188.54.125.146 - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 188.54.125.146, located in Riyadh, Saudi Arabia and belongs to SAUDINETSTC-AS, SA. The main domain is 188.54.125.146.

This is the only time 188.54.125.146 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	188.54.125.146 188.54.125.146		25019 (SAUDINETS...) (SAUDINETSTC-AS)
6	2

3 188.54.125.146 (Riyadh, Saudi Arabia)

ASN25019 (SAUDINETSTC-AS, SA)

188.54.125.146	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
0	ghost.org Failed casper.ghost.org Failed
6	1

	Domain	Requested by
0	casper.ghost.org Failed
6	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application
Frame ID: D9BD7A69F82671E73887940F44FC345F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

user Blog

Page Statistics

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

42 kB
Transfer

41 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request microsoft.exchange.ediscovery.exporttool.application Show response 188.54.125.146/ecp/Current/exporttool/	3 KB 3 KB	216ms 110ms	Document text/html	188.54.125.146 SAUDINETSTC-AS
General Check archive.org Show headers Download Go to Full URL http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application Protocol HTTP/1.1 Server 188.54.125.146 Riyadh, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA), Reverse DNS Software Python/3.9 aiohttp/3.7.4 / Resource Hash `3a3db20a18687f95852873889d53ccc869458f373f2a413fa1d1a69592746603` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 3348 Content-Type text/html; charset=utf-8 Date Wed, 24 Aug 2022 03:11:28 GMT Server Python/3.9 aiohttp/3.7.4
GET H/1.1	200 OK	screen.css 188.54.125.146/assets/built/	34 KB 34 KB	110ms 110ms	Stylesheet text/css	188.54.125.146 SAUDINETSTC-AS
General Check archive.org Show headers Download Go to Full URL http://188.54.125.146/assets/built/screen.css?v=8cfc086fe8 Requested by Host: 188.54.125.146 URL: http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application Protocol HTTP/1.1 Server 188.54.125.146 Riyadh, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA), Reverse DNS Software Python/3.9 aiohttp/3.7.4 / Resource Hash `cb6f07e2cf54f2a746b8cd286fba68930064666db67fcf5a923a37038d8986d8` Request headers accept-language de-DE,de;q=0.9 Referer http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Wed, 24 Aug 2022 03:11:28 GMT Server Python/3.9 aiohttp/3.7.4 Content-Length 35094 Content-Type text/css
GET H/1.1	200 OK	ghost-logo.svg 188.54.125.146/v1.0.0/images/	4 KB 4 KB	206ms 107ms	Image image/svg+xml	188.54.125.146 SAUDINETSTC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://188.54.125.146/v1.0.0/images/ghost-logo.svg Requested by Host: 188.54.125.146 URL: http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application Protocol HTTP/1.1 Server 188.54.125.146 Riyadh, Saudi Arabia, ASN25019 (SAUDINETSTC-AS, SA), Reverse DNS Software Python/3.9 aiohttp/3.7.4 / Resource Hash `aa7f534125a1689867f2a1ef64671a15466f9abd03281c1e2ce24c3b79646723` Request headers accept-language de-DE,de;q=0.9 Referer http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Wed, 24 Aug 2022 03:11:28 GMT Server Python/3.9 aiohttp/3.7.4 Content-Length 3592 Content-Type image/svg+xml
GET		welcome.jpg casper.ghost.org/v1.0.0/images/	0 0

GET		writing.jpg casper.ghost.org/v1.0.0/images/	0 0

GET		tags.jpg casper.ghost.org/v1.0.0/images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: casper.ghost.org
URL: https://casper.ghost.org/v1.0.0/images/welcome.jpg

Domain: casper.ghost.org
URL: https://casper.ghost.org/v1.0.0/images/writing.jpg

Domain: casper.ghost.org
URL: https://casper.ghost.org/v1.0.0/images/tags.jpg

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			188.54.125.146/v1.0.0/images	1969-12-31 23:59:59	Name: sess_uuid Value: f3f6d7b4-5109-47dc-b89e-6990ba26a7c9
			188.54.125.146/assets/built	1969-12-31 23:59:59	Name: sess_uuid Value: f3f6d7b4-5109-47dc-b89e-6990ba26a7c9

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://188.54.125.146/ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://casper.ghost.org/v1.0.0/images/welcome.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://casper.ghost.org/v1.0.0/images/writing.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://casper.ghost.org/v1.0.0/images/tags.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

casper.ghost.org
casper.ghost.org
188.54.125.146
3a3db20a18687f95852873889d53ccc869458f373f2a413fa1d1a69592746603
aa7f534125a1689867f2a1ef64671a15466f9abd03281c1e2ce24c3b79646723
cb6f07e2cf54f2a746b8cd286fba68930064666db67fcf5a923a37038d8986d8

188.54.125.146 Open in urlscan Pro 188.54.125.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

42 kBTransfer

41 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

4 Console Messages

Indicators

188.54.125.146 Open in urlscan Pro
188.54.125.146 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

42 kB
Transfer

41 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions