Submitted URL: http://be.goocity.it/steinberg.html
Effective URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK
Submission: On June 24 via manual from US

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 62.138.18.107, located in Germany and belongs to GD-EMEA-DC-SXB1, DE. The main domain is bestprizesday2.life.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 3rd 2020. Valid for: 3 months.
This is the only time bestprizesday2.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 37.1.209.213 35017 (SWIFTWAY-...)
2 62.138.18.107 8972 (GD-EMEA-D...)
4 2
Apex Domain
Subdomains
Transfer
2 bestprizesday2.life
bestprizesday2.life
52 KB
1 goocity.it
be.goocity.it
583 B
0 caningeit14.live Failed
caningeit14.live Failed
4 3
Domain Requested by
2 bestprizesday2.life bestprizesday2.life
1 be.goocity.it 1 redirects
0 caningeit14.live Failed bestprizesday2.life
4 3

This site contains no links.

Subject Issuer Validity Valid
bestprizesday2.life
Let's Encrypt Authority X3
2020-06-03 -
2020-09-01
3 months crt.sh

This page contains 2 frames:

Frame: https://caningeit14.live/8343135320/?u=tqck80z&o=zdqr96x&t=dropSHLAK&f=1&sid=t4~h5wvvy5gqa4o3vcvbz1ymckp&fp=WVhQu%2ByDSI%2BFnBQMK2FjUt9y2Or8C7BYYDoeHIeh8ZYPmE6jmP3nzcRYDpKumrOh0MS2RcKNzoyxnR3InGI9BsXuV5uxzVPvB3QJ3acKZlvOq34z5jxIMHtngTWq8CBDOak9eSd7Cbn%2FnmYBZLQECI9IcGrVdz1oAupxHiKNKo3XN0O9yIAtJUu3nR3ojwV33JLUQJA9p1qNOTOP0RvJGIGwD5mgaCW0zchpRkaJKwRdt6gmIZwqBdsAYxPWhvyN8vTFiYVLHJFXETeFOgBC8TbSgksw8PX05R9960UiS2fpWIahyLSHT8ZLfcL79nzYBM6xZerqy2b%2B%2Fy%2FcVRoKB0B%2FyS5%2BOoBxcuAdESk4%2B%2BVzn0qrozTkogt%2BpPmJ4tXu66hmQLDtSpuZrouF20KcFZMksQGpw4vtjomt%2FbXiXB9ws0E8%2BGBCB9G%2B0UMxnt4DVAyPlrRFVMSAF2ZtX8Tm6bwTFCyqQ2Ch8j6EUhhelSNr4szK%2F62Agm076svwUKz7k3Hdj369KnbmRrL1NWAlVbsAKX%2FO5juyE1LgFkYdDM9MOxss%2BxphMeOPFAzYub9jlRzl6vhsGAidXunxEv6gFpQl4NKLqgil8RhXiHHoWIF6Xe1ldZ290QBJqGhxIkf4jbct1a1MfpKbkaxy6PDtQg%2B2Y11RNJDDyIfkplqqq05CD1dcSju5W%2BfdqfVB2ZX1n%2BYQKrQks%2Beuds%2Ffao5bw6gb8TjLZV09SzY5nsOJyC5IMHPsU0eskG3Lm2%2BxwMPEk0bprgDqiAo5pmxrzwckwpVbLpdioMyvu%2FFK8R9Am9lCb6RMHBJdjcHvAJkkDSezN9S9NLcirucjP0VhrOgHsdpZBa2nROg%2Fnq8WE8E8N2DdSuDbOSf%2FIJo0UiTOC2YxBwaepPGPozoyCHW2XGfkKrOHK%2FHtR6XUZBI5Q7sV18%2B0LBm8D1vmWpprLTsBLpYObvwqZ15C0mW%2Ff%2FF8sDcvz1vve3KQgndNG7h66rcxYf1%2F8Bb%2B0ifDNtLwjjAIR2x13u%2F%2Beqr0nYCjKRdU7l3yLRoOSIUvUtbwmXelTRChRPali%2FQ1EEkRsObFjF9ouOQz30SW7F0MylfoQ1mSh3OM6f5zU28pSwwlYCBsrGPOOXxcMdSoFF7uXaO3nidKooUvbll6EaCdZcvsfLc1CE4i6jD7hDiKysJ1ekmg44RwyxlKKDFBhgBjU5ykxWUykrkG6EEYLWNsLi%2B%2FC4p0fyjYbkhVngS6hlrYSGeVjI%2Bvbkoaohq3TEFJtG5ILDLTUSNiUUyzGc9iaBNBpfOz1x47Ng%3D%3D
Frame ID: 35183954B81268DA94433C0345B10B5E
Requests: 2 HTTP requests in this frame

Frame: https://bestprizesday2.life/media/mainstream/pixel.html
Frame ID: C5252EE4BF2B9223BFE2BA7F33667C4E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://be.goocity.it/steinberg.html HTTP 302
    http://37.1.209.213/NZMcgH?host=be.goocity.it/&mark=2306_15it_top350_800k&keyword=steinberg&temp... HTTP 302
    https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

52 kB
Transfer

51 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://be.goocity.it/steinberg.html HTTP 302
    http://37.1.209.213/NZMcgH?host=be.goocity.it/&mark=2306_15it_top350_800k&keyword=steinberg&template=&se_referrer= HTTP 302
    https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
bestprizesday2.life/
Redirect Chain
  • http://be.goocity.it/steinberg.html
  • http://37.1.209.213/NZMcgH?host=be.goocity.it/&mark=2306_15it_top350_800k&keyword=steinberg&template=&se_referrer=
  • https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK
51 KB
52 KB
Document
General
Full URL
https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
62.138.18.107 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vds2007x5.dedicatedpanel.com
Software
nginx / ASP.NET
Resource Hash
16f2840b7a4d6d3af77840acd4c083eccab553935b2131e39a9bd4a8ff41eced

Request headers

Host
bestprizesday2.life
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 24 Jun 2020 16:17:48 GMT
Content-Type
text/html
Content-Length
52516
Connection
keep-alive
Cache-Control
private no-transform
Set-Cookie
sid=t4~h5wvvy5gqa4o3vcvbz1ymckp; path=/ sid=t4~h5wvvy5gqa4o3vcvbz1ymckp; path=/ p1=https://caningeit14.live/8343135320/; path=/ s1=3j0d71n366wqo6je; path=/
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Server
nginx
Date
Wed, 24 Jun 2020 16:17:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Wed, 24 Jun 2020 16:17:29 GMT
Location
https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK
Pragma
no-cache
Set-Cookie
_subid=nnvbp51m2h9e;Expires=Saturday, 25-Jul-2020 16:17:29 GMT;Max-Age=2678400;Path=/ 06624=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjZcIjoxNTkzMDE1NDQ5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNTkzMDE1NDQ5fSxcInRpbWVcIjoxNTkzMDE1NDQ5fSJ9.uX0nQx5-TXxhyqgT8Psy6PH91ee-cMew849sIJHSEGM;Expires=Saturday, 25-Jul-2020 16:17:29 GMT;Max-Age=2678400;Path=/
Access-Control-Allow-Origin
*
pixel.html
bestprizesday2.life/media/mainstream/ Frame C525
39 B
297 B
Document
General
Full URL
https://bestprizesday2.life/media/mainstream/pixel.html
Requested by
Host: bestprizesday2.life
URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
62.138.18.107 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vds2007x5.dedicatedpanel.com
Software
nginx /
Resource Hash

Request headers

Host
bestprizesday2.life
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
sid=t4~h5wvvy5gqa4o3vcvbz1ymckp; p1=https://caningeit14.live/8343135320/; s1=3j0d71n366wqo6je
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK

Response headers

Server
nginx
Date
Wed, 24 Jun 2020 16:17:48 GMT
Content-Type
text/html
Content-Length
39
Connection
keep-alive
Last-Modified
Sun, 24 May 2020 02:20:52 GMT
ETag
"5ec9da04-27"
Cache-Control
no-transform
Accept-Ranges
bytes
/
caningeit14.live/8343135320/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
caningeit14.live
URL
https://caningeit14.live/8343135320/?u=tqck80z&o=zdqr96x&t=dropSHLAK&f=1&sid=t4~h5wvvy5gqa4o3vcvbz1ymckp&fp=WVhQu%2ByDSI%2BFnBQMK2FjUt9y2Or8C7BYYDoeHIeh8ZYPmE6jmP3nzcRYDpKumrOh0MS2RcKNzoyxnR3InGI9BsXuV5uxzVPvB3QJ3acKZlvOq34z5jxIMHtngTWq8CBDOak9eSd7Cbn%2FnmYBZLQECI9IcGrVdz1oAupxHiKNKo3XN0O9yIAtJUu3nR3ojwV33JLUQJA9p1qNOTOP0RvJGIGwD5mgaCW0zchpRkaJKwRdt6gmIZwqBdsAYxPWhvyN8vTFiYVLHJFXETeFOgBC8TbSgksw8PX05R9960UiS2fpWIahyLSHT8ZLfcL79nzYBM6xZerqy2b%2B%2Fy%2FcVRoKB0B%2FyS5%2BOoBxcuAdESk4%2B%2BVzn0qrozTkogt%2BpPmJ4tXu66hmQLDtSpuZrouF20KcFZMksQGpw4vtjomt%2FbXiXB9ws0E8%2BGBCB9G%2B0UMxnt4DVAyPlrRFVMSAF2ZtX8Tm6bwTFCyqQ2Ch8j6EUhhelSNr4szK%2F62Agm076svwUKz7k3Hdj369KnbmRrL1NWAlVbsAKX%2FO5juyE1LgFkYdDM9MOxss%2BxphMeOPFAzYub9jlRzl6vhsGAidXunxEv6gFpQl4NKLqgil8RhXiHHoWIF6Xe1ldZ290QBJqGhxIkf4jbct1a1MfpKbkaxy6PDtQg%2B2Y11RNJDDyIfkplqqq05CD1dcSju5W%2BfdqfVB2ZX1n%2BYQKrQks%2Beuds%2Ffao5bw6gb8TjLZV09SzY5nsOJyC5IMHPsU0eskG3Lm2%2BxwMPEk0bprgDqiAo5pmxrzwckwpVbLpdioMyvu%2FFK8R9Am9lCb6RMHBJdjcHvAJkkDSezN9S9NLcirucjP0VhrOgHsdpZBa2nROg%2Fnq8WE8E8N2DdSuDbOSf%2FIJo0UiTOC2YxBwaepPGPozoyCHW2XGfkKrOHK%2FHtR6XUZBI5Q7sV18%2B0LBm8D1vmWpprLTsBLpYObvwqZ15C0mW%2Ff%2FF8sDcvz1vve3KQgndNG7h66rcxYf1%2F8Bb%2B0ifDNtLwjjAIR2x13u%2F%2Beqr0nYCjKRdU7l3yLRoOSIUvUtbwmXelTRChRPali%2FQ1EEkRsObFjF9ouOQz30SW7F0MylfoQ1mSh3OM6f5zU28pSwwlYCBsrGPOOXxcMdSoFF7uXaO3nidKooUvbll6EaCdZcvsfLc1CE4i6jD7hDiKysJ1ekmg44RwyxlKKDFBhgBjU5ykxWUykrkG6EEYLWNsLi%2B%2FC4p0fyjYbkhVngS6hlrYSGeVjI%2Bvbkoaohq3TEFJtG5ILDLTUSNiUUyzGc9iaBNBpfOz1x47Ng%3D%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

5 Console Messages

Source Level URL
Text
console-api log URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK(Line 16)
Message:
From cookies:
console-api debug URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK(Line 16)
Message:
spooky
console-api log URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK(Line 16)
Message:
From cookies:
console-api log URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK(Line 16)
Message:
From cookies:
console-api log URL: https://bestprizesday2.life/?u=tqck80z&o=zdqr96x&t=dropSHLAK(Line 16)
Message:
From cookies:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

be.goocity.it
bestprizesday2.life
caningeit14.live
caningeit14.live
2606:4700:3032::ac43:8524
37.1.209.213
62.138.18.107
16f2840b7a4d6d3af77840acd4c083eccab553935b2131e39a9bd4a8ff41eced
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855