urlscan.io logo urlscan.io
SecurityTrails logo

kf.thepoiseng.com.ng Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kf.serramentiinpvc.brescia.it/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
Effective URL: https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
Submission: On April 15 via api from JP — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is kf.thepoiseng.com.ng.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time kf.thepoiseng.com.ng was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.222.12 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
3 2
Domain Requested by
1 kf.thepoiseng.com.ng
1 kf.serramentiinpvc.brescia.it 1 redirects
0 antibotcloud.com Failed kf.thepoiseng.com.ng
0 counter.yadro.ru Failed kf.thepoiseng.com.ng
3 4

This site contains links to these domains. Also see Links.

Domain
antibot.cloud
www.liveinternet.ru
xaxaxa.antibot.cloud
Subject Issuer Validity Valid
*.thepoiseng.com.ng
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
Frame ID: EAB94E47CF34B3E70CD1940763AABCF6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aspettare.

Page URL History Show full URLs

  1. https://kf.serramentiinpvc.brescia.it/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC HTTP 302
    https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

4 kB
Transfer

6 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kf.serramentiinpvc.brescia.it/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC HTTP 302
    https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
kf.thepoiseng.com.ng/rp/
Redirect Chain
  • https://kf.serramentiinpvc.brescia.it/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
  • https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19faa088bde7f30ed7cd97d8e1f71f5dfac27ec12735e4202eb2d126fec0714e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7b7ff139fb260df1-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Apr 2023 00:06:23 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<https://antibotcloud.com/antibot7.php>; rel=dns-prefetch
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKUCjMBYGPAvRrelkcRLwlhoKGaQvojfYyWFHCkRTNtfm3wi%2B%2BXnvIlYES38knYGfS4XvVpHAybcbjXqzRiyl8NkzmqiE6muPDUvgNmqfkhVjbM%2BpSGthpgnQQ5xf54e1Da7Vu50oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b7ff1068f03374e-MXP
date
Sat, 15 Apr 2023 00:06:14 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sedsdEXwz86FN3JyMrb8RvEVXl%2B8LroNs7e9ZGv6FfiCbxyya5OOH6R%2FRiOrK0BlByAXcvumTE6be%2F9DulvQsPhLIq%2B4HCNXE%2BFVopCy2bFLr0KthYj7sFZGAqKXp7EVL%2FpVRXv7PSdqtAQFL7aAyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://kf.thepoiseng.com.ng/rp/%EC%B2%AD%EC%A3%BC-%EA%B0%90%EC%84%B1-%ED%85%8C%EB%9D%BC%ED%94%BC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
hit;Korea
counter.yadro.ru/ 		0
0
antibot7.php
antibotcloud.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
counter.yadro.ru
URL
https://counter.yadro.ru/hit;Korea?t39.8;r;s1600*1200*24;uhttps%3A//kf.thepoiseng.com.ng/rp/%25EC%25B2%25AD%25EC%25A3%25BC-%25EA%25B0%2590%25EC%2584%25B1-%25ED%2585%258C%25EB%259D%25BC%25ED%2594%25BC;hAspettare.;0.12408031374436623
Domain
antibotcloud.com
URL
https://antibotcloud.com/antibot7.php

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| b64_to_utf8 string| country string| action string| h1 string| h2 string| ipfull string| ip string| via string| v string| re string| rk string| ho string| cid string| ptr number| width number| height number| cwidth number| cheight number| colordepth number| pixeldepth string| phpreferrer string| referrer function| nore function| Button function| CloudTest function| HideBtnClick

4 Cookies

Domain/Path Name / Value
kf.thepoiseng.com.ng/ Name: antibot_uid
Value: 8b8492fa1fee126eff6e01d5171250e6
kf.thepoiseng.com.ng/ Name: antibot_country
Value: IT
kf.thepoiseng.com.ng/ Name: antibot_lang
Value: it
kf.thepoiseng.com.ng/ Name: antibot_ptr
Value: 192.145.127.219

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antibotcloud.com
counter.yadro.ru
kf.serramentiinpvc.brescia.it
kf.thepoiseng.com.ng
antibotcloud.com
counter.yadro.ru
172.67.222.12
188.114.97.3
19faa088bde7f30ed7cd97d8e1f71f5dfac27ec12735e4202eb2d126fec0714e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12