urlscan.io logo urlscan.io
SecurityTrails logo

startsuperrenewedthefile.vip Open in urlscan Pro
44.199.74.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bestaryua.com/afu.php?zoneid=2990027#var=2990027#rid=3Th2RouLEKbqynjRfqMwXQ%3D%3D
Effective URL: https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
Submission: On January 24 via manual from ES — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 44.199.74.229, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is startsuperrenewedthefile.vip.
TLS certificate: Issued by R3 on January 22nd 2022. Valid for: 3 months.
This is the only time startsuperrenewedthefile.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 139.45.197.237 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 1 107.20.106.95 14618 (AMAZON-AES)
3 44.199.74.229 14618 (AMAZON-AES)
5 4
Apex Domain
Subdomains		 Transfer
3 startsuperrenewedthefile.vip
startsuperrenewedthefile.vip
537 KB
1 neptuntrack.com
rox.neptuntrack.com — Cisco Umbrella Rank: 139587
315 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9045
505 B
1 bestaryua.com
bestaryua.com — Cisco Umbrella Rank: 663276
2 KB
5 4
Domain Requested by
3 startsuperrenewedthefile.vip bestaryua.com
startsuperrenewedthefile.vip
1 rox.neptuntrack.com 1 redirects
1 my.rtmark.net bestaryua.com
1 bestaryua.com
5 4

This site contains no links.

Subject Issuer Validity Valid
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
startsuperrenewedthefile.vip
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
Frame ID: 0153CB8DA35DC6F4B12B0F06214E1128
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Add to Your Browser

Page URL History Show full URLs

  1. http://bestaryua.com/afu.php?zoneid=2990027 Page URL
  2. https://rox.neptuntrack.com/sdgd/esafaerd/?utm_source=24&utm_campaign=9059262&cid=509434793587667615&sid... HTTP 302
    https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

540 kB
Transfer

578 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bestaryua.com/afu.php?zoneid=2990027 Page URL
  2. https://rox.neptuntrack.com/sdgd/esafaerd/?utm_source=24&utm_campaign=9059262&cid=509434793587667615&sid=2990027 HTTP 302
    https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
afu.php
bestaryua.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bestaryua.com/afu.php?zoneid=2990027
Protocol
HTTP/1.1
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a441586df84c18ec63fdd2a1b777b22b2d7762d9da6384308d92dcc9bb6393a7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx
Date
Mon, 24 Jan 2022 11:03:59 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
597b39049282da81e91781e1e81a1843
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://rox.neptuntrack.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age
86400
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Content-Encoding
gzip
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=1f386a40ca36411ca2d0d3ad574f7dc2
Requested by
Host: bestaryua.com
URL: http://bestaryua.com/afu.php?zoneid=2990027
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jan 2022 11:03:59 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
http://bestaryua.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI
startsuperrenewedthefile.vip/
Redirect Chain
  • https://rox.neptuntrack.com/sdgd/esafaerd/?utm_source=24&utm_campaign=9059262&cid=509434793587667615&sid=2990027
  • https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
107 KB
108 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
Requested by
Host: bestaryua.com
URL: http://bestaryua.com/afu.php?zoneid=2990027
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.74.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-74-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
991dc7ab127e3028e63fc5906a8e4e0d74fc80806981b3fac1fe2bd36d12d530

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://bestaryua.com/4/3601325/?var=2990027&ab2r=0&prfrev=false

Response headers

Date
Mon, 24 Jan 2022 11:03:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Server
nginx

Redirect headers

Date
Mon, 24 Jan 2022 11:03:59 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
Server
nginx
truncated
/ 		993 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28d51d2129e3a3c534b7a10c201d82bb3762fabff27e7bd191896bd69dcc2728

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
jquery-3.4.1.min.js
startsuperrenewedthefile.vip/resources/lps/chrome_ext/js/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://startsuperrenewedthefile.vip/resources/lps/chrome_ext/js/jquery-3.4.1.min.js
Requested by
Host: startsuperrenewedthefile.vip
URL: https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.74.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-74-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 11:04:00 GMT
Last-Modified
Mon, 24 Jan 2022 10:54:37 GMT
Server
nginx
ETag
"61ee856d-15853"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88147
jquery-ui.js
startsuperrenewedthefile.vip/resources/lps/chrome_ext/js/ 		343 KB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://startsuperrenewedthefile.vip/resources/lps/chrome_ext/js/jquery-ui.js
Requested by
Host: startsuperrenewedthefile.vip
URL: https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.74.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-74-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
04fd54802fe880f7ff2cb98152a49490f1408d8e6f266da7c90d97a603963980

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://startsuperrenewedthefile.vip/XFN-7B3Lee2LcXg8PryecZTA774aGggRpBLYM3AsXpI?cid=509434793587667615&sid=2990027
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 11:04:01 GMT
Last-Modified
Mon, 24 Jan 2022 10:54:37 GMT
Server
nginx
ETag
"61ee856d-55b84"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
351108
truncated
/ 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03273e205608360b8a255075edb22a0adcd84b2a7e1bde70c964c2367fe1280a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb31b1ebf4d4214396e36c863c2e1864dc840976c17cce5c59668f79edeb833b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| myMove

4 Cookies

Domain/Path Name / Value
bestaryua.com/ Name: OAID
Value: 1f386a40ca36411ca2d0d3ad574f7dc2
bestaryua.com/ Name: oaidts
Value: 1643022239
my.rtmark.net/ Name: ID
Value: 1f386a40ca36411ca2d0d3ad574f7dc2
startsuperrenewedthefile.vip/ Name: session
Value: uVODXjKlq47WJ8BKs4dM-gkrCFKpIfNq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff