setting4upgrade.theultimatesitesystemcontents.bid

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 195.154.44.206, located in France and belongs to AS12876, FR. The main domain is setting4upgrade.theultimatesitesystemcontents.bid.

This is the only time setting4upgrade.theultimatesitesystemcontents.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	163.172.198.43 163.172.198.43	12876 (AS12876) (AS12876)
1	195.154.44.206 195.154.44.206	12876 (AS12876) (AS12876)
3	216.137.61.29 216.137.61.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.137.61.201 216.137.61.201	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	3

1 163.172.198.43 (United Kingdom) 1 redirects

ASN12876 (AS12876, FR)
PTR: 163-172-198-43.rev.poneytelecom.eu

www.yourbigbuddyforcontentsgood.stream	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.154.44.206 (France)

ASN12876 (AS12876, FR)
PTR: 195-154-44-206.rev.poneytelecom.eu

setting4upgrade.theultimatesitesystemcontents.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.137.61.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-29.fra2.r.cloudfront.net

d123qx2eclzzza.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.137.61.201 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-201.fra2.r.cloudfront.net

js.bestquickcontentfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cloudfront.net d123qx2eclzzza.cloudfront.net	42 KB
1	bestquickcontentfiles.com js.bestquickcontentfiles.com	2 KB
1	theultimatesitesystemcontents.bid setting4upgrade.theultimatesitesystemcontents.bid	6 KB
1	yourbigbuddyforcontentsgood.stream 1 redirects www.yourbigbuddyforcontentsgood.stream	454 B
5	4

	Domain	Requested by
3	d123qx2eclzzza.cloudfront.net	setting4upgrade.theultimatesitesystemcontents.bid
1	js.bestquickcontentfiles.com	setting4upgrade.theultimatesitesystemcontents.bid
1	setting4upgrade.theultimatesitesystemcontents.bid
1	www.yourbigbuddyforcontentsgood.stream	1 redirects
5	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0.
Frame ID: (1B95B9C9DAED1C047C615E3E1352530C)
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.yourbigbuddyforcontentsgood.stream/?pcl\=sck2Wo-quqqiG-f8pqFPN-g8Xh6rlMB-BK_SepTbHTI.&cid\=425030129901&sid\=28... HTTP 302
http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

List.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^List$/i

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

50 kB
Transfer

58 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.yourbigbuddyforcontentsgood.stream/?pcl\=sck2Wo-quqqiG-f8pqFPN-g8Xh6rlMB-BK_SepTbHTI.&cid\=425030129901&sid\=289041 HTTP 302
http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response setting4upgrade.theultimatesitesystemcontents.bid/ Redirect Chain http://www.yourbigbuddyforcontentsgood.stream/?pcl\=sck2Wo-quqqiG-f8pqFPN-g8Xh6rlMB-BK_SepTbHTI.&cid\=425030129901&sid\=289041 http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8...	16 KB 6 KB	65ms 24ms	Document text/html	195.154.44.206 AS12876
General Check archive.org Show headers Download Go to Full URL http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Protocol HTTP/1.1 Server 195.154.44.206 , France, ASN12876 (AS12876, FR), Reverse DNS 195-154-44-206.rev.poneytelecom.eu Software nginx/1.11.6 / PHP/7.0.15-1~dotdeb+8.1 Resource Hash `17a82fc12f8e5af4dd49ed016e0db7f632ec0f348db9f4054a2beeb16984a025` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host setting4upgrade.theultimatesitesystemcontents.bid Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 19 Feb 2018 08:53:33 GMT Content-Encoding gzip Server nginx/1.11.6 X-Powered-By PHP/7.0.15-1~dotdeb+8.1 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Set-Cookie channel=kaca_prsrc2; expires=Mon, 19-Feb-2018 09:13:33 GMT; Max-Age=1200; path=/ dist_id=4396; expires=Mon, 19-Feb-2018 09:13:33 GMT; Max-Age=1200; path=/ lp_id=2462; expires=Mon, 19-Feb-2018 09:13:33 GMT; Max-Age=1200; path=/ Connection keep-alive Redirect headers Location http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Date Mon, 19 Feb 2018 08:53:33 GMT Server nginx/1.11.6 Connection keep-alive X-Powered-By PHP/7.0.23-1~dotdeb+8.1 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	logoflash.png d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/	11 KB 12 KB	3029ms 7ms	Image image/png	216.137.61.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/logoflash.png Requested by Host: setting4upgrade.theultimatesitesystemcontents.bid URL: http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Protocol HTTP/1.1 Server 216.137.61.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-29.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `aaadc72280a69411e04d68ce402d09fc50bb255538d2acb4d13bf6925c4952d0` Request headers Referer http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 22 Jan 2018 12:40:53 GMT Via 1.1 42eda27a8f21acb511ddb91858ee5d5b.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2016-05-09T12:28:37.791Z Server AmazonS3 Age 49968 ETag "aebec976057f377c06ea17649dc431ed" X-Cache Hit from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:29:00 GMT Connection keep-alive Accept-Ranges bytes Content-Length 11345 X-Amz-Cf-Id X8rQeFHVoFN3wYQgDGAlG1E9Jinwio1oFl1NLHnqDBruAW5XLfV4_A==
GET H/1.1	200 OK	close_gray_round.png d123qx2eclzzza.cloudfront.net/lps/ext_temp/	615 B 1 KB	3026ms 7ms	Image image/png	216.137.61.29 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://d123qx2eclzzza.cloudfront.net/lps/ext_temp/close_gray_round.png Requested by Host: setting4upgrade.theultimatesitesystemcontents.bid URL: http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Protocol HTTP/1.1 Server 216.137.61.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-29.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `a8553c8c7b260e9bf2f4032cc116c08acd99c08abed4145024a8583edb822dab` Request headers Referer http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 26 Jan 2018 16:55:23 GMT Via 1.1 d41256fff4c52560b6f36cf42caee95d.cloudfront.net (CloudFront) Last-Modified Tue, 24 Oct 2017 12:25:59 GMT Server AmazonS3 Age 49960 ETag "7bfbb81f2d2f07812fb97aefd5afd751" x-amz-meta-origin-date-iso8601 2017-10-24T10:47:47.155Z X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 615 X-Amz-Cf-Id Nq4A0CKZjlOEQVS-m6_C8mue2ZXA6vZqirSWeOUN_OpYTtUjUr3U2g==
GET H/1.1	200 OK	d.min.js Show response js.bestquickcontentfiles.com/	1 KB 2 KB	3028ms 7ms	Script application/javascript	216.137.61.201 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://js.bestquickcontentfiles.com/d.min.js Requested by Host: setting4upgrade.theultimatesitesystemcontents.bid URL: http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Protocol HTTP/1.1 Server 216.137.61.201 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-201.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `5851c6ce0f1a72400ab4707a69ba52250f5d1121bb67906035b583dbdfb488b6` Request headers Referer http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 20 Nov 2017 07:52:53 GMT Via 1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront) Last-Modified Sun, 05 Nov 2017 09:39:10 GMT Server AmazonS3 Age 60476 ETag "076327acad248ed10948c6accd370b0d" X-Cache Hit from cloudfront x-amz-version-id NE6VH5YJ8JvSaFOGN4nGek8SP4bXMoRc Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 1410 X-Amz-Cf-Id JIvpPY-gO9xhctEjvUkq7VRQqS7j-0yWDB0hdTifSAxPhatnTZJXVA==
GET H/1.1	206 Partial Content	alert.mp3 d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/	29 KB 29 KB	3013ms 7ms	Media audio/mpeg	216.137.61.29 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/alert.mp3 Requested by Host: setting4upgrade.theultimatesitesystemcontents.bid URL: http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Protocol HTTP/1.1 Server 216.137.61.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-29.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `e722843dd9c5d32879941a3ba17192ee7751449faf05869a0de857ed90e142a3` Request headers Referer http://setting4upgrade.theultimatesitesystemcontents.bid/?pcl=-CQjZNid8eWfaOTMCk2KsMjnJIfK5VdL4V0_02fA5rZhhsnT5WWU57Rz2B5oapVK64Nsaqv0dAwMIuZt2N93WA..&cid\=425030129901&sid\=289041&v_id=0OZabyfM8P8DoebPrU2w-WrMUxFgtUiAKVsOqePAPv0. Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers Date Mon, 22 Jan 2018 12:40:53 GMT Via 1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2016-05-09T12:22:28.181Z Server AmazonS3 Age 47898 ETag "4ade884ff90a43c6f2c2248c552961c4" X-Cache Hit from cloudfront Content-Type audio/mpeg Content-Range bytes 0-29560/29561 Last-Modified Mon, 06 Jun 2016 13:29:00 GMT Connection keep-alive Accept-Ranges bytes Content-Length 29561 X-Amz-Cf-Id oAj_VhvDW23AM0bmeuYflxY5JI4HOnBYtG9j0JdxJwogFmcPX92wJQ==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
setting4upgrade.theultimatesitesystemcontents.bid/	1970-01-18 13:57:11	Name: lp_id Value: 2462
setting4upgrade.theultimatesitesystemcontents.bid/	1970-01-18 13:57:11	Name: dist_id Value: 4396
setting4upgrade.theultimatesitesystemcontents.bid/	1970-01-18 13:57:11	Name: channel Value: kaca_prsrc2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d123qx2eclzzza.cloudfront.net
js.bestquickcontentfiles.com
setting4upgrade.theultimatesitesystemcontents.bid
www.yourbigbuddyforcontentsgood.stream
163.172.198.43
195.154.44.206
216.137.61.201
216.137.61.29
17a82fc12f8e5af4dd49ed016e0db7f632ec0f348db9f4054a2beeb16984a025
5851c6ce0f1a72400ab4707a69ba52250f5d1121bb67906035b583dbdfb488b6
a8553c8c7b260e9bf2f4032cc116c08acd99c08abed4145024a8583edb822dab
aaadc72280a69411e04d68ce402d09fc50bb255538d2acb4d13bf6925c4952d0
e722843dd9c5d32879941a3ba17192ee7751449faf05869a0de857ed90e142a3

setting4upgrade.theultimatesitesystemcontents.bid Open in urlscan Pro 195.154.44.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

50 kBTransfer

58 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

3 Cookies

Indicators

setting4upgrade.theultimatesitesystemcontents.bid Open in urlscan Pro
195.154.44.206 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

50 kB
Transfer

58 kB
Size

3
Cookies

5 HTTP transactions
0 data transactions