urlscan.io logo urlscan.io
SecurityTrails logo

savanacloud.com Open in urlscan Pro
41.185.12.40  Public Scan

Go To Rescan Add Verdict Report
URL: http://savanacloud.com/
Submission: On September 15 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 9 HTTP transactions. The main IP is 41.185.12.40, located in South Africa and belongs to Gridhost, ZA. The main domain is savanacloud.com.
This is the only time savanacloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41.185.12.40 36943 (Gridhost)
1 51.15.123.120 12876 (AS12876)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 85.93.88.106 8972 (GD-EMEA-D...)
1 1 163.172.209.241 12876 (AS12876)
1 51.15.12.103 12876 (AS12876)
1 2600:9000:20b... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 7
1    41.185.12.40 (South Africa)

ASN36943 (Gridhost, ZA)
PTR: win24.wadns.net
savanacloud.com
1    51.15.123.120 (Netherlands)

ASN12876 (AS12876, FR)
PTR: 120-123-15-51.rev.cloud.scaleway.com
s15.postimg.cc
2    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    85.93.88.106 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: malta2436.startdedicated.de
www.ipalf.com
1    163.172.209.241 (Amsterdam, Netherlands)

ASN12876 (AS12876, FR)
PTR: 163-172-209-241.rev.poneytelecom.eu
5.top4top.net
1    51.15.12.103 (Haarlem, Netherlands)

ASN12876 (AS12876, FR)
PTR: 51-15-12-103.rev.poneytelecom.eu
l.top4top.net
1    2600:9000:20bb:9200:0:172b:3245:88c1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
zippy.gfycat.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
3 www.ipalf.com 1 redirects savanacloud.com
2 fonts.googleapis.com savanacloud.com
1 fonts.gstatic.com
1 zippy.gfycat.com savanacloud.com
1 l.top4top.net savanacloud.com
1 5.top4top.net 1 redirects
1 s15.postimg.cc savanacloud.com
1 savanacloud.com
9 8

This site contains links to these domains. Also see Links.

Domain
www.ipalf.com
Subject Issuer Validity Valid
postimg.cc
Let's Encrypt Authority X3		 2019-09-06 -
2019-12-05		 3 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
ipalf.com
Let's Encrypt Authority X3		 2019-08-19 -
2019-11-17		 3 months crt.sh
*.top4top.net
AlphaSSL CA - SHA256 - G2		 2018-03-03 -
2020-04-03		 2 years crt.sh
gfycat.com
Amazon		 2019-05-17 -
2020-06-17		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://savanacloud.com/
Frame ID: 1E30802834F5D26F02DFF4951770C802
Requests: 8 HTTP requests in this frame

Frame: https://l.top4top.net/m_1344pzsgl0.mp3
Frame ID: 1DFD138E44BC4DB7E12BC4B9A8C45E7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

9
Requests

89 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

272 kB
Transfer

275 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.ipalf.com/widget.js?width=500&bg=black&border=9000&textcol=200000%3Cspan%20styl=%22color:white%22%3E%3C/span%3E HTTP 301
  • https://www.ipalf.com/widget.js?width=500&bg=black&border=9000&textcol=200000%3Cspan%20styl=%22color:white%22%3E%3C/span%3E
Request Chain 5
  • https://5.top4top.net/m_1344pzsgl0.mp3/embed/lqYQXIt4SpA?rel=0&autoplay=1&loop=1&playlist=60ItHLz5WEA HTTP 302
  • https://l.top4top.net/m_1344pzsgl0.mp3

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
savanacloud.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://savanacloud.com/
Protocol
HTTP/1.1
Server
41.185.12.40 , South Africa, ASN36943 (Gridhost, ZA),
Reverse DNS
win24.wadns.net
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
0ce17719bf64716c8e79854478240266145a7b2993bcbc9de5c654576d66c694

Request headers

Host
savanacloud.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Sep 2019 14:36:10 GMT
Content-Length
1898
Content-Type
text/html
Content-Encoding
gzip
Content-Location
http://savanacloud.com/Default.htm
Last-Modified
Wed, 11 Sep 2019 02:37:40 GMT
Accept-Ranges
bytes
ETag
"0725ae14968d51:1a84b0"
Vary
Accept-Encoding
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
GBWA-20180625224540.jpg
s15.postimg.cc/tpdrzf66j/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s15.postimg.cc/tpdrzf66j/GBWA-20180625224540.jpg
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.15.123.120 , Netherlands, ASN12876 (AS12876, FR),
Reverse DNS
120-123-15-51.rev.cloud.scaleway.com
Software
nginx /
Resource Hash
db075db8acf1586022a55dd94315a82418990f20fef625912468547877ce4ac1

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://savanacloud.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 15 Sep 2019 14:36:10 GMT
last-modified
Mon, 25 Jun 2018 19:27:36 GMT
server
nginx
status
200
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30248
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		428 B
378 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Orbitron
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c9e6024746a8036ace7520cc55e4b3a02159ebcd2898ef2fa6b8dd295e74f480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://savanacloud.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Sep 2019 14:36:10 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sun, 15 Sep 2019 14:36:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sun, 15 Sep 2019 14:36:10 GMT
css
fonts.googleapis.com/ 		2 KB
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=VT323|New+Rocker
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e91b9dcb35ecaf6297a5ac505ccddb8072a767f0ac2f4a5bf002278412c4b354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://savanacloud.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Sep 2019 14:36:10 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sun, 15 Sep 2019 14:36:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Sun, 15 Sep 2019 14:36:10 GMT
widget.js
www.ipalf.com/
Redirect Chain
  • http://www.ipalf.com/widget.js?width=500&bg=black&border=9000&textcol=200000%3Cspan%20styl=%22color:white%22%3E%3C/span%3E
  • https://www.ipalf.com/widget.js?width=500&bg=black&border=9000&textcol=200000%3Cspan%20styl=%22color:white%22%3E%3C/span%3E
1 KB
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ipalf.com/widget.js?width=500&bg=black&border=9000&textcol=200000%3Cspan%20styl=%22color:white%22%3E%3C/span%3E
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.93.88.106 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
malta2436.startdedicated.de
Software
Apache / PleskLin
Resource Hash
d78f0906d5cec0d24af4b2951804292e7f5b69fe92539f6ac5dd8cfb46972ff9

Request headers

Referer
http://savanacloud.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Sep 2019 14:36:10 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
501

Redirect headers

Location
https://www.ipalf.com/widget.js?width=500&bg=black&border=9000&textcol=200000%3Cspan%20styl=%22color:white%22%3E%3C/span%3E
Date
Sun, 15 Sep 2019 14:36:10 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
406
Content-Type
text/html; charset=iso-8859-1
.png
www.ipalf.com/flags/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ipalf.com/flags/.png
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.93.88.106 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
malta2436.startdedicated.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://savanacloud.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
Cookie set m_1344pzsgl0.mp3
l.top4top.net/ Frame 1DFD
Redirect Chain
  • https://5.top4top.net/m_1344pzsgl0.mp3/embed/lqYQXIt4SpA?rel=0&autoplay=1&loop=1&playlist=60ItHLz5WEA
  • https://l.top4top.net/m_1344pzsgl0.mp3
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://l.top4top.net/m_1344pzsgl0.mp3
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.15.12.103 Haarlem, Netherlands, ASN12876 (AS12876, FR),
Reverse DNS
51-15-12-103.rev.poneytelecom.eu
Software
HotCores /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
l.top4top.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://savanacloud.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://savanacloud.com/

Response headers

Server
HotCores
Date
Sun, 15 Sep 2019 14:36:10 GMT
Content-Type
audio/mpeg
Content-Length
6004330
Connection
close
Set-Cookie
klj_40d147_downloads=hkitg; Max-Age=86400; Domain=.top4top.net; Path=/; Expires=Mon, 16 Sep 2019 14:36:10 GMT
Last-Modified
Fri, 06 Sep 2019 03:14:20 GMT
Content-Disposition
inline; filename="Our%20Story%20-%20Tersimpan.mp3"
ETag
"5d71cf0c-5b9e6a"
Expires
Sun, 15 Sep 2019 16:36:10 GMT
Cache-Control
max-age=7200
X-File-ID
x29510980x
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Accept-Ranges
bytes

Redirect headers

Server
HotCores
Date
Sun, 15 Sep 2019 14:36:10 GMT
Content-Type
text/html; charset=utf-8
Content-Length
120
Connection
close
Location
https://l.top4top.net/m_1344pzsgl0.mp3
Vary
Accept
Strict-Transport-Security
max-age=31536000; includeSubdomains;
ShyBewitchedGar.gif
zippy.gfycat.com/ 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zippy.gfycat.com/ShyBewitchedGar.gif
Requested by
Host: savanacloud.com
URL: http://savanacloud.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:9200:0:172b:3245:88c1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ef1b659302ed7d881ec9052f7d09722449eaf2f717855251c76bf787f2d97d9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://savanacloud.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 05:47:49 GMT
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
age
636502
x-cache
Hit from cloudfront
status
200
content-disposition
inline
content-length
222726
last-modified
Wed, 05 Aug 2015 14:48:26 GMT
server
AmazonS3
etag
"d08e37de148f9455b1e2ed4d75008e1c"
content-type
image/gif
cache-control
max-age=946707779, public
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-storage-class
STANDARD_IA
x-amz-cf-id
73iZSI6644GLcG9ZcZya-vt8Hgp6Pdp1QGhrNnDLDo6wql3NtucYtQ==
expires
Sat, 01 May 2032 13:31:45 GMT
MwQzbhjp3-HImzcCU_cJoGQfiJtMpXo.woff2
fonts.gstatic.com/s/newrocker/v8/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/newrocker/v8/MwQzbhjp3-HImzcCU_cJoGQfiJtMpXo.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
46a8ff1f2a11627dcbd37d78a384359c0c888919a43bf36ac0967b4f560c5e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=VT323|New+Rocker
Origin
http://savanacloud.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:44:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:37:44 GMT
server
sffe
age
2001131
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
20644
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:44:06 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onReady function| show

1 Cookies

Domain/Path Name / Value
.top4top.net/ Name: klj_40d147_downloads
Value: hkitg