undoupgrade24.yourgoodandglobalupgrade.bid

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 162.255.117.134, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is undoupgrade24.yourgoodandglobalupgrade.bid.

This is the only time undoupgrade24.yourgoodandglobalupgrade.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.83.166.129 212.83.166.129	12876 (AS12876) (AS12876)
1	162.255.117.134 162.255.117.134	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
2	52.85.173.187 52.85.173.187	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.85.173.206 52.85.173.206	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.85.173.224 52.85.173.224	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	4

1 212.83.166.129 (Paris, France) 1 redirects

ASN12876 (AS12876, FR)
PTR: 212-83-166-129.rev.poneytelecom.eu

www.getandprepareforupdatingfree.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.255.117.134 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)

undoupgrade24.yourgoodandglobalupgrade.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.173.187 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-187.fra6.r.cloudfront.net

js.bestquickcontentfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.173.206 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-206.fra6.r.cloudfront.net

dqjqvx3jubsfz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.173.224 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-224.fra6.r.cloudfront.net

dqjqvx3jubsfz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cloudfront.net dqjqvx3jubsfz.cloudfront.net	130 KB
2	bestquickcontentfiles.com js.bestquickcontentfiles.com	3 KB
1	yourgoodandglobalupgrade.bid undoupgrade24.yourgoodandglobalupgrade.bid	5 KB
1	getandprepareforupdatingfree.win 1 redirects www.getandprepareforupdatingfree.win	446 B
7	4

	Domain	Requested by
4	dqjqvx3jubsfz.cloudfront.net	undoupgrade24.yourgoodandglobalupgrade.bid
2	js.bestquickcontentfiles.com	undoupgrade24.yourgoodandglobalupgrade.bid
1	undoupgrade24.yourgoodandglobalupgrade.bid
1	www.getandprepareforupdatingfree.win	1 redirects
7	4

This site contains links to these domains. Also see Links.

Domain
www.tagfactorysoftware.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM.
Frame ID: 9967.1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.getandprepareforupdatingfree.win/?pcl=a2JApTD-TMndfe0k5ia34_-9tgcb0lRZR5gUlwGU8-k.&cid=393608737547&sid=1472874 HTTP 302
http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1Isi... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

138 kB
Transfer

145 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tagfactorysoftware.com/E8tQ4p9xFv_ol9IzvcN8TY6FH7DyijVjksdOHexG4NOxnabeSyt4Qz19PtGnFkKVIRzq36SApdJe6oCHCpnxHUXYEZItVIVaKCEY5nvq2dsNS9ja9ewq0ihQndBafYd2ISORcHK_Pps_7+PZ77xq981xCcIxX_wl5KAyLdOsl5H+kqwaKZo4IGOcYgiTX0D22oUIj9pOytAJTY4O3J2svKHcfJS6+foiyNK5OKfVripzB43dGOKMz7_a+UttrL0+AoA1h6U4YOu5VVzxXkke8ni8_l2Ijo5zPD9ex2Dg59TqMXt9vINkE95YAlGA7HJJWagHCDxqOTUbuWiLxjkCQAUFpF438fod4L+iTM1P0zP_B8EhDyd4b1l2+U6UqEwKuz3gLrzD++FN+TjOQ77Dh0elCH8Gvy4cesUqesbr5X+c2sRI7WuvA0AUPbcQV73xPmzNKSMavQ6frLwstYWbSMGyU8dXdpgBrai7Vn3MXBo52cx1Unb7FLPNTspy+oBAVFi0tY+b8Ke9DQpmaB_s4iX9Sbj0aVvLKO8GfQDoAo1xKCphTV1urgoZEAxrJCuYZurCzeeLaKKqZMtuna7hsJbehkcp7mHqLI3N0S_H185l8LGzlXpeOBt5PulCzBVOcuAvkv4fGgDkDsUxANX4ouIL1R4sl4otLMUTWCy6COCy3jiZO6rGSj_6VHLgO1yoQ3SUw7ACDHi0Jqi+g_gCSNtWxyh33JBbg6iaXQfyPl03Uykqsbacug4Qq9hsvBj_88wpzFh9x9ouQIW+dtkqK4jQcqh_3Ru_LvI6QAzTWZdnaqiQfvgRbyWwwOgBLom3sjGwR8gpOUm6Zs8AmB4UbNLe7Ql5l9lR+lu5PTfos3cp1Ea5s3pVRXFrSvDXhNu4ddiGPpsvqAND2mMZv3RqGzBA1pcyWXVr0igA_Fw72j0dHfFNdWhcuo349ornYCYJTbpa2zZQ80L+GwiaocZ32uYsIHOs6m0V9GwLLMRRKQ6YkQUMrbI8_sfGIFPtEK0dOy28alcodaQA7pVGBTZw3iYofPapRPV8oOC4ql6xH4NU6SkMW6_M2dp7Ihf9MfIPwUad+O5KVFbTzdHy_A4T1ewHA_UWBfEFt_fv_E9Tit++N_8pQZp5ZsbteAgRMebeKEIZgz7sPMOON9vtV15D1qcGUqUGNYlh9yzbv1DKKJDOs32l2y8Zb_WzZ58XsnYAWnrJet720MJTELO1KT_VCzs_i5E0JrqeEpw3Tuygq4naFl2FbU2eGSZ6eMGu7i3bdKa_CP1n1HUXQvWtqUBicO1+UR9cjW6IolztsCID_SN19Jxr8V2jMBTnCfEvek9FDxqxLtgOzNELXZcjRWct0eP+zChv0gI1f2eV2lrYQhM7sxFV0sQ=-GzQBAGRwbi2xdp8GxH1wF8c4cLiFngYdlBehwUMWhGiXyCr1uJ8GLUiF4k0BRwm_PZ4kbvFjcok7Mx4Pvk5dods+Hdjr5XplZW_3CEdpPoTuIt78DfWCNKdrfcih_eyk22F6Gibenz4_MTx8ep12ZrshPk+VcWxWx20x1J_VIqPn8tQWRfA1eV1jGpYp0QiCBMQmryuQqJRA8PW97BfFpu89TV5XkKIiTBHWCGEYvIPgafK6IhPgBE+T11UZyiCrR7_MfX9BnKQfEohBZjZT2Z1O1kNdC5N8pf0O+wMfE2fPGZQDOZmOB2qP9WfRv2vMReAEQb2mtgUB
Title: Download & Install

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.getandprepareforupdatingfree.win/?pcl=a2JApTD-TMndfe0k5ia34_-9tgcb0lRZR5gUlwGU8-k.&cid=393608737547&sid=1472874 HTTP 302
http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response undoupgrade24.yourgoodandglobalupgrade.bid/ Redirect Chain http://www.getandprepareforupdatingfree.win/?pcl=a2JApTD-TMndfe0k5ia34_-9tgcb0lRZR5gUlwGU8-k.&cid=393608737547&sid=1472874 http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVd...	12 KB 5 KB	1245ms 309ms	Document text/html	162.255.117.134 Namecheap
General Check archive.org Show headers Download Go to Full URL http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 162.255.117.134 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS Software nginx/1.11.6 / PHP/7.0.24-1~dotdeb+8.1 Resource Hash `d7e474b35e24f1e43aafe91f0ea2e8de21615e0eee8cd8d002a79abaa2178745` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host undoupgrade24.yourgoodandglobalupgrade.bid Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Wed, 06 Dec 2017 13:56:03 GMT Content-Encoding gzip Server nginx/1.11.6 X-Powered-By PHP/7.0.24-1~dotdeb+8.1 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Set-Cookie channel=gever_pc_ffie_nov15; expires=Wed, 06-Dec-2017 14:16:03 GMT; Max-Age=1200; path=/ dist_id=5973; expires=Wed, 06-Dec-2017 14:16:03 GMT; Max-Age=1200; path=/ lp_id=2040; expires=Wed, 06-Dec-2017 14:16:03 GMT; Max-Age=1200; path=/ Connection keep-alive Redirect headers Location http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Date Wed, 06 Dec 2017 13:56:02 GMT Server nginx/1.11.6 Connection keep-alive X-Powered-By PHP/7.0.23-1~dotdeb+8.1 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	dl.min.js Show response js.bestquickcontentfiles.com/	2 KB 2 KB	29ms 10ms	Script application/javascript	52.85.173.187 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://js.bestquickcontentfiles.com/dl.min.js Requested by Host: undoupgrade24.yourgoodandglobalupgrade.bid URL: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 52.85.173.187 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-173-187.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `3e9b1e419ce53f556d21d94b8e3deb4cc772040d5b871a3fe1412f1d42fc0b49` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host js.bestquickcontentfiles.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Connection keep-alive Cache-Control no-cache Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 20 Nov 2017 07:53:36 GMT Via 1.1 0be769c7e09c2ff80afb194a85a78b4c.cloudfront.net (CloudFront) Last-Modified Thu, 10 Aug 2017 07:40:39 GMT Server AmazonS3 Age 21738 ETag "61cc842cd45a9714f8cf3596b9ae82d0" X-Cache Hit from cloudfront x-amz-version-id 3kg27hHZEF.jyft4m.8HfrJ2gYVRK1XF Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 1621 X-Amz-Cf-Id iZwm8A4oX5Zapyi8nYCExjOpL--Rl3OABbfv6KU-9Q1bFSZ1vXaQsg==
GET H/1.1	200 OK	loadhold.png dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/	3 KB 3 KB	26ms 7ms	Image image/png	52.85.173.206 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/loadhold.png Requested by Host: undoupgrade24.yourgoodandglobalupgrade.bid URL: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 52.85.173.206 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-173-206.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `dd7c4e1f4665ce20fdf47c14b95f40d65d19f8c9281b1dbb8522b20501ddf9a0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dqjqvx3jubsfz.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Connection keep-alive Cache-Control no-cache Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 10 Jul 2017 02:26:49 GMT Via 1.1 c438f26ccd08e3dcd1f5cc4a61417fde.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-04T11:37:19.668Z Server AmazonS3 Age 26980 ETag "9b6a97c6b4f5bbfa523b6df6791bf7a8" X-Cache Hit from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:27:46 GMT Connection keep-alive Accept-Ranges bytes Content-Length 2977 X-Amz-Cf-Id lyb_XpGU2i4f0wtYYb978JWD_D2p8BddOwFEXGAQoCmaQ4O8or3OOw==
GET H/1.1	200 OK	flash2.png dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/	32 KB 32 KB	7ms 7ms	Image image/png	52.85.173.206 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/flash2.png Requested by Host: undoupgrade24.yourgoodandglobalupgrade.bid URL: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 52.85.173.206 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-173-206.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `3e1ef8df686a66a5a4d2350a1364cef25e89aa6dfa2b3bc54c92b7de7d81eee7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dqjqvx3jubsfz.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Connection keep-alive Cache-Control no-cache Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 11 Nov 2017 10:49:47 GMT Via 1.1 c438f26ccd08e3dcd1f5cc4a61417fde.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2016-05-31T12:27:21.446Z Server AmazonS3 Age 23081 ETag "4eea027c7c1ed3e36a3d13f21e6a4936" X-Cache Hit from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:27:45 GMT Connection keep-alive Accept-Ranges bytes Content-Length 32382 X-Amz-Cf-Id LuynlPD2nVPIUwqP3rb8fnr4RXskdi-6_4QfZ1mr0WqhSN7ltJTGfg==
GET H/1.1	200 OK	d.min.js Show response js.bestquickcontentfiles.com/	1 KB 1 KB	9ms 7ms	Script application/javascript	52.85.173.187 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://js.bestquickcontentfiles.com/d.min.js Requested by Host: undoupgrade24.yourgoodandglobalupgrade.bid URL: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 52.85.173.187 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-173-187.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `5851c6ce0f1a72400ab4707a69ba52250f5d1121bb67906035b583dbdfb488b6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host js.bestquickcontentfiles.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Connection keep-alive Cache-Control no-cache Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 20 Nov 2017 07:52:53 GMT Via 1.1 0be769c7e09c2ff80afb194a85a78b4c.cloudfront.net (CloudFront) Last-Modified Sun, 05 Nov 2017 09:39:10 GMT Server AmazonS3 Age 21763 ETag "076327acad248ed10948c6accd370b0d" X-Cache Hit from cloudfront x-amz-version-id NE6VH5YJ8JvSaFOGN4nGek8SP4bXMoRc Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 1410 X-Amz-Cf-Id OPDm3xJlKQt7ah5CgtyNUcLMwj-jvxrJp_1NuKfik2LEtL9hkPPJvw==
GET H/1.1	200 OK	flash600-400.png dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/	53 KB 53 KB	23ms 15ms	Image image/png	52.85.173.206 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/flash600-400.png Requested by Host: undoupgrade24.yourgoodandglobalupgrade.bid URL: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 52.85.173.206 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-173-206.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `ed91952411a54cfbeeaf2ed3ee74cdfc6764801d9e8c62c8856dec1c2cf4b03f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dqjqvx3jubsfz.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Connection keep-alive Cache-Control no-cache Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 10 Jul 2017 02:28:17 GMT Via 1.1 c438f26ccd08e3dcd1f5cc4a61417fde.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2014-12-30T10:13:28.685Z Server AmazonS3 Age 31697 ETag "491d61922201309ea24c018941d24728" X-Cache Hit from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:27:45 GMT Connection keep-alive Accept-Ranges bytes Content-Length 54513 X-Amz-Cf-Id d9popqO9Dr3Gb2-PvuWqrI4lmqAN5Pll6fxCRl7IBdQQuo_YWTPfOg==
GET H/1.1	200 OK	windowtemp2.png dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/	42 KB 42 KB	15ms 7ms	Image image/png	52.85.173.224 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dqjqvx3jubsfz.cloudfront.net/lps/FlashPlayer2_T/images/windowtemp2.png Requested by Host: undoupgrade24.yourgoodandglobalupgrade.bid URL: http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Protocol HTTP/1.1 Server 52.85.173.224 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-173-224.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `0b9db1193c8d592ffb6f563d5a4eac2fed5ebc89440c122addf6daf29f22e63c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dqjqvx3jubsfz.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. Connection keep-alive Cache-Control no-cache Referer http://undoupgrade24.yourgoodandglobalupgrade.bid/?pcl=18SE8FkQOQPjvamW4HuwG4mNsRfh2Z53lCjb7VA_BuSGuXGtnf8_bs4VbDBAvkmq6YK1IsizWSxGg_zNv8YyXA..&cid=393608737547&sid=1472874&v_id=K0mKJQGg3qtwP3eVUVdI7lUd940p0tKIF2D9ELrfChM. User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 01 Sep 2017 15:47:46 GMT Via 1.1 b4ee4db849dcb5fce83f0bc3d6a9d57f.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2016-05-31T12:27:18.702Z Server AmazonS3 Age 33959 ETag "ad8966122d18bf9e38f877be90a81362" X-Cache Hit from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:27:47 GMT Connection keep-alive Accept-Ranges bytes Content-Length 42774 X-Amz-Cf-Id ZXeO7M4paAlHiDvaSCzWG58M7d87qrtKz4-IvElLMQFH94UhuxJE-w==

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
undoupgrade24.yourgoodandglobalupgrade.bid/	1970-01-18 12:09:29	Name: lp_id Value: 2040
undoupgrade24.yourgoodandglobalupgrade.bid/	1970-01-18 12:09:29	Name: dist_id Value: 5973
undoupgrade24.yourgoodandglobalupgrade.bid/	1970-01-18 12:09:29	Name: channel Value: gever_pc_ffie_nov15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dqjqvx3jubsfz.cloudfront.net
js.bestquickcontentfiles.com
undoupgrade24.yourgoodandglobalupgrade.bid
www.getandprepareforupdatingfree.win
162.255.117.134
212.83.166.129
52.85.173.187
52.85.173.206
52.85.173.224
0b9db1193c8d592ffb6f563d5a4eac2fed5ebc89440c122addf6daf29f22e63c
3e1ef8df686a66a5a4d2350a1364cef25e89aa6dfa2b3bc54c92b7de7d81eee7
3e9b1e419ce53f556d21d94b8e3deb4cc772040d5b871a3fe1412f1d42fc0b49
5851c6ce0f1a72400ab4707a69ba52250f5d1121bb67906035b583dbdfb488b6
d7e474b35e24f1e43aafe91f0ea2e8de21615e0eee8cd8d002a79abaa2178745
dd7c4e1f4665ce20fdf47c14b95f40d65d19f8c9281b1dbb8522b20501ddf9a0
ed91952411a54cfbeeaf2ed3ee74cdfc6764801d9e8c62c8856dec1c2cf4b03f

undoupgrade24.yourgoodandglobalupgrade.bid Open in urlscan Pro 162.255.117.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

138 kBTransfer

145 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

Indicators

undoupgrade24.yourgoodandglobalupgrade.bid Open in urlscan Pro
162.255.117.134 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

138 kB
Transfer

145 kB
Size

3
Cookies

7 HTTP transactions
0 data transactions