salamato.xyz - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 65.108.75.199, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is salamato.xyz.
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.

This is the only time salamato.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	65.108.75.199 65.108.75.199	24940 (HETZNER-AS) (HETZNER-AS)
1 4	172.67.71.137 172.67.71.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
6	4

1 65.108.75.199 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: platinum.scnservers.net

salamato.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.71.137 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hosting.sitecountry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	sitecountry.com 1 redirects hosting.sitecountry.com	102 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	981 B
1	salamato.xyz salamato.xyz	446 B
6	4

	Domain	Requested by
4	hosting.sitecountry.com	1 redirects salamato.xyz hosting.sitecountry.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	hosting.sitecountry.com
1	salamato.xyz
6	4

This site contains no links.

Subject Issuer	Validity	Valid
salamato.xyz R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
sitecountry.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://salamato.xyz/
Frame ID: 32A4E499CBCEFF94EBD9389253F13443
Requests: 1 HTTP requests in this frame

Frame: https://hosting.sitecountry.com/welcome.html
Frame ID: 340D73079C7CABF51F5334B17A6D554D
Requests: 3 HTTP requests in this frame

Frame: https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
Frame ID: 470A7E81DA05F7092080B8931804A86C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to SiteCountry!

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

118 kB
Transfer

302 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://hosting.sitecountry.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
salamato.xyz/ 326 B
446 B 637ms
125ms Document
text/html 65.108.75.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://salamato.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.75.199 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: platinum.scnservers.net
Software: LiteSpeed /
Resource Hash: 15e80c94c74902c16494a8ace7fbeeab69934fa027ca7ab3ebb21eabf890eaad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 156
content-type: text/html
date: Thu, 21 Mar 2024 12:10:39 GMT
etag: "146-637bb666-afcc7c4a17836e84;br"
last-modified: Mon, 21 Nov 2022 17:33:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 welcome.html Show response
hosting.sitecountry.com/ Frame 340D 278 KB
97 KB 721ms
222ms Document
text/html 172.67.71.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.sitecountry.com/welcome.html
Requested by: Host: salamato.xyz
URL: https://salamato.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d995598ed7e67c24e8aef70b670cb63ec9df1566225713ae4d8725854e482e

Request headers

Referer: https://salamato.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 867dd71268c7690f-FRA
content-encoding: br
content-type: text/html
date: Thu, 21 Mar 2024 12:10:40 GMT
last-modified: Sun, 20 Nov 2022 21:52:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVqgaJ7ewbeJsef4FWYghwuJvACE7%2Bz2YZPOg3DDZzGPlR6J0LWQUzrElEwuAo%2FfIhhCxEqSocZTCLaZF%2BY1u4BY1%2FCTcqMpOf9er1%2FbNEHQjhraNDuJjZ8V0o8rvL%2FqblHQ38%2FY4FZL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 css2
fonts.googleapis.com/ Frame 340D 2 KB
981 B 667ms
136ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap

Requested by

Host: hosting.sitecountry.com
URL: https://hosting.sitecountry.com/welcome.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://hosting.sitecountry.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 12:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 11:52:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 12:10:41 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 340D 15 KB
15 KB 1004ms
505ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hosting.sitecountry.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:49:50 GMT
x-content-type-options: nosniff
age: 188452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15072
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:49:50 GMT

GET
H2

200

main.js Show response
hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/ Frame 470A
Redirect Chain

https://hosting.sitecountry.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

8 KB
4 KB

168ms
167ms

Script
application/javascript

172.67.71.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js

Requested by

Host: hosting.sitecountry.com
URL: https://hosting.sitecountry.com/welcome.html

Protocol

H2

Server

172.67.71.137 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f5a13f9bb7bf3352b4e25e15c031afe730a592c65dc002ead92737bfc57fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 12:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaMsZVooZqXcf24GGAaBFTzYTu0sR8jDbzUXtHddCPVbBjaGoVTm07ng3gBAbxCuTVKUKozq0aYQ0dFN5VAiaUuaxkQf%2B5om%2BA9tCtFI4AAb%2BYCFjQbZOsxv%2Baados9fEABKt%2BUEGx0X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 867dd71a7e36690f-FRA

Redirect headers

date: Thu, 21 Mar 2024 12:10:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxZrosbqMZ7%2B05gHRb%2FK4jvreGDkkYPZG%2FdZHe3unVPvHBqVRjKh58%2FLJnDiu4M%2F%2Bc05La12ks0%2F8gfhCPOUnSPxOX3dXb6RV9nrTRjIQj9qT1pbGcwf2T26DjKYokRdLWEmaqumdHYg"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 867dd7197d89690f-FRA
content-length: 0

POST
H2 200 867dd71268c7690f Show response
hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 470A 0
494 B 457ms
457ms XHR
text/plain 172.67.71.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.sitecountry.com/cdn-cgi/challenge-platform/h/b/jsd/r/867dd71268c7690f
Requested by: Host: hosting.sitecountry.com
URL: https://hosting.sitecountry.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Mar 2024 12:10:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 867dd71bef2d690f-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IehuYqNzYawfoBa4Ra52RWalq19pHg%2FIMJj0MBzOb1U%2FBpAJjLBRQH1GrJkYxvpto2QR4cYwJcmMMporkV%2FajCS%2FXAP8ngBGr8mobNMtow0bwFHVMHuGPThqcREEcQpnsCzy5Mlbp8p8"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sitecountry.com/	1970-01-21 04:02:39	Name: cf_clearance Value: jEROqKrAnGMzTH0Jjy2srEkQ6jgVh3t0nYmRfOWWKfM-1711023041-1.0.1.1-fupXhhKYViV3TWTFhAs11Kf6lmPrPBEbQP46JIBjWZKBz.tETzofHvAE23ycjKTcHi38iky615rOcqPsP18qMQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://salamato.xyz/#ce Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hosting.sitecountry.com
salamato.xyz
142.250.186.106
142.250.186.99
172.67.71.137
65.108.75.199
03f5a13f9bb7bf3352b4e25e15c031afe730a592c65dc002ead92737bfc57fd2
15e80c94c74902c16494a8ace7fbeeab69934fa027ca7ab3ebb21eabf890eaad
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
d6d995598ed7e67c24e8aef70b670cb63ec9df1566225713ae4d8725854e482e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

salamato.xyz Open in urlscan Pro 65.108.75.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

118 kBTransfer

302 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

salamato.xyz Open in urlscan Pro
65.108.75.199 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

118 kB
Transfer

302 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions