urlscan.io logo urlscan.io
SecurityTrails logo

openprecise-bestmostinstallation.best Open in urlscan Pro
34.225.168.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mx.mytoolsgames.com/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global
Effective URL: https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
Submission: On February 11 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 5 HTTP transactions. The main IP is 34.225.168.158, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is openprecise-bestmostinstallation.best.
TLS certificate: Issued by R3 on February 9th 2022. Valid for: 3 months.
This is the only time openprecise-bestmostinstallation.best was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.227.23.114 14061 (DIGITALOC...)
1 139.45.197.236 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 1 139.45.197.237 9002 (RETN-AS)
1 1 107.20.106.95 14618 (AMAZON-AES)
3 34.225.168.158 14618 (AMAZON-AES)
5 4
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
mx.mytoolsgames.com
1    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
upshroomishtor.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
thaudray.com
1    107.20.106.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
rox.neptuntrack.com
3    34.225.168.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-168-158.compute-1.amazonaws.com
openprecise-bestmostinstallation.best
Apex Domain
Subdomains		 Transfer
3 openprecise-bestmostinstallation.best
openprecise-bestmostinstallation.best
537 KB
1 neptuntrack.com
rox.neptuntrack.com — Cisco Umbrella Rank: 107141
324 B
1 thaudray.com
thaudray.com — Cisco Umbrella Rank: 85086
920 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10281
491 B
1 upshroomishtor.com
upshroomishtor.com — Cisco Umbrella Rank: 543165
4 KB
1 mytoolsgames.com
mx.mytoolsgames.com
273 B
5 6
Domain Requested by
3 openprecise-bestmostinstallation.best openprecise-bestmostinstallation.best
1 rox.neptuntrack.com 1 redirects
1 thaudray.com 1 redirects
1 my.rtmark.net upshroomishtor.com
1 upshroomishtor.com
1 mx.mytoolsgames.com 1 redirects
5 6

This site contains no links.

Subject Issuer Validity Valid
upshroomishtor.com
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
openprecise-bestmostinstallation.best
R3		 2022-02-09 -
2022-05-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
Frame ID: 02823187828537E9E2ADA9733B537BB4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Add to Your Browser

Page URL History Show full URLs

  1. https://mx.mytoolsgames.com/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global HTTP 302
    https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6 Page URL
  2. https://thaudray.com/?z=4677282&syncedCookie=true HTTP 302
    https://rox.neptuntrack.com/eethbdf/bzdaehe/?utm_source=24&utm_campaign=9182312&cid=516126004536964069&s... HTTP 302
    https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

541 kB
Transfer

583 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mx.mytoolsgames.com/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global HTTP 302
    https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6 Page URL
  2. https://thaudray.com/?z=4677282&syncedCookie=true HTTP 302
    https://rox.neptuntrack.com/eethbdf/bzdaehe/?utm_source=24&utm_campaign=9182312&cid=516126004536964069&sid=4677282 HTTP 302
    https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mx.mytoolsgames.com/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global HTTP 302
  • https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
link
upshroomishtor.com/
Redirect Chain
  • https://mx.mytoolsgames.com/?k=ef202c33ba40584012084b548432c1b6&type=mainstream&subtype=global
  • https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6bc7c0dd74e838750892d7029189ab4af2d5836f31b3bb68c8b474c0b3d6efec
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Fri, 11 Feb 2022 22:12:27 GMT
content-type
text/html; charset=utf8
x-trace-id
b43d6722298d19550cb058210fe239d8
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Server
nginx/1.16.1 (Ubuntu)
Date
Fri, 11 Feb 2022 22:12:27 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Location
https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=078774585f20431cbf99eae3d81bf5bd
Requested by
Host: upshroomishtor.com
URL: https://upshroomishtor.com/link?z=4677281&var=4783&ymid=e594bd15987cc7f50b34d449be43caa6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://upshroomishtor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 22:12:27 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk
openprecise-bestmostinstallation.best/
Redirect Chain
  • https://thaudray.com/?z=4677282&syncedCookie=true
  • https://rox.neptuntrack.com/eethbdf/bzdaehe/?utm_source=24&utm_campaign=9182312&cid=516126004536964069&sid=4677282
  • https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
107 KB
108 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.168.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3e060eeeba224f6f5e1c59b51acb96a6046722814a9beb3d75b9ecdf71ab3a73

Request headers

Upgrade-Insecure-Requests
1
Origin
https://upshroomishtor.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Date
Fri, 11 Feb 2022 22:12:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Server
nginx

Redirect headers

Date
Fri, 11 Feb 2022 22:12:28 GMT
Content-Type
text/html
Content-Length
142
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
Server
nginx
truncated
/ 		993 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28d51d2129e3a3c534b7a10c201d82bb3762fabff27e7bd191896bd69dcc2728

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb581c108e747e5625b80e92c27dc682a47ed4a2dc28a72684251a44c52c7518

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63922506fdbfb3ae80fdd5f314480e13c69fec443b88aaa37f7784715a4c77c6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
jquery-3.4.1.min.js
openprecise-bestmostinstallation.best/resources/lps/chrome_ext/js/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openprecise-bestmostinstallation.best/resources/lps/chrome_ext/js/jquery-3.4.1.min.js
Requested by
Host: openprecise-bestmostinstallation.best
URL: https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.168.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 22:12:29 GMT
Last-Modified
Fri, 11 Feb 2022 22:07:23 GMT
Server
nginx
ETag
"6206de1b-15853"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88147
jquery-ui.js
openprecise-bestmostinstallation.best/resources/lps/chrome_ext/js/ 		343 KB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openprecise-bestmostinstallation.best/resources/lps/chrome_ext/js/jquery-ui.js
Requested by
Host: openprecise-bestmostinstallation.best
URL: https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.168.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
04fd54802fe880f7ff2cb98152a49490f1408d8e6f266da7c90d97a603963980

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://openprecise-bestmostinstallation.best/N6QwOlP83eCqFTvuJWgrjWNH869IBxdnzEJoiSWmuBk?cid=516126004536964069&sid=4677282
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 22:12:29 GMT
Last-Modified
Fri, 11 Feb 2022 22:07:23 GMT
Server
nginx
ETag
"6206de1b-55b84"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
351108
truncated
/ 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03273e205608360b8a255075edb22a0adcd84b2a7e1bde70c964c2367fe1280a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb31b1ebf4d4214396e36c863c2e1864dc840976c17cce5c59668f79edeb833b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| $ function| jQuery boolean| cwswindowclosed undefined| oldCWSLeft undefined| oldCWSTop function| openInstall function| myMove

7 Cookies

Domain/Path Name / Value
upshroomishtor.com/ Name: OAID
Value: 078774585f20431cbf99eae3d81bf5bd
upshroomishtor.com/ Name: oaidts
Value: 1644617547
upshroomishtor.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 078774585f20431cbf99eae3d81bf5bd
thaudray.com/ Name: OAID
Value: 9e8e4f346258466c8cb86aa66d2e530b
thaudray.com/ Name: oaidts
Value: 1644617548
openprecise-bestmostinstallation.best/ Name: session
Value: fX2VWklMm-IpcPsQm1P5rTnt4htA0C90

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff