tsugi.citrixirc.com Open in urlscan Pro
155.133.138.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tsugi.citrixirc.com/
Submission Tags: @phishunt_io
Submission: On March 25 via api (March 25th 2022, 1:39:52 am UTC) from DE — Scanned from FR

Summary HTTP 16 Redirects Links 15 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 155.133.138.5, located in France and belongs to GANDI-AS Domain name registrar - www.gandi.net, FR. The main domain is tsugi.citrixirc.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on March 24th 2022. Valid for: a year.

This is the only time tsugi.citrixirc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	155.133.138.5 155.133.138.5		29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - www.gandi.net)
15	188.114.96.7 188.114.96.7		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

1 155.133.138.5 (France)

ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR)
PTR: webacc3.sd5.ghst.net

tsugi.citrixirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 188.114.96.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

static.tsugi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	tsugi.org static.tsugi.org	357 KB
1	citrixirc.com tsugi.citrixirc.com	3 KB
16	2

	Domain	Requested by
15	static.tsugi.org	tsugi.citrixirc.com static.tsugi.org
1	tsugi.citrixirc.com
16	2

This site contains links to these domains. Also see Links.

Domain
www.imsglobal.org
classroom.google.com
www.tsugi.org
github.com
lti-tools.dr-chuck.com

Subject Issuer	Validity	Valid
tsugi.citrixirc.com Gandi Standard SSL CA 2	`2022-03-24` - `2023-03-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tsugi.citrixirc.com/
Frame ID: B8590E6636B8507DD26CF0E90AEDCA29
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TSUGI

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

360 kB
Transfer

1177 kB
Size

1
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://www.imsglobal.org/LTI/v1p1p1/ltiIMGv1p1p1.html
Title: IMS LTI 1.1 Spec

Search URL Search Domain Scan URL

URL: https://www.imsglobal.org/specs/lticiv1p0
Title: IMS LTI Deep Linking

Search URL Search Domain Scan URL

URL: http://www.imsglobal.org/lti/ltiv2p0/ltiIMGv2p0.html
Title: IMS LTI 2.0 Spec

Search URL Search Domain Scan URL

URL: https://classroom.google.com/
Title: Google Classroom

Search URL Search Domain Scan URL

URL: https://www.tsugi.org/
Title: Tsugi Project Site

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi
Title: https://github.com/tsugiproject/tsugi

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi-php
Title: https://github.com/tsugiproject/tsugi-php

Search URL Search Domain Scan URL

URL: https://github.com/tsugitools/
Title: https://github.com/tsugitools/

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi-php-module
Title: https://github.com/tsugiproject/tsugi-php-module

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi-php-standalone
Title: https://github.com/tsugiproject/tsugi-php-standalone

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi-php-exercises
Title: https://github.com/tsugiproject/tsugi-php-exercises

Search URL Search Domain Scan URL

URL: https://lti-tools.dr-chuck.com/exercises/
Title: specifications

Search URL Search Domain Scan URL

URL: https://lti-tools.dr-chuck.com/tsugi/dev
Title: working solutions

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi-java-servlet
Title: https://github.com/tsugiproject/tsugi-java-servlet

Search URL Search Domain Scan URL

URL: https://github.com/tsugiproject/tsugi-node-sample
Title: https://github.com/tsugiproject/tsugi-node-sample

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tsugi.citrixirc.com/	8 KB 3 KB	622ms 61ms	Document text/html	155.133.138.5 www.gandi.net
General Check archive.org Show headers Download Go to Full URL https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 155.133.138.5 , France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR), Reverse DNS webacc3.sd5.ghst.net Software Apache / PHP/8.0.12 Resource Hash `704e80c5d63393f9b7bc4cf4b9cd867632d5b08cccdb3cf3e196251e132552ff` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers date Fri, 25 Mar 2022 01:39:48 GMT server Apache x-powered-by PHP/8.0.12 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-encoding gzip content-length 3014 content-type text/html; charset=utf-8 via 1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3) vary Accept-Encoding x-cache-hits 0 x-cache MISS accept-ranges bytes age 0
GET H2	200	tsugiscripts_head.js Show response static.tsugi.org/js/	1 KB 1 KB	146ms 45ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/tsugiscripts_head.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3e3ec2a7b950217c3adbffcda28251d3d8c27e06d8694bec125fb972e996b1f8` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 568584 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 06 Aug 2021 12:41:04 GMT server cloudflare etag W/"452-5c8e359498cc6-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdY4edbwS%2BR6xtQ8b0%2BioVdBC%2Fof3fxEeJwur1SZsb2hopj1R26jnOUxLItbaTP0zILTAPi6TSc6nJYWU%2FIWvgme0V1q0uw%2By8M%2FNW73%2BkZr0HqNNGf1hoaxe%2BWADC7INHma"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b70998d-CDG
GET H2	200	bootstrap.min.css static.tsugi.org/bootstrap-3.4.1/css/	119 KB 20 KB	193ms 92ms	Stylesheet text/css	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/bootstrap-3.4.1/css/bootstrap.min.css Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 289877 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 12 Jul 2019 23:41:12 GMT server cloudflare etag W/"1da71-58d8472106b08-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrLHE3BhpDDo%2FN%2FI1MW1OknKRHACXDkqRuTeAexyx8R4S1MxpUrl8aeN16wXaAlGu87HdNLzpnLKAJAPFjdRvwcvehu4%2Bmp5SVc77X8xfOQFHGZXNKIabvrL%2FAROiosL3TpL"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b6a998d-CDG
GET H2	200	jquery-ui.min.css static.tsugi.org/js/jquery-ui-1.11.4/	29 KB 8 KB	153ms 53ms	Stylesheet text/css	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/jquery-ui-1.11.4/jquery-ui.min.css Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 568584 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"75d3-57b8047f97551-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1aX0f12pin3qHH0tcsxDx%2Fbv58unl960RAmSmDAvO4qcjBV6frciYZukla24k4jJKzG%2Bvzr9uJGrw4PHAg42naSQGlky7sNGbbDE9fHwjgHPrDF84EZ0KtwoQf7Gh0xBqEI"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b6b998d-CDG
GET H2	200	all.css static.tsugi.org/fontawesome-free-5.8.2-web/css/	67 KB 12 KB	148ms 48ms	Stylesheet text/css	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/fontawesome-free-5.8.2-web/css/all.css Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 241346 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 10 May 2019 12:39:17 GMT server cloudflare etag W/"10df1-58887dae5a4f7-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F3%2FVeS8NC1J0XQyh%2BfHwgEmh1y9daGCYqnvdevPe3aWWulZkxjZsYj4ux%2B4o5BUeUdkCJvnsatXph%2FKVeWuPFgXfiBzZkJP7JqSgbtDP81XxziKjQqCnC1eY9MNVEV6UUc6"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b6d998d-CDG
GET H2	200	v4-shims.css static.tsugi.org/fontawesome-free-5.8.2-web/css/	40 KB 5 KB	146ms 45ms	Stylesheet text/css	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/fontawesome-free-5.8.2-web/css/v4-shims.css Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `caff935269da9ac9f3c383274722da390c85938e407212951d837fed3864d4d9` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 290367 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 10 May 2019 12:39:17 GMT server cloudflare etag W/"a101-58887dae5a4f7-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDgdGrI7mdlivbfb3BPANlX57pIc57iv8viSm%2FlFiMfpeiYbzSXMYKYqbM782vNOxMOw0v7OzZhOJat5DuZ2Gm%2BgXTHn%2F0jytgrxTkQqF28vxtH%2FilSe2yCZkuHXTo%2BC95Hb"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b6e998d-CDG
GET H2	200	tsugi2.css static.tsugi.org/css/	16 KB 3 KB	147ms 46ms	Stylesheet text/css	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/css/tsugi2.css Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6d2b3e20e029822c8964a73aa4db82ce869b7e8823182895eb9264128d920445` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 290367 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 23 Aug 2021 15:39:47 GMT server cloudflare etag W/"3e02-5ca3bd3bcd1e6-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mG8RYuOgHjMX9XG6BYAbCVRPs6CMdMscDR8BddbzRCqfXvK%2FYei5r2D1qCf9pW2OnF6AY%2B7OThHvHQ7k7NvSDORDDIXsZtwHamloN6tLiL8Ng4g4inB6phvBARnQOQgca7E"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b6f998d-CDG
GET H2	200	jquery-1.11.3.js Show response static.tsugi.org/js/	278 KB 85 KB	154ms 54ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/jquery-1.11.3.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 288975 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"456ea-57b8047f965b1-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzKa76MEhooitgssND86Zkj3ONtcqWOX4ZHI2hlMrxrOEY9OqTfMZ%2Bokp481j%2Fr%2FoVk2v6ujPulnaxYspjUmHqBJ9he%2F3J2StSp0n2d9U8Ee7OjAkqSYQOxqHX3deSSrbOnJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b71998d-CDG
GET H2	200	bootstrap.min.js Show response static.tsugi.org/bootstrap-3.4.1/js/	39 KB 11 KB	147ms 47ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/bootstrap-3.4.1/js/bootstrap.min.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 96175 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 12 Jul 2019 23:41:12 GMT server cloudflare etag W/"9b00-58d8472108a48-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsJVRu%2FpYsXTOOZGCcbOVvVl3S3G7erfA%2BUn1SPa3VZ5X0UN8eM7lsgH0QtDAXeo3Hm%2FVQ7VuDIjuxLY83qk2jXHcvSJeSOPAdEEvs1V08V62XCQ9MNGCWJRYTrCI3kSr8YP"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef531b72998d-CDG
GET H2	200	jquery-ui.min.js Show response static.tsugi.org/js/jquery-ui-1.11.4/	235 KB 64 KB	194ms 94ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/jquery-ui-1.11.4/jquery-ui.min.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 288975 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"3ab2b-57b8047f97551-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7fxdHVMVmxwFFcFSFBufEGtXnJnxGGjTu5MM9RW%2BohnUczQoS%2BJCHYFfsQBSDy%2F8TdhijX8wZA6%2BTy2xAofW5rXwKl3oXzpXVt2QBEtiaGRMdo7hZiQAPoTgzRufqfBmCF6"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef535b9c998d-CDG
GET H2	200	jquery.timeago-1.6.3.js Show response static.tsugi.org/js/	7 KB 3 KB	193ms 93ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/jquery.timeago-1.6.3.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6ab2182378c6fbfffe7aad501e4f72ab7d9fd38ecdc94f8966a46468c700a9dd` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 288975 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"1ce7-57b8047f97551-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BlAdGxV6%2FgTDT2v7HHs9N9XWAnTEwLflWB1R454SN68uRzvsjw1wQEshGl3bwQUjhywMmGgLsqUsmSk1Uc0fZ68B5UYUcXuXaMJefR9M8Em%2FatNXTbbk9wrcwLcw7xH%2FApF"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef535b9b998d-CDG
GET H2	200	handlebars-v4.0.2.js Show response static.tsugi.org/js/	156 KB 35 KB	194ms 94ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/handlebars-v4.0.2.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12ea53e9be7252e638efdbdba54e12882787e818b46f6a5dad237a75f491ad64` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 96175 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"26e8c-57b8047f95611-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7dlMuBI7iSCJLAkAnUEIr0Gl%2FqgLumGapC0XGYfkFB4nWKxdXLGgNO5iZizAaGB4DhnTJbpgQdFbvskEq8YYdL%2BCecNIR%2BIs1sbHDxqZJE2Fwj1bHl3RfuL4FgU7xXN%2BWEr"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef535ba0998d-CDG
GET H2	200	tmpl.min.js Show response static.tsugi.org/tmpljs-3.8.0/	1 KB 893 B	192ms 93ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/tmpljs-3.8.0/tmpl.min.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d7226941f81c8e7dbc6014bf761668b096e33d122bf2d13fe9c50f369c36ae65` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 288975 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"430-57b8047f9b3d1-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFuKL%2B4lyuKyIbrXnqJMPa2e8rOCvyv3EBeglo7byNKrY%2FrofoOIdg6026IHRoPmdPkLYaHfvI55HgiNZTsPMw3jeAOzczmTBY2IVcirIOU9WWV6ejSENDUK0DQWpbJr7zi1"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef535b9e998d-CDG
GET H2	200	tsugiscripts.js Show response static.tsugi.org/js/	25 KB 8 KB	193ms 94ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/js/tsugiscripts.js Requested by Host: tsugi.citrixirc.com URL: https://tsugi.citrixirc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8b1d5de7973531c93f29be3ee8be7737ccb831733f1f4f3576c5df9361691f28` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 288975 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 05 Aug 2021 23:41:03 GMT server cloudflare etag W/"62a7-5c8d873bf9b93-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI5PW%2FtGOLpqHvxEdKiyBJtFEd2Y8Uu48EFAaEVbpGti%2F6rFiVPTlqEIJaHsGBFVAyZi7yGPRWKBzJHP%2BozxUd13VAYe7g2VjJzTGWnJm%2B%2BPPU%2FqwAlbRQRlr%2BqFxP8X9iTH"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef535b9d998d-CDG
GET H3	200	fa-solid-900.woff2 static.tsugi.org/fontawesome-free-5.8.2-web/webfonts/	73 KB 73 KB	182ms 140ms	Font application/octet-stream	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/fontawesome-free-5.8.2-web/webfonts/fa-solid-900.woff2 Requested by Host: static.tsugi.org URL: https://static.tsugi.org/fontawesome-free-5.8.2-web/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640` Request headers Referer https://static.tsugi.org/fontawesome-free-5.8.2-web/css/all.css Origin https://tsugi.citrixirc.com Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT access-control-allow-methods GET cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 74328 last-modified Fri, 10 May 2019 12:39:18 GMT server cloudflare etag "12258-58887dae7b836" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSXEZ6%2FyVxPARGe7kZMzgfbI3NYHfF87dk6rA4oG5qnGKv7INg8bJ0VoHqidCiwhCw4AqiR%2BhA18y3zrSULAAS2ZaRsDcuqdt7M0esClv3aBu3ONpnMtuD4TVifbuiWrsKuH"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes cf-ray 6f13ef543f4199b4-CDG
GET H2	200	webcomponents-lite.js Show response static.tsugi.org/polyfill/webcomponentsjs-1.0.22/	83 KB 27 KB	56ms 56ms	Script application/javascript	188.114.96.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.tsugi.org/polyfill/webcomponentsjs-1.0.22/webcomponents-lite.js Requested by Host: static.tsugi.org URL: https://static.tsugi.org/js/tsugiscripts.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e5da70bc662559a55106ea3c2322732ebde4b494754792edc7dc1e8e7283c7ce` Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://tsugi.citrixirc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:39:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 568581 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 25 Nov 2018 17:09:37 GMT server cloudflare etag W/"14db3-57b8047f9a431-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9E74AhOCobnf1sAyUfffHwawIJ2FL1Lu6Yn36LM1vT9BpA8EHnTWjEPJzgXmJTG0XEle%2Fizh7w1u42RAb3kF8niABiT8BNr04XJRNFQbZbp5nz0IcTs%2Fv9QPvGargeyP1Un"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800 cf-ray 6f13ef542c88998d-CDG

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| _TSUGI function| dataToggle function| sprintf function| inIframe function| isObject string| CSRF_TOKEN function| $ function| jQuery object| jQuery111302852117068962403 object| Handlebars function| tmpl function| doHeartBeat boolean| DE_BOUNCE_LTI_FRAME_RESIZE_TIMER boolean| DE_BOUNCE_LTI_FRAME_RESIZE_HEIGHT function| lti_frameResize function| lti_frameResizeNow function| lti_hideLMSNavigation function| lti_showLMSNavigation function| lti_scrollParentToTop function| portalSmallBreakPoint function| portalMediumBreakPoint function| modalDialogWidth function| showModal function| showModalIframe function| showModalIframeUrl function| finishModalIframeUrl function| labnolThumb function| labnolStopPlayers function| labnolIframe object| TSUGI_TEMPLATES function| tsugiHandlebarsRender function| tsugiHandlebarsToDiv function| tsugiSetCookie function| maxZIndex function| showOverlay function| hideOverlay function| tsugiEmbedMenu function| tsugiEmbedKeep string| polyfill object| e function| window_close function| addSession function| tsugiNotifySocket function| tsugiSha256 function| copyToClipboardNoScroll function| copyToClipboard function| tsugiCheckFileMaxSize function| htmlentities number| $TSUGI_EMBED_TIMEOUT number| HEARTBEAT_TIMEOUT object| HTMLImports object| WebComponents object| ShadyCSS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tsugi.citrixirc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 258k8a9gh765eslbqgvp5numfh

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.tsugi.org
tsugi.citrixirc.com
155.133.138.5
188.114.96.7
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
12ea53e9be7252e638efdbdba54e12882787e818b46f6a5dad237a75f491ad64
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
3e3ec2a7b950217c3adbffcda28251d3d8c27e06d8694bec125fb972e996b1f8
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
6ab2182378c6fbfffe7aad501e4f72ab7d9fd38ecdc94f8966a46468c700a9dd
6d2b3e20e029822c8964a73aa4db82ce869b7e8823182895eb9264128d920445
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
704e80c5d63393f9b7bc4cf4b9cd867632d5b08cccdb3cf3e196251e132552ff
8b1d5de7973531c93f29be3ee8be7737ccb831733f1f4f3576c5df9361691f28
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
caff935269da9ac9f3c383274722da390c85938e407212951d837fed3864d4d9
d7226941f81c8e7dbc6014bf761668b096e33d122bf2d13fe9c50f369c36ae65
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
e5da70bc662559a55106ea3c2322732ebde4b494754792edc7dc1e8e7283c7ce