urlscan.io logo urlscan.io
SecurityTrails logo

95xcs.live Open in urlscan Pro
142.93.245.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.io/TU3Mvm
Effective URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Submission: On February 05 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 142.93.245.52, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is 95xcs.live.
This is the only time 95xcs.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.27.129.180 13335 (CLOUDFLAR...)
1 142.93.245.52 14061 (DIGITALOC...)
10 139.45.196.142 9002 (RETN-AS)
1 139.45.197.8 9002 (RETN-AS)
12 4
Apex Domain
Subdomains		 Transfer
10 iptautup.com
iptautup.com
66 KB
1 rtmark.net
my.rtmark.net
767 B
1 95xcs.live
95xcs.live
10 KB
1 url.io
url.io
738 B
12 4
Domain Requested by
10 iptautup.com 95xcs.live
iptautup.com
1 my.rtmark.net 95xcs.live
1 95xcs.live
1 url.io 1 redirects
12 4

This site contains no links.

Subject Issuer Validity Valid
iptautup.com
R3		 2020-12-10 -
2021-03-10		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh

This page contains 2 frames:

Primary Page: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Frame ID: 78C6C0E2D2675D12A23C928D88972A51
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 294BB0EC5C12AA52AFB2B84F5275EB37
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://url.io/TU3Mvm HTTP 302
    http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

77 kB
Transfer

187 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.io/TU3Mvm HTTP 302
    http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request opt.php
95xcs.live/
Redirect Chain
  • https://url.io/TU3Mvm
  • http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Server
142.93.245.52 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
c67a0aaf866fc55574df90b676a834d1037ee667c52c4d7dc9c9a4ebb4a20669

Request headers

Host
95xcs.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 06:52:06 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

date
Fri, 05 Feb 2021 06:52:06 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d18914b08ac0f2f7c75d0effee70e5ef71612507925; expires=Sun, 07-Mar-21 06:52:05 GMT; path=/; domain=.url.io; HttpOnly; SameSite=Lax; Secure
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
location
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
vary
Accept
cf-cache-status
DYNAMIC
cf-request-id
08128f6419000032a7800da000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9af2CRfDJirvbVXgSwkCQOlUBnmem7mDWB06NLsIsz2Z7bBvbPe23Rs2aV4ZgFT6lBDLxu%2BTDBbIAnR%2F7sY1x0WJbcF9qYc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61cab4e68ce332a7-CDG
tag.min.js
iptautup.com/pfe/current/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/pfe/current/tag.min.js?z=3129050
Requested by
Host: 95xcs.live
URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Feb 2021 06:52:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 09:55:25 GMT
Server
nginx
ETag
W/"601a730d-373d"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
zone
iptautup.com/ 		716 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/zone?pub=0&zone_id=3129050&is_mobile=false&domain=95xcs.live&var=&ymid=&var_3=
Requested by
Host: iptautup.com
URL: https://iptautup.com/pfe/current/tag.min.js?z=3129050
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2a9802b6dabbf6d8cd61bfb73bf6e593d97d25ff3793986eda4262a3646cb743
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
7ab3ecfce5a8b6b243bc0c31dd4a41c3
Date
Fri, 05 Feb 2021 06:52:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
716
universal.min.js
iptautup.com/pfe/current/ 		106 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/pfe/current/universal.min.js?v=3.1.282
Requested by
Host: iptautup.com
URL: https://iptautup.com/pfe/current/tag.min.js?z=3129050
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Feb 2021 06:52:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 09:55:25 GMT
Server
nginx
ETag
W/"601a730d-1a972"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://95xcs.live
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
custom
iptautup.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Protocol
HTTP/1.1
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://95xcs.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 05 Feb 2021 06:52:07 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
iptautup.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Protocol
HTTP/1.1
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://95xcs.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 05 Feb 2021 06:52:07 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
iptautup.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Requested by
Host: 95xcs.live
URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
3166e1b560fda486c32b33485206940c
Date
Fri, 05 Feb 2021 06:52:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
iptautup.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Requested by
Host: 95xcs.live
URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
bb2f82b2daea743f43d9c1629c540582
Date
Fri, 05 Feb 2021 06:52:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
gid.js
my.rtmark.net/ 		65 B
767 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=17350806a1034789b3e470d692884be4&zoneId=3129050&checkDuplicate=true&ymid=&var=
Requested by
Host: 95xcs.live
URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.8 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8bedeb4ea874261c86aa164a5b0959ab11c511da771fdedb0a7cbc4de02a1ee2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 06:52:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
defaultSkin.min.js
iptautup.com/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/pfe/current/defaultSkin.min.js
Requested by
Host: 95xcs.live
URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Feb 2021 06:52:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 09:55:25 GMT
Server
nginx
ETag
W/"601a730d-de6b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://95xcs.live
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
truncated
/ Frame 294B 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
iptautup.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Protocol
HTTP/1.1
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://95xcs.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 05 Feb 2021 06:52:07 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
iptautup.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Requested by
Host: 95xcs.live
URL: http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://95xcs.live/opt.php?d=0&l=0&c=0&cr=8285&em=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
7229386b4d14b5c6fc1330dfb795d5f2
Date
Fri, 05 Feb 2021 06:52:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://95xcs.live
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| zfgformats object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes

0 Cookies