www.landermaestro.com Open in urlscan Pro
2606:4700:30::681f:4f20 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.landermaestro.com/onesafenl2
Submission: On August 02 via automatic, source phishtank (August 2nd 2019, 3:15:22 am UTC)

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2606:4700:30::681f:4f20, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.landermaestro.com.

This is the only time www.landermaestro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:30:... 2606:4700:30::681f:4f20	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 4	45.43.8.194 45.43.8.194	31863 (DACEN-2) (DACEN-2 - Centrilogic)
20	3

17 2606:4700:30::681f:4f20 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.landermaestro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.43.8.194 (Lenoir, United States) 2 redirects

ASN31863 (DACEN-2 - Centrilogic, Inc., US)

trackmestar.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	landermaestro.com www.landermaestro.com	553 KB
4	trackmestar.info 2 redirects trackmestar.info	4 KB
0	ourcdn77.xyz Failed windows.ourcdn77.xyz Failed
20	3

	Domain	Requested by
17	www.landermaestro.com	www.landermaestro.com
4	trackmestar.info	2 redirects www.landermaestro.com
0	windows.ourcdn77.xyz Failed	www.landermaestro.com
20	3

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
www.trackmestar.info Let's Encrypt Authority X3	`2019-07-18` - `2019-10-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.landermaestro.com/onesafenl2
Frame ID: 747E02148458773A1D509FB1BC0B2D66
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

10 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

556 kB
Transfer

576 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://trackmestar.info/tracking202/static/landing.php?lpip=8304&referer=&t202LpUrl=http%3A//www.landermaestro.com/onesafenl2 HTTP 301
https://trackmestar.info/tracking202/static/landing.php?lpip=8304&referer=&t202LpUrl=http%3A//www.landermaestro.com/onesafenl2

Request Chain 18

http://trackmestar.info/tracking202/redirect/u.php HTTP 301
https://trackmestar.info/tracking202/redirect/u.php

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set onesafenl2 Show response www.landermaestro.com/	14 KB 5 KB	564ms 542ms	Document text/html	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `6740fb16799fa1f7279b76fa7a1d8a736344091cce3ba7c36f97258017e90287` Request headers Host www.landermaestro.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d2b9e56d44304a49d078bb9c890cc7cf71564715702; expires=Sat, 01-Aug-20 03:15:02 GMT; path=/; domain=.landermaestro.com; HttpOnly Content-MD5 F5eaotnCK0P15boEHJtB6w== Last-Modified Fri, 19 Jul 2019 21:42:10 GMT x-ms-request-id 28f42df4-501e-013b-4ae0-481fb2000000 x-ms-version 2018-03-28 Server cloudflare CF-RAY 4ffce2919f6b6419-FRA Content-Encoding gzip
GET H/1.1	200 OK	jquery-3.3.1.min.js.download Show response www.landermaestro.com/onesafenl2/files/	85 KB 85 KB	195ms 191ms	Script application/octet-stream	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/jquery-3.3.1.min.js.download Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://www.landermaestro.com/onesafenl2 Origin http://www.landermaestro.com Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Last-Modified Fri, 19 Jul 2019 21:42:15 GMT Server cloudflare Content-MD5 oJ4T7pTVHFJLfipyjH1AOQ== ETag "0x8D70C91F7354FDA" Vary Origin Content-Type application/octet-stream x-ms-request-id eeb9c13f-e01e-000f-7de0-48f64f000000 x-ms-version 2018-03-28 Connection keep-alive Accept-Ranges bytes CF-RAY 4ffce29518826419-FRA Content-Length 86927
GET H/1.1	200 OK	language-set.js.download Show response www.landermaestro.com/onesafenl2/files/	80 KB 80 KB	212ms 203ms	Script application/octet-stream	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/language-set.js.download Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `610cbadcbf28513a40138484a6fe3243243978a27e7bb65e7558bd67a4ee61eb` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Last-Modified Fri, 19 Jul 2019 21:42:14 GMT Server cloudflare Content-MD5 dstmaaG0+Z810eQZ874fwQ== ETag "0x8D70C91F6FECB09" Content-Type application/octet-stream x-ms-request-id b34b6eed-701e-0089-59e0-48a29d000000 x-ms-version 2018-03-28 Connection keep-alive Accept-Ranges bytes CF-RAY 4ffce2952b5ec2b8-FRA Content-Length 81418
GET H/1.1	200 OK	language-version-12.js.download Show response www.landermaestro.com/onesafenl2/files/	850 B 1 KB	225ms 216ms	Script application/octet-stream	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/language-version-12.js.download Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e5bd2a30e4d082ecc9fdffcec1caa93d2917adda8286c19bf433892e800f8832` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Last-Modified Fri, 19 Jul 2019 21:42:15 GMT Server cloudflare Content-MD5 txpYJix40zFrdbnpY1bfOQ== ETag "0x8D70C91F70498A3" Content-Type application/octet-stream x-ms-request-id c78f1cdb-301e-0006-63e0-48ecc1000000 x-ms-version 2018-03-28 Connection keep-alive Accept-Ranges bytes CF-RAY 4ffce2951d9cbeba-FRA Content-Length 850
GET H/1.1	200 OK	moment-with-locales.min.js.download Show response www.landermaestro.com/onesafenl2/files/	328 KB 328 KB	209ms 200ms	Script application/octet-stream	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/moment-with-locales.min.js.download Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4315dd1f5d46219a2caa6b006dab3bc5a30447f30685d8e477a616427710ca3f` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Last-Modified Fri, 19 Jul 2019 21:42:18 GMT Server cloudflare Content-MD5 PY9ohx6OdCbSwIseZofo4Q== ETag "0x8D70C91F94E19FC" Content-Type application/octet-stream x-ms-request-id ce29efcd-701e-00cd-2be0-487ef1000000 x-ms-version 2018-03-28 Connection keep-alive Accept-Ranges bytes CF-RAY 4ffce2951b4fc286-FRA Content-Length 335394
GET H/1.1	200 OK	main.css www.landermaestro.com/onesafenl2/files/	12 KB 3 KB	31ms 24ms	Stylesheet text/css	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/main.css Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `784f9cfdb1daae6bbdcf21d77869fa44c4a35740bb47c351f7983985fc78407e` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Content-Encoding gzip CF-Cache-Status HIT Content-MD5 e4HRoX43Bxz50bsJhhnbyw== Age 2258 Transfer-Encoding chunked Connection keep-alive Last-Modified Fri, 19 Jul 2019 21:42:15 GMT Server cloudflare ETag W/"0x8D70C91F72D8609" Vary Accept-Encoding Content-Type text/css x-ms-request-id 08cde73b-101e-0011-55db-482ca2000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 CF-RAY 4ffce29518dabf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	arrow_animation.gif www.landermaestro.com/onesafenl2/files/	8 KB 8 KB	21ms 13ms	Image image/gif	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/arrow_animation.gif Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5b51195b8674efdfbf920a779f9eb0ab2761a44c1d634ac7fb5bb0a19800aaa5` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 GRp57T/XiIOXYHxcEdAcCg== Age 623 Connection keep-alive Content-Length 7944 Last-Modified Fri, 19 Jul 2019 21:42:09 GMT Server cloudflare ETag "0x8D70C91F3ED1475" Vary Accept-Encoding Content-Type image/gif x-ms-request-id 07d5cffa-f01e-005f-2edf-48e947000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce2951da5d6c9-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	icon_saf.png www.landermaestro.com/onesafenl2/files/	487 B 1009 B	195ms 194ms	Image image/png	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/icon_saf.png Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `36f016b0cf55a9ec191762f78060fd203ee96aff86407e0612982f09a3b2faee` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status REVALIDATED Content-MD5 SdXqJmdzclyrGeDrA8pJNg== Connection keep-alive Content-Length 487 Last-Modified Fri, 19 Jul 2019 21:42:12 GMT Server cloudflare ETag "0x8D70C91F5929206" Vary Accept-Encoding Content-Type image/png x-ms-request-id 621c1587-d01e-0007-5fce-48ed3c000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce2953dcad6c9-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	arrow_animation2.gif www.landermaestro.com/onesafenl2/files/	8 KB 8 KB	11ms 11ms	Image image/gif	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/arrow_animation2.gif Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `3daba949a682d184ffb892cd8b1a1ce4e4e9b13cb8d8e70334110a3c62a142cd` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 NJtQ4Wk1uU5X5BBXJCsCfg== Age 2258 Connection keep-alive Content-Length 7948 Last-Modified Fri, 19 Jul 2019 21:42:12 GMT Server cloudflare ETag "0x8D70C91F5426545" Vary Accept-Encoding Content-Type image/gif x-ms-request-id 755f8cf7-d01e-014c-6edb-489af3000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce2968993bf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	header-bar3.png www.landermaestro.com/onesafenl2/files/	8 KB 8 KB	10ms 10ms	Image image/png	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/header-bar3.png Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7aaa3cf934609efcc6c49030df4cfed6e05b3bd57efbb082418b268aed8e3407` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 9wNUxwuxpxK+MhrWjzr0xg== Age 623 Connection keep-alive Content-Length 7774 Last-Modified Fri, 19 Jul 2019 21:42:12 GMT Server cloudflare ETag "0x8D70C91F58BD9D2" Vary Accept-Encoding Content-Type image/png x-ms-request-id e35eb73e-301e-0146-3fdf-48837a000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce296999ebf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	windows_warning.png www.landermaestro.com/onesafenl2/files/	4 KB 4 KB	12ms 11ms	Image image/png	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/windows_warning.png Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `5b668e040f2a37da85988289b1ffab9689e1040261fd5ec83c75e2083ec225f0` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 nBi1sD6Ez/dqEa+LOGdUEg== Age 2257 Connection keep-alive Content-Length 3766 Last-Modified Fri, 19 Jul 2019 21:42:18 GMT Server cloudflare ETag "0x8D70C91F8CAEBA1" Vary Accept-Encoding Content-Type image/png x-ms-request-id a02eb92f-001e-00c9-2cdb-488b73000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce296b9acbf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	loading.gif www.landermaestro.com/onesafenl2/files/	14 KB 14 KB	12ms 11ms	Image image/gif	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/loading.gif Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `2ab649297ad5fe176d49bd95696774b8f19ba88b91f82137e15c3f73a1289581` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 hls3yf89YEPX962FJAy4tg== Age 2248 Connection keep-alive Content-Length 14005 Last-Modified Fri, 19 Jul 2019 21:42:15 GMT Server cloudflare ETag "0x8D70C91F7240E2D" Vary Accept-Encoding Content-Type image/gif x-ms-request-id e11f9141-101e-007c-71db-48868c000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce296c9b6bf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	dreq.png www.landermaestro.com/onesafenl2/files/	720 B 1 KB	10ms 9ms	Image image/png	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/dreq.png Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b62f1a81bfc0d281c853d7d1169c8866e33b58c7a990734cb6d6d91b2dbaf49a` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 PY0Ys22e5O0b16/Cbtb6FQ== Age 623 Connection keep-alive Content-Length 720 Last-Modified Fri, 19 Jul 2019 21:42:12 GMT Server cloudflare ETag "0x8D70C91F5522004" Vary Accept-Encoding Content-Type image/png x-ms-request-id 26935c66-301e-0060-49df-485e9b000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce296e9c8bf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	cross.png www.landermaestro.com/onesafenl2/files/	344 B 869 B	11ms 10ms	Image image/png	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/cross.png Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `9b1192a77adc835c1665f249fd08384d10a447271925e6d81fcdc8fdfba7771e` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 fX+BQmPHFbLuN1HixtNx8A== Age 2257 Connection keep-alive Content-Length 344 Last-Modified Fri, 19 Jul 2019 21:42:12 GMT Server cloudflare ETag "0x8D70C91F54FD598" Vary Accept-Encoding Content-Type image/png x-ms-request-id 8e9b5e06-201e-00de-73db-484b10000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce296f9d5bf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	tick.png www.landermaestro.com/onesafenl2/files/	381 B 906 B	10ms 9ms	Image image/png	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.landermaestro.com/onesafenl2/files/tick.png Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `562b29e08c7d623d3604b9fce91a6715c5f3d14ce62fee4e3c806b72528402ce` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT CF-Cache-Status HIT Content-MD5 HvTgqOGZRtLXPESmPU5BYA== Age 2257 Connection keep-alive Content-Length 381 Last-Modified Fri, 19 Jul 2019 21:42:17 GMT Server cloudflare ETag "0x8D70C91F8BA1F27" Vary Accept-Encoding Content-Type image/png x-ms-request-id 3fa98eb1-501e-00f8-1cdb-48d0a4000000 Cache-Control public, max-age=14400 x-ms-version 2018-03-28 Accept-Ranges bytes CF-RAY 4ffce29709e1bf00-FRA Expires Fri, 02 Aug 2019 07:15:02 GMT
GET H/1.1	200 OK	script.js.download Show response www.landermaestro.com/onesafenl2/files/	2 KB 3 KB	204ms 203ms	Script application/octet-stream	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/script.js.download Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `1f81ae2586b448a9b7ca2f3fb63887a79d7447f83171e2701de61439894cff1d` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Last-Modified Fri, 19 Jul 2019 21:42:17 GMT Server cloudflare Content-MD5 oaoga49M5iPhiG6D8emHGw== ETag "0x8D70C91F8B03202" Content-Type application/octet-stream x-ms-request-id e2a093c5-301e-00a7-1ee0-48225a000000 x-ms-version 2018-03-28 Connection keep-alive Accept-Ranges bytes CF-RAY 4ffce29548f7bf00-FRA Content-Length 2278
GET H/1.1	200 OK	main.js.download Show response www.landermaestro.com/onesafenl2/files/	818 B 1 KB	194ms 194ms	Script application/octet-stream	2606:4700:30::681f:4f20 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.landermaestro.com/onesafenl2/files/main.js.download Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol HTTP/1.1 Security , , Server 2606:4700:30::681f:4f20 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `51546301cbf1c2efac3c27575fa59141f32b304ac727e678a7897ecdac76094d` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 02 Aug 2019 03:15:02 GMT Last-Modified Fri, 19 Jul 2019 21:42:17 GMT Server cloudflare Content-MD5 /LCi5o0NAOTCvzdbAu+e7Q== ETag "0x8D70C91F86D004B" Content-Type application/octet-stream x-ms-request-id 734f3290-701e-0105-1de0-48a993000000 x-ms-version 2018-03-28 Connection keep-alive Accept-Ranges bytes CF-RAY 4ffce2966fc8d6c9-FRA Content-Length 818
GET		decal.png windows.ourcdn77.xyz/	0 0

GET H2	200	landing.php Show response trackmestar.info/tracking202/static/ Redirect Chain http://trackmestar.info/tracking202/static/landing.php?lpip=8304&referer=&t202LpUrl=http%3A//www.landermaestro.com/onesafenl2 https://trackmestar.info/tracking202/static/landing.php?lpip=8304&referer=&t202LpUrl=http%3A//www.landermaestro.com/onesafenl2	12 KB 4 KB	768ms 287ms	Script application/javascript	45.43.8.194 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://trackmestar.info/tracking202/static/landing.php?lpip=8304&referer=&t202LpUrl=http%3A//www.landermaestro.com/onesafenl2 Requested by Host: www.landermaestro.com URL: http://www.landermaestro.com/onesafenl2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.43.8.194 Lenoir, United States, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS Software nginx / Resource Hash `f11a4ec24249f9866282490eac7ed148761a44fe9b4c1f9aa2e5a6d3df9e2b53` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 02 Aug 2019 03:15:11 GMT content-encoding br last-modified Fri, 02 Aug 2019 03:15:11 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control private Redirect headers Location https://trackmestar.info/tracking202/static/landing.php?lpip=8304&referer=&t202LpUrl=http%3A//www.landermaestro.com/onesafenl2 Date Fri, 02 Aug 2019 03:15:10 GMT Server nginx Connection keep-alive Content-Length 517 Content-Type text/html; charset=iso-8859-1
GET H2	200	u.php trackmestar.info/tracking202/redirect/ Redirect Chain http://trackmestar.info/tracking202/redirect/u.php https://trackmestar.info/tracking202/redirect/u.php	43 B 232 B	116ms 116ms	Other image/gif	45.43.8.194 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://trackmestar.info/tracking202/redirect/u.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.43.8.194 Lenoir, United States, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS Software nginx / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers Referer http://www.landermaestro.com/onesafenl2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 02 Aug 2019 03:15:11 GMT server nginx p3p CP="Prosper202 does not have a P3P policy" status 200 cache-control no-cache, no-store, max-age=0, must-revalidate content-type image/gif content-length 43 expires Sun, 02 Feb 2002 02:02:00 GMT Redirect headers Location https://trackmestar.info/tracking202/redirect/u.php Date Fri, 02 Aug 2019 03:15:11 GMT Server nginx Connection keep-alive Content-Length 434 Content-Type text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: windows.ourcdn77.xyz
URL: http://windows.ourcdn77.xyz/decal.png

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.landermaestro.com/	1969-12-31 23:59:59	Name: tracking202rlp_8304 Value: 814479766
www.landermaestro.com/	1969-12-31 23:59:59	Name: tracking202outbound Value: http://trackmestar.info/tracking202/redirect/pci.php?pci=814479766
www.landermaestro.com/	1969-12-31 23:59:59	Name: tracking202subid Value: 1447976

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

trackmestar.info
windows.ourcdn77.xyz
www.landermaestro.com
windows.ourcdn77.xyz
2606:4700:30::681f:4f20
45.43.8.194
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f81ae2586b448a9b7ca2f3fb63887a79d7447f83171e2701de61439894cff1d
2ab649297ad5fe176d49bd95696774b8f19ba88b91f82137e15c3f73a1289581
36f016b0cf55a9ec191762f78060fd203ee96aff86407e0612982f09a3b2faee
3daba949a682d184ffb892cd8b1a1ce4e4e9b13cb8d8e70334110a3c62a142cd
4315dd1f5d46219a2caa6b006dab3bc5a30447f30685d8e477a616427710ca3f
51546301cbf1c2efac3c27575fa59141f32b304ac727e678a7897ecdac76094d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
562b29e08c7d623d3604b9fce91a6715c5f3d14ce62fee4e3c806b72528402ce
5b51195b8674efdfbf920a779f9eb0ab2761a44c1d634ac7fb5bb0a19800aaa5
5b668e040f2a37da85988289b1ffab9689e1040261fd5ec83c75e2083ec225f0
610cbadcbf28513a40138484a6fe3243243978a27e7bb65e7558bd67a4ee61eb
6740fb16799fa1f7279b76fa7a1d8a736344091cce3ba7c36f97258017e90287
784f9cfdb1daae6bbdcf21d77869fa44c4a35740bb47c351f7983985fc78407e
7aaa3cf934609efcc6c49030df4cfed6e05b3bd57efbb082418b268aed8e3407
9b1192a77adc835c1665f249fd08384d10a447271925e6d81fcdc8fdfba7771e
b62f1a81bfc0d281c853d7d1169c8866e33b58c7a990734cb6d6d91b2dbaf49a
e5bd2a30e4d082ecc9fdffcec1caa93d2917adda8286c19bf433892e800f8832
f11a4ec24249f9866282490eac7ed148761a44fe9b4c1f9aa2e5a6d3df9e2b53

www.landermaestro.com Open in urlscan Pro 2606:4700:30::681f:4f20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

10 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

556 kBTransfer

576 kBSize

3 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

3 Cookies

Indicators

www.landermaestro.com Open in urlscan Pro
2606:4700:30::681f:4f20 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

10 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

556 kB
Transfer

576 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions