safesend.sgpdev.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700::6812:1a2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is safesend.sgpdev.com.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time safesend.sgpdev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700::68... 2606:4700::6812:1a2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.20.12.145 23.20.12.145	14618 (AMAZON-AES) (AMAZON-AES)
7	3

5 2606:4700::6812:1a2d (United States)

ASN13335 (CLOUDFLARENET, US)

safesend.sgpdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.12.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-12-145.compute-1.amazonaws.com

rolemasterv1.sgpdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	sgpdev.com safesend.sgpdev.com rolemasterv1.sgpdev.com authentication.sgpdev.com Failed	184 KB
7	1

	Domain	Requested by
5	safesend.sgpdev.com	safesend.sgpdev.com
1	rolemasterv1.sgpdev.com	safesend.sgpdev.com
0	authentication.sgpdev.com Failed	safesend.sgpdev.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
safesend.sgpdev.com WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
*.sgpdev.com Amazon RSA 2048 M03	`2024-01-14` - `2025-02-11`	a year	crt.sh

This page contains 1 frames:

Frame: https://authentication.sgpdev.com/windows
Frame ID: D08664A44E478E615C32BC841DB7B159
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafeSend

Page Statistics

7
Requests

86 %
HTTPS

50 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

184 kB
Transfer

690 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
safesend.sgpdev.com/ 458 B
645 B 487ms
172ms Document
text/html 2606:4700::6812:1a2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safesend.sgpdev.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a16c4a18ca787d09ae4eb2ebd37a8001bb85be15f56e4035d65b67f49d4fb6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8db25ed16f3ba2c9-YUL
content-encoding: gzip
content-type: text/html
date: Thu, 31 Oct 2024 08:45:42 GMT
last-modified: Mon, 28 Oct 2024 13:42:27 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 0e0d2c849ef60f83e28215a963048fd2.cloudfront.net (CloudFront)
x-amz-cf-id: sK4iJWJJAi7CwIpX2mBDOaDyPKLEM0Yy39lXVZAPi0EhNuTqWOvLSA==
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H2 200 index-BjeBpzf3.js Show response
safesend.sgpdev.com/assets/ 368 KB
119 KB 276ms
225ms Script
text/javascript 2606:4700::6812:1a2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safesend.sgpdev.com/assets/index-BjeBpzf3.js

Requested by

Host: safesend.sgpdev.com
URL: https://safesend.sgpdev.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732bea3abf504a368465f940738bb92b491e7d3ba3e88f9650ad00c42f84e474

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://safesend.sgpdev.com
Referer: https://safesend.sgpdev.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"7fef807eb84f1c35f6d421d3f6fcb4c6"
expires: Thu, 31 Oct 2024 12:45:42 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: zhucrpqamtlrqRw0H3wmmkwkomN6B9OMSr-buw9qGnCr8t3UU-01Kg==
date: Thu, 31 Oct 2024 08:45:42 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 13:42:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
cf-ray: 8db25ed31feba2c9-YUL
x-amz-cf-pop: IAD55-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 index-csANfwlC.css
safesend.sgpdev.com/assets/ 303 KB
44 KB 286ms
236ms Stylesheet
text/css 2606:4700::6812:1a2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safesend.sgpdev.com/assets/index-csANfwlC.css

Requested by

Host: safesend.sgpdev.com
URL: https://safesend.sgpdev.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e316b2d3df04f985c26967a07260941b16fd6c1792e2106a7a3f5dfc76fbc561

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://safesend.sgpdev.com
Referer: https://safesend.sgpdev.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"6df2a406503b3f991108e47b843f2618"
expires: Thu, 31 Oct 2024 12:45:42 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: C9UlpLTtR4RlRnvOsLaLHc9KsvwxSTlvysMknRJib2it8xfoNjzYMg==
date: Thu, 31 Oct 2024 08:45:42 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 13:42:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
cf-ray: 8db25ed31fe9a2c9-YUL
x-amz-cf-pop: IAD55-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 403 getfunctionsbytoken Show response
rolemasterv1.sgpdev.com/rolemaster/v1/ 9 B
197 B 2794ms
2425ms XHR
text/plain 23.20.12.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rolemasterv1.sgpdev.com/rolemaster/v1/getfunctionsbytoken
Requested by: Host: safesend.sgpdev.com
URL: https://safesend.sgpdev.com/assets/index-BjeBpzf3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.20.12.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-12-145.compute-1.amazonaws.com
Software: /
Resource Hash: 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://safesend.sgpdev.com/

Response headers

apigw-requestid: AgeErgKRIAMEM6Q=
access-control-allow-origin: https://safesend.sgpdev.com
content-length: 9
date: Thu, 31 Oct 2024 08:45:45 GMT
content-type: text/plain; charset=utf-8
vary: origin
access-control-allow-credentials: true

GET
H2 200 montserrat-regular-webfont.woff2
safesend.sgpdev.com/fonts/ 18 KB
18 KB 243ms
207ms Font
font/woff2 2606:4700::6812:1a2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safesend.sgpdev.com/fonts/montserrat-regular-webfont.woff2

Requested by

Host: safesend.sgpdev.com
URL: https://safesend.sgpdev.com/assets/index-csANfwlC.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da04f43f4de8ca24e2611876858dcbfe21e1931688a4692645dd531977031c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://safesend.sgpdev.com
Referer: https://safesend.sgpdev.com/assets/index-csANfwlC.css

Response headers

cf-cache-status: REVALIDATED
etag: "9525d28abe9c5efecc7dcfe9acf53683"
expires: Thu, 31 Oct 2024 12:45:43 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: O5ODS7elAxoTcSq7M87Xp0yQJ-J0UK6z2MLncb1Rqdj15VFfnxcFAQ==
date: Thu, 31 Oct 2024 08:45:43 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 13:42:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
cf-ray: 8db25ed6ba88a2c9-YUL
accept-ranges: bytes
content-length: 18696
x-amz-cf-pop: IAD55-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.png
safesend.sgpdev.com/ 964 B
1 KB 80ms
69ms Other
image/png 2606:4700::6812:1a2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://safesend.sgpdev.com/favicon.png

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8066ec20ce935e67969894d63cbe89a1aba68da1ae30a3c36c64d4f2ae4f125b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://safesend.sgpdev.com/

Response headers

cf-cache-status: HIT
etag: "5307463308c64d8bc99b101bb9ab97ba"
expires: Thu, 31 Oct 2024 12:45:43 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: 8e2zTZ208Rfbx_cjrm-67-x4lPLN51928Vg1ANVqHxDHbFhztE6WOw==
date: Thu, 31 Oct 2024 08:45:43 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 13:42:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
cf-ray: 8db25ed79ae8a2c9-YUL
accept-ranges: bytes
content-length: 964
x-amz-cf-pop: IAD55-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET windows
authentication.sgpdev.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: authentication.sgpdev.com
URL: https://authentication.sgpdev.com/windows

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rolemasterv1.sgpdev.com/rolemaster/v1/getfunctionsbytoken Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authentication.sgpdev.com
rolemasterv1.sgpdev.com
safesend.sgpdev.com
authentication.sgpdev.com
23.20.12.145
2606:4700::6812:1a2d
1a16c4a18ca787d09ae4eb2ebd37a8001bb85be15f56e4035d65b67f49d4fb6c
732bea3abf504a368465f940738bb92b491e7d3ba3e88f9650ad00c42f84e474
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
8066ec20ce935e67969894d63cbe89a1aba68da1ae30a3c36c64d4f2ae4f125b
8da04f43f4de8ca24e2611876858dcbfe21e1931688a4692645dd531977031c2
e316b2d3df04f985c26967a07260941b16fd6c1792e2106a7a3f5dfc76fbc561

safesend.sgpdev.com Open in urlscan Pro 2606:4700::6812:1a2d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

86 %HTTPS

50 %IPv6

1 Domains

3 Subdomains

3 IPs

1 Countries

184 kBTransfer

690 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

safesend.sgpdev.com Open in urlscan Pro
2606:4700::6812:1a2d Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

50 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

184 kB
Transfer

690 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions