urlscan.io logo urlscan.io
SecurityTrails logo

getnewsoft.thebestcontentsitealways.download Open in urlscan Pro
195.154.44.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.keyupgradesetformacandpc.download/?pcl=AqGG5W2o9JKzOJYM5rfFUZ9c1TqxH8A8iZWtTdDjA5E.&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid
Effective URL: http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&ci...
Submission: On February 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 195.154.44.206, located in France and belongs to AS12876, FR. The main domain is getnewsoft.thebestcontentsitealways.download.
This is the only time getnewsoft.thebestcontentsitealways.download was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.197.32.203 14618 (AMAZON-AES)
1 195.154.44.206 12876 (AS12876)
2 216.137.61.106 16509 (AMAZON-02)
1 216.137.61.143 16509 (AMAZON-02)
1 216.137.61.191 16509 (AMAZON-02)
5 4
1    54.197.32.203 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-197-32-203.compute-1.amazonaws.com
www.keyupgradesetformacandpc.download
1    195.154.44.206 (France)

ASN12876 (AS12876, FR)
PTR: 195-154-44-206.rev.poneytelecom.eu
getnewsoft.thebestcontentsitealways.download
2    216.137.61.106 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-106.fra2.r.cloudfront.net
d123qx2eclzzza.cloudfront.net
1    216.137.61.143 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-143.fra2.r.cloudfront.net
js.bestquickcontentfiles.com
1    216.137.61.191 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-216-137-61-191.fra2.r.cloudfront.net
d123qx2eclzzza.cloudfront.net
Domain Requested by
3 d123qx2eclzzza.cloudfront.net getnewsoft.thebestcontentsitealways.download
1 js.bestquickcontentfiles.com getnewsoft.thebestcontentsitealways.download
1 getnewsoft.thebestcontentsitealways.download
1 www.keyupgradesetformacandpc.download 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Frame ID: (38BD1F3C42E83D2DC353355ACA204B27)
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.keyupgradesetformacandpc.download/?pcl=AqGG5W2o9JKzOJYM5rfFUZ9c1TqxH8A8iZWtTdDjA5E.&cid=A439A568-D0C0-4A50-B25... HTTP 302
    http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^List$/i

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

53 kB
Transfer

59 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.keyupgradesetformacandpc.download/?pcl=AqGG5W2o9JKzOJYM5rfFUZ9c1TqxH8A8iZWtTdDjA5E.&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid HTTP 302
    http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
getnewsoft.thebestcontentsitealways.download/
Redirect Chain
  • http://www.keyupgradesetformacandpc.download/?pcl=AqGG5W2o9JKzOJYM5rfFUZ9c1TqxH8A8iZWtTdDjA5E.&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid
  • http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=...
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Protocol
HTTP/1.1
Server
195.154.44.206 , France, ASN12876 (AS12876, FR),
Reverse DNS
195-154-44-206.rev.poneytelecom.eu
Software
nginx/1.11.6 / PHP/7.0.15-1~dotdeb+8.1
Resource Hash
9d55478b83b0760ef861f4a7de398f64c4480adeb67ba39a55a5987f1e283ffd

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
getnewsoft.thebestcontentsitealways.download
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 27 Feb 2018 21:16:34 GMT
Content-Encoding
gzip
Server
nginx/1.11.6
X-Powered-By
PHP/7.0.15-1~dotdeb+8.1
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Set-Cookie
channel=glider_ffextusuk; expires=Tue, 27-Feb-2018 21:36:34 GMT; Max-Age=1200; path=/ dist_id=4396; expires=Tue, 27-Feb-2018 21:36:34 GMT; Max-Age=1200; path=/ lp_id=2406; expires=Tue, 27-Feb-2018 21:36:34 GMT; Max-Age=1200; path=/
Connection
keep-alive

Redirect headers

Location
http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Date
Tue, 27 Feb 2018 21:16:33 GMT
Server
nginx/1.11.6
Connection
keep-alive
X-Powered-By
PHP/7.0.22-1~dotdeb+8.1
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
logoflash.png
d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/logoflash.png
Requested by
Host: getnewsoft.thebestcontentsitealways.download
URL: http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Protocol
HTTP/1.1
Server
216.137.61.106 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaadc72280a69411e04d68ce402d09fc50bb255538d2acb4d13bf6925c4952d0

Request headers

Referer
http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 22 Jan 2018 12:40:53 GMT
Via
1.1 0437902e99783229e3317bb4dfe27240.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2016-05-09T12:28:37.791Z
Server
AmazonS3
Age
8103
ETag
"aebec976057f377c06ea17649dc431ed"
X-Cache
Hit from cloudfront
Content-Type
image/png
Last-Modified
Mon, 06 Jun 2016 13:29:00 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11345
X-Amz-Cf-Id
osqWlyPmlrMOlcVUll3WNa92xkOYnd0z5ivVA_7behAuTK2N_d-SMA==
d.min.js
js.bestquickcontentfiles.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.bestquickcontentfiles.com/d.min.js
Requested by
Host: getnewsoft.thebestcontentsitealways.download
URL: http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Protocol
HTTP/1.1
Server
216.137.61.143 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-143.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5851c6ce0f1a72400ab4707a69ba52250f5d1121bb67906035b583dbdfb488b6

Request headers

Referer
http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 20 Nov 2017 07:52:53 GMT
Via
1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
Last-Modified
Sun, 05 Nov 2017 09:39:10 GMT
Server
AmazonS3
Age
18646
ETag
"076327acad248ed10948c6accd370b0d"
X-Cache
Hit from cloudfront
x-amz-version-id
NE6VH5YJ8JvSaFOGN4nGek8SP4bXMoRc
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1410
X-Amz-Cf-Id
DKXMQDZZeSJXhqAEDCgnRVrBFpabG2uOuDa9FJYyVEv9vyGt2PZ3Ow==
alert.mp3
d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/ 		29 KB
29 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://d123qx2eclzzza.cloudfront.net/lps/flash_loadSound/images/alert.mp3
Requested by
Host: getnewsoft.thebestcontentsitealways.download
URL: http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Protocol
HTTP/1.1
Server
216.137.61.191 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-191.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e722843dd9c5d32879941a3ba17192ee7751449faf05869a0de857ed90e142a3

Request headers

Referer
http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Mon, 22 Jan 2018 12:40:53 GMT
Via
1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2016-05-09T12:22:28.181Z
Server
AmazonS3
Age
6061
ETag
"4ade884ff90a43c6f2c2248c552961c4"
X-Cache
Hit from cloudfront
Content-Type
audio/mpeg
Content-Range
bytes 0-29560/29561
Last-Modified
Mon, 06 Jun 2016 13:29:00 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29561
X-Amz-Cf-Id
g_ltgXq5RLtDLuEYor0FEm0FFXKq5O5y_2akVx7J5pkBVN3dGYFdbA==
xpi-base.png
d123qx2eclzzza.cloudfront.net/lps/ext_temp/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d123qx2eclzzza.cloudfront.net/lps/ext_temp/xpi-base.png
Requested by
Host: getnewsoft.thebestcontentsitealways.download
URL: http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
Protocol
HTTP/1.1
Server
216.137.61.106 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-216-137-61-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e5d970ef8cb7b7f525e6450fc8cf22e4e16c4d86a38b20b9d3373315393ae7b

Request headers

Referer
http://getnewsoft.thebestcontentsitealways.download/?pcl=tQcNfDQUrwXdRkPkqu6KeMXE78w9HDtN9Uv_hMDc9I0XCSLMOWUrHsm6idU-lTi7pCdhrWYbdLPsbDkDwXxLdA..&cid=A439A568-D0C0-4A50-B25B-5116131D5259&sid=&v_id=NrH4LFKAi_DQHQ_mNgT1SZyAdtVlcpy_XISWuwRLwyM.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 22 Jan 2018 12:40:53 GMT
Via
1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2017-10-25T06:30:23.929Z
Server
AmazonS3
Age
75492
ETag
"a223dcdaf096a168ec938979edec9ade"
X-Cache
Hit from cloudfront
Content-Type
image/png
Last-Modified
Wed, 25 Oct 2017 06:37:02 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4775
X-Amz-Cf-Id
LfdCulkXwYmHbBg0sS7_DbUMznAJd7fbOrVlakF1yIf7IaHGfKwkKQ==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showStep function| fillProgressBar string| clickid string| cc string| ch number| se string| version string| insturly object| scriptEl function| installFFExtension function| pingMe function| getUrlVars function| getEngin function| getVersion object| list object| children number| j

3 Cookies

Domain/Path Name / Value
getnewsoft.thebestcontentsitealways.download/ Name: lp_id
Value: 2406
getnewsoft.thebestcontentsitealways.download/ Name: dist_id
Value: 4396
getnewsoft.thebestcontentsitealways.download/ Name: channel
Value: glider_ffextusuk