pdf-master.sn.am - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is pdf-master.sn.am.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 30th 2023. Valid for: a year.

This is the only time pdf-master.sn.am was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a05:d018:ac8... 2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:ac8... 2a05:d018:ac8:b900:2701:809b:62e7:4151	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.86 108.138.36.86	16509 (AMAZON-02) (AMAZON-02)
4	148.251.3.114 148.251.3.114	24940 (HETZNER-AS) (HETZNER-AS)
7	4

1 2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pdf-master.sn.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:ac8:b900:2701:809b:62e7:4151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esputnik.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-86.muc50.r.cloudfront.net

pdfguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.251.3.114 (Wernigerode, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.114.3.251.148.clients.your-server.de

pics.esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	esputnik.com pics.esputnik.com — Cisco Umbrella Rank: 144130	249 KB
1	pdfguru.com pdfguru.com — Cisco Umbrella Rank: 216691	3 KB
1	esputnik.com.ua esputnik.com.ua	320 B
1	sn.am pdf-master.sn.am	5 KB
7	4

	Domain	Requested by
4	pics.esputnik.com	pdf-master.sn.am
1	pdfguru.com	pdf-master.sn.am
1	esputnik.com.ua	pdf-master.sn.am
1	pdf-master.sn.am
7	4

This site contains no links.

Subject Issuer	Validity	Valid
*.sn.am Sectigo RSA Domain Validation Secure Server CA	`2023-11-30` - `2024-12-02`	a year	crt.sh
*.esputnik.com.ua Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-11-17`	a year	crt.sh
*.pdfguru.com Amazon RSA 2048 M02	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.esputnik.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-13` - `2024-11-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Frame ID: E6054690B120F00FB1B8C6C94664DEAF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to PDF Guru!

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

257 kB
Transfer

284 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1UhEK8b4lD8jrAGtmj Show response
pdf-master.sn.am/ 34 KB
5 KB 205ms
89ms Document
text/html 2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1ec6851778daf3526b6ed374b5cc2cbeca3923ca088708201f194cc2c6714f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 01 Mar 2024 11:13:27 GMT
es-trace-id: 456c8e22bb3bb254
referer: http://esputnik.com
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 hidden.png
esputnik.com.ua/repository/applications/commons/ 120 B
320 B 171ms
49ms Image
image/x-png 2a05:d018:ac8:b900:2701:809b:62e7:4151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esputnik.com.ua/repository/applications/commons/hidden.png?iid=DF544EB0-D7B9-11EE-8564-F96099BB7C1C
Requested by: Host: pdf-master.sn.am
URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d018:ac8:b900:2701:809b:62e7:4151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fae714eda1babae195690d82d44f65846444621d5cdee4411b2b419f81af8371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pdf-master.sn.am/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: image/x-png
pragma
date: Fri, 01 Mar 2024 11:13:27 GMT
cache-control: public, max-age=3600, public, max-age=1d
es-trace-id: f066d127f1ddc604
server: nginx
expires: Fri, 01 Mar 2024 12:13:27 GMT

GET
H2 200 logo.png
pdfguru.com/assets/img/ 2 KB
3 KB 127ms
39ms Image
image/png 108.138.36.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdfguru.com/assets/img/logo.png
Requested by: Host: pdf-master.sn.am
URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-86.muc50.r.cloudfront.net
Software: / Express
Resource Hash: 724221d1a5cb430f4ab1f63ce663b5d25cc9f889b6679f8b8d4b799c82ef4af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pdf-master.sn.am/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:05:51 GMT
via: 1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 15:17:47 GMT
x-amz-cf-pop: MUC50-P2
age: 68856
x-powered-by: Express
etag: W/"903-18df5716978"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 2307
x-amz-cf-id: Dx8mA9JDhb9LrbBM6yocxvpWQswiponlNopj5RUBR7rg-lObN3Amxg==

GET
H2 200 1700567940145.png
pics.esputnik.com/repository/home/97445/images/base64/ 78 KB
78 KB 180ms
96ms Image
image/x-png 148.251.3.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.esputnik.com/repository/home/97445/images/base64/1700567940145.png
Requested by: Host: pdf-master.sn.am
URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.3.114 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.114.3.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 2900e2044b51fee67ac6413d90bfcbdd658b755fdfc408545756f5b2acaa84fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pdf-master.sn.am/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 11:13:27 GMT
pragma
date: Fri, 01 Mar 2024 11:13:27 GMT
es-trace-id: cca015ca4f3baf52
server: nginx
content-type: image/x-png
cache-control: max-age=864000
x-robots-tag: noindex, nofollow
x-proxy-cache: HIT

GET
H2 200 1700565779593.png
pics.esputnik.com/repository/home/97445/images/msg/48307179/ 47 KB
47 KB 180ms
97ms Image
image/x-png 148.251.3.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.esputnik.com/repository/home/97445/images/msg/48307179/1700565779593.png
Requested by: Host: pdf-master.sn.am
URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.3.114 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.114.3.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 7da88fa412dfe6c3ccbd0e0972a3742a9c5443ca075579fcbf840234ce9e35da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pdf-master.sn.am/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 11:13:27 GMT
pragma
date: Fri, 01 Mar 2024 11:13:27 GMT
es-trace-id: 3ea00bf17b042f2b
server: nginx
content-type: image/x-png
cache-control: max-age=864000
x-robots-tag: noindex, nofollow
x-proxy-cache: HIT

GET
H2 200 1700566423936.png
pics.esputnik.com/repository/home/97445/images/msg/48307179/ 72 KB
72 KB 180ms
97ms Image
image/x-png 148.251.3.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.esputnik.com/repository/home/97445/images/msg/48307179/1700566423936.png
Requested by: Host: pdf-master.sn.am
URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.3.114 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.114.3.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 385a783ebc8da3efe2e702cfcfbe47cebda78fa44082dcbdf12af0c43376eb03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pdf-master.sn.am/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 11:13:27 GMT
pragma
date: Fri, 01 Mar 2024 11:13:27 GMT
es-trace-id: 57e37ae88e3c611d
server: nginx
content-type: image/x-png
cache-control: max-age=864000
x-robots-tag: noindex, nofollow
x-proxy-cache: HIT

GET
H2 200 1700565964792.png
pics.esputnik.com/repository/home/97445/images/msg/48307179/ 51 KB
51 KB 116ms
32ms Image
image/x-png 148.251.3.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.esputnik.com/repository/home/97445/images/msg/48307179/1700565964792.png
Requested by: Host: pdf-master.sn.am
URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.3.114 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.114.3.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 9b391f8dc59e8836fdd6c59c36cec6126c1e11889feb34a6d95f1d96c9b987b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pdf-master.sn.am/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 11:13:27 GMT
pragma
date: Fri, 01 Mar 2024 11:13:27 GMT
es-trace-id: c34c3670e7f12e40
server: nginx
content-type: image/x-png
cache-control: max-age=864000
x-robots-tag: noindex, nofollow
x-proxy-cache: HIT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj Message: Mixed Content: The page at 'https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj' was loaded over HTTPS, but requested an insecure element 'http://esputnik.com.ua/repository/applications/commons/hidden.png?iid=DF544EB0-D7B9-11EE-8564-F96099BB7C1C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj(Line 372) Message: Mixed Content: The page at 'https://pdf-master.sn.am/1UhEK8b4lD8jrAGtmj' was loaded over HTTPS, but requested an insecure element 'http://esputnik.com.ua/repository/applications/commons/hidden.png?iid=DF544EB0-D7B9-11EE-8564-F96099BB7C1C'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

esputnik.com.ua
pdf-master.sn.am
pdfguru.com
pics.esputnik.com
108.138.36.86
148.251.3.114
2a05:d018:ac8:b900:2701:809b:62e7:4151
2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123
1ec6851778daf3526b6ed374b5cc2cbeca3923ca088708201f194cc2c6714f3d
2900e2044b51fee67ac6413d90bfcbdd658b755fdfc408545756f5b2acaa84fc
385a783ebc8da3efe2e702cfcfbe47cebda78fa44082dcbdf12af0c43376eb03
724221d1a5cb430f4ab1f63ce663b5d25cc9f889b6679f8b8d4b799c82ef4af0
7da88fa412dfe6c3ccbd0e0972a3742a9c5443ca075579fcbf840234ce9e35da
9b391f8dc59e8836fdd6c59c36cec6126c1e11889feb34a6d95f1d96c9b987b3
fae714eda1babae195690d82d44f65846444621d5cdee4411b2b419f81af8371

pdf-master.sn.am Open in urlscan Pro 2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

257 kBTransfer

284 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

pdf-master.sn.am Open in urlscan Pro
2a05:d018:ac8:b920:9bc2:6b70:4c7c:d123 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

257 kB
Transfer

284 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions