saskmade.net - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 185.212.131.162, located in and belongs to INTERNET-IT, NL. The main domain is saskmade.net.

This is the only time saskmade.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.212.131.162 185.212.131.162	200313 (INTERNET-IT) (INTERNET-IT)
1	2606:4700:30:... 2606:4700:30::681f:4fa0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2606:4700:30:... 2606:4700:30::681b:9df8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::6812:2d29	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	4

1 185.212.131.162 (None, )

ASN200313 (INTERNET-IT, NL)
PTR: prohoster.info

saskmade.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:4fa0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.esa.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:9df8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ole.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6812:2d29 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

leo.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ole.so 1 redirects ole.so	398 B
1	leo.cash leo.cash	5 KB
1	esa.su static.esa.su	3 KB
1	saskmade.net saskmade.net	1 KB
4	4

	Domain	Requested by
2	ole.so	1 redirects
1	leo.cash
1	static.esa.su	saskmade.net
1	saskmade.net
4	4

This site contains no links.

Subject Issuer	Validity	Valid
sni21815.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-26` - `2019-05-04`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-09-07` - `2019-09-07`	a year	crt.sh
sni69636.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-20` - `2019-04-28`	6 months	crt.sh

This page contains 1 frames:

Primary Page: http://saskmade.net/
Frame ID: 780C65C21371068253474EF70B9EBCE3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

75 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

9 kB
Transfer

7 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://ole.so/myresources.php HTTP 302
https://leo.cash/?utm_source=redirect&utm_medium=tech_domain

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response saskmade.net/	2 KB 1 KB	55ms 25ms	Document text/html	185.212.131.162 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL http://saskmade.net/ Protocol HTTP/1.1 Server 185.212.131.162 -, , ASN200313 (INTERNET-IT, NL), Reverse DNS prohoster.info Software nginx / Resource Hash `39a6519e6dfa0c5b280375ae6a0d9b312a08f81d7e3142005c7e1abc5887da6e` Request headers Host saskmade.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Thu, 08 Nov 2018 20:09:00 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=60 Last-Modified Wed, 07 Nov 2018 09:02:18 GMT ETag W/"7af-57a0f6015b79d" Content-Encoding gzip
GET S	200	my-resources.js Show response static.esa.su/js/	5 KB 3 KB	56ms 14ms	Script application/javascript	2606:4700:30::681f:4fa0 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://static.esa.su/js/my-resources.js Requested by Host: saskmade.net URL: http://saskmade.net/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681f:4fa0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `60cb2588d6a5766b26ab83e5e347571e69fa9ffdb663f9a9a4de42a440e8ddc0` Request headers Referer http://saskmade.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 08 Nov 2018 20:08:55 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify server cloudflare etag W/"5be03294-23cd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=315360000 cf-polished origSize=9165 last-modified Mon, 05 Nov 2018 12:07:48 GMT cf-ray 476aaca46f9e9750-FRA expires Sun, 05 Nov 2028 20:08:55 GMT
GET S	302	/ Show response leo.cash/ Redirect Chain https://ole.so/myresources.php https://leo.cash/?utm_source=redirect&utm_medium=tech_domain	0 -1 B	158ms 117ms	XHR text/html	2606:4700:30::681b:9df8 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://leo.cash/?utm_source=redirect&utm_medium=tech_domain Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681b:9df8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/7.2.9 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://saskmade.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 08 Nov 2018 20:08:55 GMT server cloudflare status 302 x-powered-by PHP/7.2.9 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://leo.cash/?utm_source=redirect&utm_medium=tech_domain content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 476aaca4cec8649f-FRA Redirect headers date Thu, 08 Nov 2018 20:08:55 GMT server cloudflare status 302 x-powered-by PHP/7.2.9 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://leo.cash/?utm_source=redirect&utm_medium=tech_domain content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 476aaca4cec8649f-FRA
GET S	200	/ Show response leo.cash/	0 5 KB	287ms 134ms	XHR text/html	2606:4700:30::6812:2d29 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://leo.cash/?utm_source=redirect&utm_medium=tech_domain Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6812:2d29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://saskmade.net/ Origin null Response headers pragma no-cache cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 last-modified Thu, 08 Nov 2018 20:08:56 GMT content-type text/html; charset=utf-8 expires Wed, 17 Aug 2005 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

leo.cash
ole.so
saskmade.net
static.esa.su
185.212.131.162
2606:4700:30::6812:2d29
2606:4700:30::681b:9df8
2606:4700:30::681f:4fa0
39a6519e6dfa0c5b280375ae6a0d9b312a08f81d7e3142005c7e1abc5887da6e
60cb2588d6a5766b26ab83e5e347571e69fa9ffdb663f9a9a4de42a440e8ddc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

saskmade.net Open in urlscan Pro 185.212.131.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

9 kBTransfer

7 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

saskmade.net Open in urlscan Pro
185.212.131.162 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

9 kB
Transfer

7 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions