lnx.itcgfermi.org Open in urlscan Pro
62.149.142.167 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Submission Tags: slot online judi slot daftar slot game slot judi slot online daftar judi slot game slot online slot judi casino joker gaming slot joker gaming Search All
Submission: On November 21 via manual (November 21st 2021, 9:16:15 pm UTC) from ID — Scanned from IT

Summary HTTP 14 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 14 HTTP transactions. The main IP is 62.149.142.167, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is lnx.itcgfermi.org.

This is the only time lnx.itcgfermi.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	62.149.142.167 62.149.142.167	31034 (ARUBA-ASN) (ARUBA-ASN)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3 3	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
3	34.226.77.200 34.226.77.200	14618 (AMAZON-AES) (AMAZON-AES)
2	146.59.152.166 146.59.152.166	16276 (OVH) (OVH)
14	4

5 62.149.142.167 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx401.aruba.it

lnx.itcgfermi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.199.248.10 (United States) 3 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.226.77.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-77-200.compute-1.amazonaws.com

indopoker303.wildapricot.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	itcgfermi.org lnx.itcgfermi.org	367 KB
4	ampproject.org cdn.ampproject.org	106 KB
3	wildapricot.org indopoker303.wildapricot.org
3	bit.ly 3 redirects bit.ly	612 B
2	ibb.co i.ibb.co	4 KB
14	5

	Domain	Requested by
5	lnx.itcgfermi.org	lnx.itcgfermi.org
4	cdn.ampproject.org	lnx.itcgfermi.org cdn.ampproject.org
3	indopoker303.wildapricot.org	lnx.itcgfermi.org
3	bit.ly	3 redirects
2	i.ibb.co	lnx.itcgfermi.org
14	5

This site contains links to these domains. Also see Links.

Domain
192.64.114.186
direct.lc.chat
bit.ly
nagagaming.live
nagagaming.site
arenabet303.com
arenajoker123.com
arenajoker123.net
arenajoker123.vip
jokergaming.live
ayomain.co
ayomain.vip
ayomain.cc
arenajoker123.co
arenajoker123.biz
arenajoker123.info
arenajoker123.org
arenajoker123.cc
arenajoker123.online
arenajoker123.live
arenaslot.org
arenajoker123.top
arenajoker123.site
lapakgaming303.com
lapakbo303.com
arenaslot.live
arenajoker.co
arenajoker.live
arenajoker.biz
arenajoker.net
arenajoker.info
arenajoker.vip
arenamain.club
jokergaming.site
arenaslot.co
agenslot.top
arenamain.org
agenslot.me
arenamain.live
agenslot.cc
ayomain.live
arenamain.co
arenabet303.net
agenslot.site
arenaslot.biz
192.64.115.58
209.59.183.59
63.250.44.243
209.59.183.56
63.250.45.90

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
ibb.co R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Frame ID: 2044EDE6DE6A652917DB3FED9ABE5610
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FAFASLOT - FAFA SLOT | AGEN FAFASLOT | DAFTAR FAFASLOT ( ADAPOKER303 ) SITUS FAFASLOT

Page Statistics

14
Requests

43 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

478 kB
Transfer

757 kB
Size

1
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: http://192.64.114.186/
Title: JOKER123

Search URL Search Domain Scan URL

URL: http://192.64.114.186/register/
Title: DAFTAR SLOT

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/9962450/
Title: LIVECHAT

Search URL Search Domain Scan URL

URL: https://bit.ly/39hCHg3
Title: +855 88 605 3077

Search URL Search Domain Scan URL

URL: http://nagagaming.live/
Title: SLOT ONLINE

Search URL Search Domain Scan URL

URL: http://nagagaming.site/
Title: SLOT TEMBAK IKAN

Search URL Search Domain Scan URL

URL: http://arenabet303.com/
Title: DAFTAR SLOT

Search URL Search Domain Scan URL

URL: http://arenajoker123.com/
Title: DAFTAR JOKER123

Search URL Search Domain Scan URL

URL: http://arenajoker123.net/
Title: TEMBAK IKAN

Search URL Search Domain Scan URL

URL: http://arenajoker123.vip/
Title: JOKER123

Search URL Search Domain Scan URL

URL: http://jokergaming.live/
Title: JOKER SLOT

Search URL Search Domain Scan URL

URL: http://ayomain.co/
Title: VIVOSLOT

Search URL Search Domain Scan URL

URL: http://ayomain.vip/
Title: JOKER123

Search URL Search Domain Scan URL

URL: http://ayomain.cc/
Title: JOKER SLOT

Search URL Search Domain Scan URL

URL: http://arenajoker123.co/
Title: DAFTAR JOKER123

Search URL Search Domain Scan URL

URL: http://arenajoker123.biz/
Title: SITUS JOKER

Search URL Search Domain Scan URL

URL: http://arenajoker123.info/
Title: GAME SLOT IKAN

Search URL Search Domain Scan URL

URL: http://arenajoker123.org/
Title: GAME SLOT

Search URL Search Domain Scan URL

URL: http://arenajoker123.cc/
Title: TEMBAK IKAN

Search URL Search Domain Scan URL

URL: http://arenajoker123.online/
Title: AGEN SLOT

Search URL Search Domain Scan URL

URL: http://arenajoker123.live/
Title: SITUS JOKER

Search URL Search Domain Scan URL

URL: http://arenaslot.org/
Title: FAFA SLOT

Search URL Search Domain Scan URL

URL: http://arenajoker123.top/
Title: DAFTAR JOKER

Search URL Search Domain Scan URL

URL: http://arenajoker123.site/
Title: AGEN JOKER

Search URL Search Domain Scan URL

URL: http://lapakgaming303.com/
Title: TEMBAK IKAN JOKER

Search URL Search Domain Scan URL

URL: http://lapakbo303.com/
Title: FAFASLOT

Search URL Search Domain Scan URL

URL: http://arenaslot.live/
Title: SITUS SLOT FAFA

Search URL Search Domain Scan URL

URL: http://arenajoker.co/
Title: SLOT JOKER

Search URL Search Domain Scan URL

URL: http://arenajoker.live/
Title: JOKER GAMING

Search URL Search Domain Scan URL

URL: http://arenajoker.biz/
Title: AGEN JOKER

Search URL Search Domain Scan URL

URL: http://arenajoker.net/
Title: VIVOSLOT

Search URL Search Domain Scan URL

URL: http://arenajoker.info/
Title: FAFASLOT

Search URL Search Domain Scan URL

URL: http://arenajoker.vip/
Title: JOKER SLOT

Search URL Search Domain Scan URL

URL: http://arenamain.club/
Title: AGEN JOKER123

Search URL Search Domain Scan URL

URL: http://jokergaming.site/
Title: JOKER GAMING

Search URL Search Domain Scan URL

URL: http://arenaslot.co/
Title: FAFA SLOT

Search URL Search Domain Scan URL

URL: http://agenslot.top/
Title: AGEN SLOT

Search URL Search Domain Scan URL

URL: http://arenamain.org/
Title: SLOT JOKER

Search URL Search Domain Scan URL

URL: http://agenslot.me/
Title: FAFA SLOT

Search URL Search Domain Scan URL

URL: http://arenamain.live/
Title: VIVOSLOT

Search URL Search Domain Scan URL

URL: http://agenslot.cc/
Title: TEMBAK IKAN

Search URL Search Domain Scan URL

URL: http://ayomain.live/
Title: SLOT FAFA

Search URL Search Domain Scan URL

URL: http://arenamain.co/
Title: VIVOSLOT

Search URL Search Domain Scan URL

URL: http://arenabet303.net/
Title: VIVOSLOT

Search URL Search Domain Scan URL

URL: http://agenslot.site/
Title: AGEN JOKER

Search URL Search Domain Scan URL

URL: http://arenaslot.biz/
Title: FAFASLOT

Search URL Search Domain Scan URL

URL: http://192.64.115.58/
Title: http://192.64.115.58/

Search URL Search Domain Scan URL

URL: http://209.59.183.59/
Title: http://209.59.183.59/

Search URL Search Domain Scan URL

URL: http://63.250.44.243/
Title: http://63.250.44.243/

Search URL Search Domain Scan URL

URL: https://209.59.183.56/
Title: https://209.59.183.56/

Search URL Search Domain Scan URL

URL: http://63.250.45.90/
Title: http://63.250.45.90/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://bit.ly/2S0gUUt HTTP 301
https://indopoker303.wildapricot.org/resources/Pictures/daftar.png

Request Chain 4

https://bit.ly/3igEAP2 HTTP 301
https://indopoker303.wildapricot.org/resources/Pictures/live-chat.png

Request Chain 5

https://bit.ly/2TJQ9nL HTTP 301
https://indopoker303.wildapricot.org/resources/Pictures/wa.png

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request amp.html Show response
lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/ 30 KB
30 KB 1086ms
1070ms Document
text/html 62.149.142.167
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 62.149.142.167 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx401.aruba.it
Software: Apache /
Resource Hash: 9548472eca378460d8f882178d66a084fb8b0817ee9008cd775decc12e978d15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Date: Sun, 21 Nov 2021 21:16:11 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 16 Oct 2021 17:53:46 GMT
ETag: "7748-5ce7bfe4ae9cf"
Accept-Ranges: bytes
Content-Length: 30536
Keep-Alive: timeout=5, max=100
Content-Type: text/html

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 100 KB
30 KB 2684ms
2615ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ef5662125de484fe5c30a2d1a28d61fa64fb3c1be18a775443348185e62d36

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30764
x-xss-protection: 0
server: sffe
date: Sun, 21 Nov 2021 21:16:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "b48b5231d0b58bb6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Nov 2021 21:16:14 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 267 KB
70 KB 1772ms
1703ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dabda2f742e3dae9dd3fefa357afa5831a3695dbc362d29cfb7aca9e631e155

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70220
x-xss-protection: 0
server: sffe
date: Sun, 21 Nov 2021 21:16:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "cd59525a8a19a729"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Nov 2021 21:16:13 GMT

GET
H/1.1 200
OK download.php
lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/ 28 KB
28 KB 224ms
223ms Image
image/png 62.149.142.167
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/download.php?url=L0FEQVBPS0VSMzAzLnBuZw%3D%3D&cidReset=true&cidReq=FAFASLOT
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 62.149.142.167 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx401.aruba.it
Software: Apache /
Resource Hash: 1d0a901691cb45fea7d848eddfd2b1b462d89a27c0ec353bf59495047d9fe394

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
Date: Sun, 21 Nov 2021 21:16:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=60
Content-Disposition: inline; filename="ADAPOKER303.png"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 28393
Expires: Sun, 21 Nov 2021 21:17:13 GMT

GET
H/1.1

404
Not Found

daftar.png
indopoker303.wildapricot.org/resources/Pictures/
Redirect Chain

https://bit.ly/2S0gUUt
https://indopoker303.wildapricot.org/resources/Pictures/daftar.png

0
0

634ms
299ms

Image
text/html

34.226.77.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indopoker303.wildapricot.org/resources/Pictures/daftar.png
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 34.226.77.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-77-200.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

content-security-policy: referrer always;
via: 1.1 google
referrer-policy: unsafe-url
server: nginx
date: Sun, 21 Nov 2021 21:16:13 GMT
content-type: text/html; charset=utf-8
location: https://indopoker303.wildapricot.org/resources/Pictures/daftar.png
cache-control: private, max-age=90
alt-svc: clear
content-length: 153

GET
H/1.1

404
Not Found

live-chat.png
indopoker303.wildapricot.org/resources/Pictures/
Redirect Chain

https://bit.ly/3igEAP2
https://indopoker303.wildapricot.org/resources/Pictures/live-chat.png

0
0

630ms
294ms

Image
text/html

34.226.77.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indopoker303.wildapricot.org/resources/Pictures/live-chat.png
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 34.226.77.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-77-200.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

content-security-policy: referrer always;
via: 1.1 google
referrer-policy: unsafe-url
server: nginx
date: Sun, 21 Nov 2021 21:16:13 GMT
content-type: text/html; charset=utf-8
location: https://indopoker303.wildapricot.org/resources/Pictures/live-chat.png
cache-control: private, max-age=90
alt-svc: clear
content-length: 156

GET
H/1.1

404
Not Found

wa.png
indopoker303.wildapricot.org/resources/Pictures/
Redirect Chain

https://bit.ly/2TJQ9nL
https://indopoker303.wildapricot.org/resources/Pictures/wa.png

0
0

504ms
193ms

Image
text/html

34.226.77.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indopoker303.wildapricot.org/resources/Pictures/wa.png
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 34.226.77.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-77-200.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

content-security-policy: referrer always;
via: 1.1 google
referrer-policy: unsafe-url
server: nginx
date: Sun, 21 Nov 2021 21:16:13 GMT
content-type: text/html; charset=utf-8
location: https://indopoker303.wildapricot.org/resources/Pictures/wa.png
cache-control: private, max-age=90
alt-svc: clear
content-length: 149

GET
H/1.1 200
OK download.php
lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/ 222 KB
223 KB 1256ms
1234ms Image
image/jpeg 62.149.142.167
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/download.php?url=L0ZBRkFTTE9ULjEuanBn&cidReset=true&cidReq=FAFASLOT
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 62.149.142.167 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx401.aruba.it
Software: Apache /
Resource Hash: 585f7b10864e738d21eef731eba5279f0730c4c70cc8d3cc220d75e94c785d5b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
Date: Sun, 21 Nov 2021 21:16:14 GMT
Server: Apache
Upgrade: h2
Cache-Control: max-age=60
Content-Disposition: inline; filename="FAFASLOT.1.jpg"
Connection: Upgrade, Keep-Alive
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=100
Content-Length: 227486
Expires: Sun, 21 Nov 2021 21:17:14 GMT

GET
H2 200 android-id.png
i.ibb.co/M9jwZ9r/ 2 KB
2 KB 103ms
32ms Image
image/png 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/M9jwZ9r/android-id.png
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 3812f46c94518c867ebe4d9fc67a07a7b7b61b67dfc03e6e6893d8924a665893

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 21:16:13 GMT
last-modified: Sun, 11 Apr 2021 14:07:58 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1983
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ios-id.png
i.ibb.co/ydVVX7z/ 2 KB
2 KB 105ms
33ms Image
image/png 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/ydVVX7z/ios-id.png
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 7260357db1baca45a948db3832134d7c5d4171de728a0068c67702ced4f75737

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 21:16:13 GMT
last-modified: Sun, 11 Apr 2021 14:08:19 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1598
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK download.php
lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/ 25 KB
25 KB 233ms
212ms Image
image/png 62.149.142.167
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/download.php?url=L2JhbmsucG5n&cidReset=true&cidReq=FAFASLOT
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 62.149.142.167 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx401.aruba.it
Software: Apache /
Resource Hash: cf4007395134861c31cd46a3b3fa384ded20c3b4bf841d1d4f1900ccd70fcdc9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
Date: Sun, 21 Nov 2021 21:16:13 GMT
Server: Apache
Upgrade: h2
Cache-Control: max-age=60
Content-Disposition: inline; filename="bank.png"
Connection: Upgrade, Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 25258
Expires: Sun, 21 Nov 2021 21:17:13 GMT

GET
H/1.1 200
OK download.php
lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/ 61 KB
61 KB 266ms
245ms Image
image/png 62.149.142.167
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lnx.itcgfermi.org/claroline-1.11.8/claroline/backends/download.php?url=L1BBR0NPUl8mYW1wO19CTU0ucG5n&cidReset=true&cidReq=FAFASLOT
Requested by: Host: lnx.itcgfermi.org
URL: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
Protocol: HTTP/1.1
Server: 62.149.142.167 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx401.aruba.it
Software: Apache /
Resource Hash: 536cba2aa84930baa8bb5c43422beb1d0118e4bcc8c7f06778300f1066aa8525

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://lnx.itcgfermi.org/claroline-1.11.8/courses/FAFASLOT/document/amp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
Date: Sun, 21 Nov 2021 21:16:13 GMT
Server: Apache
Upgrade: h2
Cache-Control: max-age=60
Content-Disposition: inline; filename="PAGCOR_&_BMM.png"
Connection: Upgrade, Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 62411
Expires: Sun, 21 Nov 2021 21:17:13 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012111060251009/v0/ 7 KB
3 KB 88ms
32ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111060251009/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733a7bd8f5da332db8290bdf113435e227e11ee312e898710e5ca0480f8e03b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lnx.itcgfermi.org/
Origin: http://lnx.itcgfermi.org
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2902
x-xss-protection: 0
server: sffe
date: Fri, 19 Nov 2021 16:31:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "66d65a1af045004a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 19 Nov 2022 16:31:09 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012111060251009/v0/ 15 KB
4 KB 81ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111060251009/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faaf8cba8b0bcace7bff7bd7b949c203eba979a4539a17f26d3b5778526a6fb6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lnx.itcgfermi.org/
Origin: http://lnx.itcgfermi.org
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3704
x-xss-protection: 0
server: sffe
date: Fri, 19 Nov 2021 16:31:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e81fd4edf598555"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 19 Nov 2022 16:31:09 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lnx.itcgfermi.org/	1969-12-31 23:59:59	Name: 1c22e471d544c69bdd791ecad9611597 Value: pk27un8r96d5adsnhh6oajra73

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://indopoker303.wildapricot.org/resources/Pictures/wa.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://indopoker303.wildapricot.org/resources/Pictures/live-chat.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://indopoker303.wildapricot.org/resources/Pictures/daftar.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cdn.ampproject.org
i.ibb.co
indopoker303.wildapricot.org
lnx.itcgfermi.org
146.59.152.166
2a00:1450:4001:809::2001
34.226.77.200
62.149.142.167
67.199.248.10
1d0a901691cb45fea7d848eddfd2b1b462d89a27c0ec353bf59495047d9fe394
35ef5662125de484fe5c30a2d1a28d61fa64fb3c1be18a775443348185e62d36
3812f46c94518c867ebe4d9fc67a07a7b7b61b67dfc03e6e6893d8924a665893
536cba2aa84930baa8bb5c43422beb1d0118e4bcc8c7f06778300f1066aa8525
585f7b10864e738d21eef731eba5279f0730c4c70cc8d3cc220d75e94c785d5b
7260357db1baca45a948db3832134d7c5d4171de728a0068c67702ced4f75737
733a7bd8f5da332db8290bdf113435e227e11ee312e898710e5ca0480f8e03b4
7dabda2f742e3dae9dd3fefa357afa5831a3695dbc362d29cfb7aca9e631e155
9548472eca378460d8f882178d66a084fb8b0817ee9008cd775decc12e978d15
cf4007395134861c31cd46a3b3fa384ded20c3b4bf841d1d4f1900ccd70fcdc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faaf8cba8b0bcace7bff7bd7b949c203eba979a4539a17f26d3b5778526a6fb6

lnx.itcgfermi.org Open in urlscan Pro 62.149.142.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

43 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

4 IPs

4 Countries

478 kBTransfer

757 kBSize

1 Cookies

51 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

lnx.itcgfermi.org Open in urlscan Pro
62.149.142.167 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

43 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

478 kB
Transfer

757 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions