbe84 Request headers Origin https://downloaderlru.web.app Referer https://downloaderlru.web.app/blr/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 19 Oct 2020 07:07:01 GMT via 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront status 200 content-length 30885 last-modified Wed, 04 Jan 2017 01:44:46 GMT server AmazonS3 etag "5a0c1a002e8a14bedb37e60ee72642ac" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id YenBQfbkZL07lzV_YYCBLxBWBog2KJFH access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type application/octet-stream x-amz-cf-id HDvsHvn_aYRw4DBnHwkr9166ylY0E0UnUXVe05WdZhNYj0LnOzrTvQ==
GET		586c538c80a27dc54a7d1460_Graphik-Medium-Web.woff2 assets.website-files.com/583347ca8f6c7ee058111b3b/	0 0
GET H2	200	L0x5DF4xlVMF-BfR8bXMIjhLq3-cXbKD.woff2 fonts.gstatic.com/s/robotomono/v12/	32 KB 32 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotomono/v12/L0x5DF4xlVMF-BfR8bXMIjhLq3-cXbKD.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 650d376f1dc8f00f746278b5c5cc70e8a933fbe9ada87438a84028fb24448a17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://downloaderlru.web.app Referer https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 13:30:40 GMT x-content-type-options nosniff last-modified Mon, 13 Jul 2020 19:15:42 GMT server sffe age 322580 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32516 x-xss-protection 0 expires Fri, 15 Oct 2021 13:30:40 GMT
GET H3-Q050	200	pe0sMIuPIYBCpEV5eFdCBfe_Kdxicw.woff2 fonts.gstatic.com/s/syncopate/v12/	10 KB 10 KB	30ms 15ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/syncopate/v12/pe0sMIuPIYBCpEV5eFdCBfe_Kdxicw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 26586fd5444d9ab87c3a6e468beeffb43a1f00bbd308c22f1a96c3d0e46e5210 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://downloaderlru.web.app Referer https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 12 Oct 2020 09:23:24 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 04:39:49 GMT server sffe age 596616 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10560 x-xss-protection 0 expires Tue, 12 Oct 2021 09:23:24 GMT
GET H3-Q050	200	pe0pMIuPIYBCpEV5eFdKvtKqBP5vWVYgVw.woff2 fonts.gstatic.com/s/syncopate/v12/	10 KB 11 KB	28ms 14ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/syncopate/v12/pe0pMIuPIYBCpEV5eFdKvtKqBP5vWVYgVw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b89319aba0345519a6c94fd4a43e1cc3fcd77979e597825723bced06811ce718 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://downloaderlru.web.app Referer https://fonts.googleapis.com/css?family=Roboto+Mono:300,regular,500%7CSyncopate:regular,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 12 Oct 2020 09:17:23 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 05:24:02 GMT server sffe age 596977 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10380 x-xss-protection 0 expires Tue, 12 Oct 2021 09:17:23 GMT
GET H2	200	Primary Request / Show response qaeasy.site/	5 KB 3 KB	92ms 61ms	Document text/html	2606:4700:3036::6812:3f02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaeasy.site/?utm_term=%D8%A3%D9%88%D9%86+%D9%84%D8%A7%D9%8A%D9%86 Requested by Host: clicko.icu URL: https://clicko.icu/dlyy611?se_referrer=&default_keyword=%D8%A3%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86&&frm5f6de3a66fd9a=script5f6de3a66fd9d&_cid=4281d415-cee3-9260-8ab7-b6cbadc9bfbf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6812:3f02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 306b8270a356f0429129aee64f7d123ee1be56999a796fd65a6d02ad500075bb Security Headers Name Value X-Frame-Options DENY Request headers :method GET :authority qaeasy.site :scheme https :path /?utm_term=%D8%A3%D9%88%D9%86+%D9%84%D8%A7%D9%8A%D9%86 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://downloaderlru.web.app/blr/ju.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://downloaderlru.web.app/blr/ju.html Response headers status 200 date Mon, 19 Oct 2020 07:07:01 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d80e33ffe5122337c2e53721529ca321b1603091221; expires=Wed, 18-Nov-20 07:07:01 GMT; path=/; domain=.qaeasy.site; HttpOnly; SameSite=Lax; Secure ab_referer=https%3A%2F%2Fdownloaderlru.web.app%2Fblr%2Fju.html; expires=Fri, 18-Dec-2020 07:07:01 GMT; Max-Age=5184000; path=/ x-powered-cms Antibot.Cloud (See: https://antibot.cloud/) x-robots-tag noindex x-frame-options DENY expires Mon, 26 Jul 1997 05:00:00 GMT cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-request-id 05e147e264000005e9869b5000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603091221"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e48a8e3dd1705e9-FRA content-encoding br
GET H2	200	cloud5.php Show response ipv6alt.antibot.cloud/content/	82 B 429 B	194ms 106ms	Script application/javascript	2a02:27aa::c8 ITL-
General Check archive.org Show headers Download Go to Full URL https://ipv6alt.antibot.cloud/content/cloud5.php?h1=3e061af5e9bdb6d334cfa5ad06093d3f&h2=d1c75a29ae1c034d72ae84da5b7bdc4c&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&via=&v=5.07&r=downloaderlru.web.app&rand=1603091221 Requested by Host: qaeasy.site URL: https://qaeasy.site/?utm_term=%D8%A3%D9%88%D9%86+%D9%84%D8%A7%D9%8A%D9%86 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:27aa::c8 Nesebar, Bulgaria, ASN59729 (ITL-, BG), Reverse DNS Software nginx / Resource Hash 41079f1a75fdc617dec903ffb79bbe3ea4a7def48c63f69ba9f84a6cf745897c Security Headers Name Value X-Frame-Options DENY Request headers Referer https://qaeasy.site/?utm_term=%D8%A3%D9%88%D9%86+%D9%84%D8%A7%D9%8A%D9%86 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 19 Oct 2020 07:07:04 GMT content-encoding gzip server nginx x-frame-options DENY x-powered-cms Antibot.Cloud (See: https://antibot.cloud/) vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control no-store, no-cache, must-revalidate x-robots-tag noindex expires Mon, 26 Jul 1997 05:00:00 GMT
GET		cloud5.php ipv6main.antibot.cloud/content/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

assets.website-files.com

URL

https://assets.website-files.com/583347ca8f6c7ee058111b3b/586c538c80a27dc54a7d1460_Graphik-Medium-Web.woff2

Domain

ipv6main.antibot.cloud

URL

https://ipv6main.antibot.cloud/content/cloud5.php?h1=3e061af5e9bdb6d334cfa5ad06093d3f&h2=d1c75a29ae1c034d72ae84da5b7bdc4c&ip=2a01:04f8:0192:5414:0000:0000:0000:0002&via=&v=5.07&r=downloaderlru.web.app&rand=1603091221

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| timer function| LoadTest

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qaeasy.site/	1970-01-19 14:44:35	Name: ab_referer Value: https%3A%2F%2Fdownloaderlru.web.app%2Fblr%2Fju.html
			.qaeasy.site/	1970-01-19 14:01:23	Name: __cfduid Value: d80e33ffe5122337c2e53721529ca321b1603091221

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
assets.website-files.com
clicko.icu
downloaderlru.web.app
fonts.googleapis.com
fonts.gstatic.com
ipv6alt.antibot.cloud
ipv6main.antibot.cloud
qaeasy.site
assets.website-files.com
ipv6main.antibot.cloud
151.101.1.195
2600:9000:2057:800:12:9e5f:cac0:93a1
2600:9000:20eb:1800:11:3b84:d200:93a1
2606:4700:3035::681b:ab27
2606:4700:3036::6812:3f02
2a00:1450:4001:802::200a
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
2a02:27aa::c8
00fe5ce466ba32494167ce2d91c91e0295b41ea712823bab0a575f40fcddc51a
248f06f67492b53cde7b63ae063299aa3b3afb516740656feab9bfd9c351d05c
26586fd5444d9ab87c3a6e468beeffb43a1f00bbd308c22f1a96c3d0e46e5210
306b8270a356f0429129aee64f7d123ee1be56999a796fd65a6d02ad500075bb
340706612c8cb54f609dddcb9123d3ec93b9f95a55be2a99fa398d2cf4ffb7ad
41079f1a75fdc617dec903ffb79bbe3ea4a7def48c63f69ba9f84a6cf745897c
650d376f1dc8f00f746278b5c5cc70e8a933fbe9ada87438a84028fb24448a17
7fc536d9897f1c9577dc17fac37c24dcd38ade1ad8978d39ada88ad29931ce56
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
9c518c229bc3aaf1f06bb916faec139368ec3260ae2c82501da09d42fa23d699
ab24e83b88435f7341ecddd9c3459900fa03da889178faf47d02e1b16af86d80
b89319aba0345519a6c94fd4a43e1cc3fcd77979e597825723bced06811ce718
ccde0cf7ce5d0767eba8aabd07f8537f24e5097cfb5e1f08e1685926efcfbe84
d53eed63fe0d349f14549f30c89d91936322986ef2906af735f551ab1152756b
d698d1918abe9250964360fdd8484ba8ed2f3fcecae7b0c25617961a368fa1c3
e6efdee6588d63d3dd1fb734ed3e7dbf486e83b5cb6f2021eecba267c7053232
ffbfed3c4e15d2df477ccc2b11462d8b32d3b0a5c75593ef9c90bca7c8afc654