libanswers.crev.edukgroup.com Open in urlscan Pro
52.5.154.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://libanswers.crev.edukgroup.com/
Submission: On August 26 via automatic, source certstream-suspicious (August 26th 2020, 1:10:44 pm UTC)

Summary HTTP 16 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 16 HTTP transactions. The main IP is 52.5.154.105, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is libanswers.crev.edukgroup.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 27th 2020. Valid for: 3 months.

This is the only time libanswers.crev.edukgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	52.5.154.105 52.5.154.105	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.10.244 52.217.10.244	16509 (AMAZON-02) (AMAZON-02)
4	52.217.0.131 52.217.0.131	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:10:... 2606:4700:10::6814:9710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:5d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.20.149.163 23.20.149.163	14618 (AMAZON-AES) (AMAZON-AES)
16	5

9 52.5.154.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-154-105.compute-1.amazonaws.com

libanswers.crev.edukgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v2.libanswers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.10.244 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

laimages.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.0.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

libapps.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:9710 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.creativecommons.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5d6 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.149.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-149-163.compute-1.amazonaws.com

cascade2.libchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	edukgroup.com libanswers.crev.edukgroup.com	153 KB
5	amazonaws.com laimages.s3.amazonaws.com libapps.s3.amazonaws.com	2 MB
2	libanswers.com v2.libanswers.com	30 KB
1	libchat.com cascade2.libchat.com	541 B
1	licensebuttons.net licensebuttons.net	977 B
1	creativecommons.org 1 redirects i.creativecommons.org	464 B
16	6

	Domain	Requested by
7	libanswers.crev.edukgroup.com	libanswers.crev.edukgroup.com
4	libapps.s3.amazonaws.com	libanswers.crev.edukgroup.com
2	v2.libanswers.com	libanswers.crev.edukgroup.com
1	cascade2.libchat.com	libanswers.crev.edukgroup.com
1	licensebuttons.net	libanswers.crev.edukgroup.com
1	i.creativecommons.org	1 redirects
1	laimages.s3.amazonaws.com	libanswers.crev.edukgroup.com
16	7

This site contains links to these domains. Also see Links.

Domain
libguides.crev.edukgroup.com
www.springshare.com
nuc.libapps.com
twitter.com
www.youtube.com
www.instagram.com
creativecommons.org

Subject Issuer	Validity	Valid
libanswers.crev.edukgroup.com Let's Encrypt Authority X3	`2020-06-27` - `2020-09-25`	3 months	crt.sh
libanswers.com Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
libchat.com Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://libanswers.crev.edukgroup.com/
Frame ID: 45FA45C50B6DC8B1EB1D422103FFD0EA
Requests: 15 HTTP requests in this frame

Frame: https://v2.libanswers.com/chati.php?hash=0409dfa403ab2d7db1f959a966ba2527&referer=https%3A%2F%2Flibanswers.crev.edukgroup.com%2F&referer_title=Servicios%20-%20LibAnswers
Frame ID: 14D44DCF9EE192E72D81C1265782ED54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

1885 kB
Transfer

2216 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://libguides.crev.edukgroup.com/c.php?g=243417&p=1620302

Search URL Search Domain Scan URL

URL: http://www.springshare.com/
Title: Springshare

Search URL Search Domain Scan URL

URL: https://nuc.libapps.com/libapps/login.php?site_id=3932&target=
Title: Cuenta administrador

Search URL Search Domain Scan URL

URL: https://twitter.com/nucbibvirtual
Title: Twitter: @nucbibvirtual

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/crevirtualnuco
Title: YouTube: crevirtualnuco

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bibvirtual/
Title: Instagram: bibvirtual

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc/4.0/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://i.creativecommons.org/l/by-nc/4.0/80x15.png HTTP 301
https://licensebuttons.net/l/by-nc/4.0/80x15.png

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
libanswers.crev.edukgroup.com/ 47 KB
8 KB 818ms
254ms Document
text/html 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a73fd42b1ec3804bdf1c7a274b68749acf2db8798bc093ce2c34032b9e2cf090

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: libanswers.crev.edukgroup.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 26 Aug 2020 13:10:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: la_info=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
x-backend-server: libanswers-us-2.springyaws.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
content-encoding: gzip

GET
H2 200 font-awesome.min.css
libanswers.crev.edukgroup.com/css2.37.5/font-awesome/css/ 30 KB
7 KB 100ms
99ms Stylesheet
text/css 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/css2.37.5/font-awesome/css/font-awesome.min.css

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2019 13:20:52 GMT
server: nginx
etag: W/"5c94e134-7918"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public,max-age=604800
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-backend-server: libanswers-us-2.springyaws.com

GET
H2 200 LibAnswers_public.min.css
libanswers.crev.edukgroup.com/css2.37.5/ 163 KB
29 KB 179ms
178ms Stylesheet
text/css 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/css2.37.5/LibAnswers_public.min.css

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8cca8858771fca1cd97501097ff9a3a42ca5f79ec1810271687b21615272f3c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 11:59:36 GMT
server: nginx
etag: W/"5f33d9a8-28b9b"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public,max-age=604800
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-backend-server: libanswers-us-2.springyaws.com

GET
H2 200 jquery.min.js Show response
v2.libanswers.com/js2.37.5/ 86 KB
30 KB 295ms
96ms Script
application/javascript 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://v2.libanswers.com/js2.37.5/jquery.min.js

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: W/"1dc09d84-15851"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public,max-age=604800
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-backend-server: libanswers-us-4.springyaws.com

GET
H2 200 LibAnswers_public.min.js Show response
libanswers.crev.edukgroup.com/js2.37.5/ 103 KB
29 KB 257ms
256ms Script
application/javascript 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/js2.37.5/LibAnswers_public.min.js

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

57b0c2b71278cac65500e453dee8891e15bb2a520855f43dd835affa2c0be8d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 May 2020 12:01:36 GMT
server: nginx
etag: W/"5ece56a0-19d48"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public,max-age=604800
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-backend-server: libanswers-us-2.springyaws.com

GET
H/1.1 200
OK Biblioteca-Virtual-Banner.png
laimages.s3.amazonaws.com/data/headers/532/ 1 MB
1 MB 508ms
205ms Image
image/png 52.217.10.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://laimages.s3.amazonaws.com/data/headers/532/Biblioteca-Virtual-Banner.png
Requested by: Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.10.244 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b4cf5dc8df70420b5010b25823098896d4f70eda3a60ca1b677896f8696a2002

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 13:10:29 GMT
Last-Modified: Wed, 27 May 2020 21:48:58 GMT
Server: AmazonS3
x-amz-request-id: 7ECDBBAC202F1393
ETag: "4fd5c57001774f36287b4614bcd572fa"
Content-Type: image/png
x-amz-version-id: sPJCiXtZFp3jsIhCc746HRAcaTlfx1a3
Accept-Ranges: bytes
Content-Length: 1069876
x-amz-id-2: lFYKLuKpEI3jNRt5VqQtOkQOF3x/yHxJ41maz3ij7qnB4tpROKkjdasy+FXXlQY0GGJ96M8YCfE=

GET
H/1.1 200
OK HorarioNUC_May2020.jpg
libapps.s3.amazonaws.com/accounts/27024/images/ 93 KB
93 KB 447ms
157ms Image
image/jpeg 52.217.0.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libapps.s3.amazonaws.com/accounts/27024/images/HorarioNUC_May2020.jpg
Requested by: Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a42a0d58c8e8ac5892847911d095217eb78f5bff4ef7f28f317134718610818f

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 13:10:29 GMT
Last-Modified: Wed, 27 May 2020 22:02:46 GMT
Server: AmazonS3
x-amz-request-id: 564E00DC467BA62D
ETag: "00c31a4aa26d31da91a3035d6d15db34"
Content-Type: image/jpeg
x-amz-version-id: U6EmpbchMj8u0Hldj_iQfRNsV5VBHYRE
Accept-Ranges: bytes
Content-Length: 95059
x-amz-id-2: YMhHeIHe9trw16D0gn5FE6m55xvHSPzqQNnFhGbury2b1ZymQaz/Bd+TDaZZ52eWJ49C/RxftUc=

GET
H/1.1 200
OK S%C3%ADguenos_en_las_redes.png
libapps.s3.amazonaws.com/accounts/27024/images/ 495 KB
495 KB 467ms
177ms Image
image/png 52.217.0.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libapps.s3.amazonaws.com/accounts/27024/images/S%C3%ADguenos_en_las_redes.png
Requested by: Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 34327d60ce0151679a2040c7f8eb2958d73181366bc06941f5b8941f512376f2

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 13:10:29 GMT
Last-Modified: Fri, 19 Jul 2019 14:36:26 GMT
Server: AmazonS3
x-amz-request-id: 7220702281782DBF
ETag: "d71a88429153ff1c208b908c811863af"
Content-Type: image/png
x-amz-version-id: zbOu0Zo59sgP5In4w2njf5vRlNNYMeHk
Accept-Ranges: bytes
Content-Length: 506917
x-amz-id-2: WalvNc0SaYdb8WGF8LsvG8591mahchoz1j4BTVwqIjWHp6SHM7E9H01VkTgrEIP+0v5whj0JTXQ=

GET
H2 200 load_chat.php Show response
libanswers.crev.edukgroup.com/ 10 KB
4 KB 106ms
105ms Script
application/javascript 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/load_chat.php?hash=ad1c1bc63ba5b8db698119c3d3fd8c59

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5c255d03fa2fa028d9ee4809e640c8e50f679aea4dcfff5b1d752c6c6688b2ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
status: 200
x-backend-server: libanswers-us-2.springyaws.com
cache-control: public,max-age=3600
content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
x-proxy-cache: MISS

GET
H2 200 load_chat.php Show response
libanswers.crev.edukgroup.com/ 2 KB
1 KB 106ms
105ms Script
application/javascript 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/load_chat.php?hash=0409dfa403ab2d7db1f959a966ba2527

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

72f6c56354260a2863f87dee708e194c7873b6c42f2aef5df3ab2b28f0a4099b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=utf-8
status: 200
x-backend-server: libanswers-us-2.springyaws.com
cache-control: public,max-age=3600
content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
x-proxy-cache: MISS

GET
H/1.1 200
OK Evaluaciones.png
libapps.s3.amazonaws.com/accounts/27024/images/ 7 KB
7 KB 454ms
158ms Image
image/png 52.217.0.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libapps.s3.amazonaws.com/accounts/27024/images/Evaluaciones.png
Requested by: Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c368bbe8d88c4e0fa885a26018e67f7cd003feadfd1a6a9d99e1d67061dfc108

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 13:10:29 GMT
Last-Modified: Sat, 23 May 2020 23:02:00 GMT
Server: AmazonS3
x-amz-request-id: 074E44EF45FB6834
ETag: "c1072d1b98c33ebf49de962c35f2a22c"
Content-Type: image/png
x-amz-version-id: ZR_ENyaQrWOq0lTu09YbmbnYS84gu0Js
Accept-Ranges: bytes
Content-Length: 6909
x-amz-id-2: KuRVgCjtCTDGPc9TlQxpMoFwrbZP7HDlr99r1AnP5W8djxZi1hOrQ7KgRxo0j/ohwyOQwusGi30=

GET
H/1.1 200
OK Sello-University_Small_-02.png
libapps.s3.amazonaws.com/accounts/27024/images/ 58 KB
58 KB 423ms
120ms Image
image/png 52.217.0.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libapps.s3.amazonaws.com/accounts/27024/images/Sello-University_Small_-02.png
Requested by: Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1d73ff8a49f1183e912cce5bd8cbcadd14919fe2ec5aabb390e2df57388767d7

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 26 Aug 2020 13:10:29 GMT
Last-Modified: Tue, 26 May 2020 18:06:10 GMT
Server: AmazonS3
x-amz-request-id: 58FF9D2BF464585B
ETag: "9d8060fa4fa736068d43c19c5bedff1c"
Content-Type: image/png
x-amz-version-id: jb9Il3NnnJd8BIyV3wkiGlnd0cN8GiNk
Accept-Ranges: bytes
Content-Length: 59418
x-amz-id-2: 6h3Ez/r4nWx60Cgqiu+xvKWJvLk6oPN4Pl0ZURinTwUeTqXxixZgxm6BdwHvVzST+FU3L6SX/D0=

GET
H2

200

80x15.png
licensebuttons.net/l/by-nc/4.0/
Redirect Chain

https://i.creativecommons.org/l/by-nc/4.0/80x15.png
https://licensebuttons.net/l/by-nc/4.0/80x15.png

449 B
977 B

47ms
31ms

Image
image/png

2606:4700:20::681a:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by-nc/4.0/80x15.png

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96322409f902c6ff79634ecf3caa41bdbc579780e87cca2bf1eaf468183a1136

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3914
cf-polished: origSize=672
status: 200
vary: Accept-Encoding
content-length: 449
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
x-frame-options: deny
etag: "5eab4a31-2a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=432000
cf-request-id: 04cc7d38c6000097600b3d8200000001
accept-ranges: bytes
cf-ray: 5c8dcb07ac0f9760-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Wed, 26 Aug 2020 13:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 967
status: 301
vary: Accept-Encoding
cf-request-id: 04cc7d387c00009778759fd200000001
server: cloudflare
x-frame-options: deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: text/html
location: https://licensebuttons.net/l/by-nc/4.0/80x15.png
x-xss-protection: 1; mode=block
cache-control: max-age=432000
cf-ray: 5c8dcb072bf39778-FRA

GET
H2 200 widget_status Show response
cascade2.libchat.com/ 37 B
541 B 350ms
105ms XHR
application/json 23.20.149.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cascade2.libchat.com/widget_status?iid=532&rules=%5B%7B%22u%22%3A0%2C%22d%22%3A%5B506%5D%2C%22c%22%3A%22%22%2C%22fallbackSeconds%22%3A0%7D%5D
Requested by: Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/load_chat.php?hash=ad1c1bc63ba5b8db698119c3d3fd8c59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.149.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-149-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43d64f66da3a55fe47af77afe91d3d755f32add6ad52d634c3102fdf6a86bdab

Request headers

Referer: https://libanswers.crev.edukgroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:28 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: EXPIRED

GET
H2 200 chati.php
v2.libanswers.com/ Frame 14D4 0
0 126ms
125ms Document
text/html 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://v2.libanswers.com/chati.php?hash=0409dfa403ab2d7db1f959a966ba2527&referer=https%3A%2F%2Flibanswers.crev.edukgroup.com%2F&referer_title=Servicios%20-%20LibAnswers

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/load_chat.php?hash=0409dfa403ab2d7db1f959a966ba2527

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: v2.libanswers.com
:scheme: https
:path: /chati.php?hash=0409dfa403ab2d7db1f959a966ba2527&referer=https%3A%2F%2Flibanswers.crev.edukgroup.com%2F&referer_title=Servicios%20-%20LibAnswers
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://libanswers.crev.edukgroup.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://libanswers.crev.edukgroup.com/

Response headers

status: 200
server: nginx
date: Wed, 26 Aug 2020 13:10:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-backend-server: libanswers-us-4.springyaws.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: upgrade-insecure-requests
content-encoding: gzip

GET
H2 200 fontawesome-webfont.woff2
libanswers.crev.edukgroup.com/css2.37.5/font-awesome/fonts/ 75 KB
76 KB 101ms
100ms Font
font/woff2 52.5.154.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://libanswers.crev.edukgroup.com/css2.37.5/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: libanswers.crev.edukgroup.com
URL: https://libanswers.crev.edukgroup.com/css2.37.5/font-awesome/css/font-awesome.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.5.154.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-154-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://libanswers.crev.edukgroup.com
Referer: https://libanswers.crev.edukgroup.com/css2.37.5/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 13:10:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2019 13:20:52 GMT
server: nginx
etag: "5c94e134-12d68"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
status: 200
cache-control: public,max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-backend-server: libanswers-us-2.springyaws.com
content-length: 77160

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cascade2.libchat.com
i.creativecommons.org
laimages.s3.amazonaws.com
libanswers.crev.edukgroup.com
libapps.s3.amazonaws.com
licensebuttons.net
v2.libanswers.com
23.20.149.163
2606:4700:10::6814:9710
2606:4700:20::681a:5d6
52.217.0.131
52.217.10.244
52.5.154.105
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1d73ff8a49f1183e912cce5bd8cbcadd14919fe2ec5aabb390e2df57388767d7
34327d60ce0151679a2040c7f8eb2958d73181366bc06941f5b8941f512376f2
43d64f66da3a55fe47af77afe91d3d755f32add6ad52d634c3102fdf6a86bdab
57b0c2b71278cac65500e453dee8891e15bb2a520855f43dd835affa2c0be8d6
5c255d03fa2fa028d9ee4809e640c8e50f679aea4dcfff5b1d752c6c6688b2ad
72f6c56354260a2863f87dee708e194c7873b6c42f2aef5df3ab2b28f0a4099b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8cca8858771fca1cd97501097ff9a3a42ca5f79ec1810271687b21615272f3c2
96322409f902c6ff79634ecf3caa41bdbc579780e87cca2bf1eaf468183a1136
a42a0d58c8e8ac5892847911d095217eb78f5bff4ef7f28f317134718610818f
a73fd42b1ec3804bdf1c7a274b68749acf2db8798bc093ce2c34032b9e2cf090
b4cf5dc8df70420b5010b25823098896d4f70eda3a60ca1b677896f8696a2002
c368bbe8d88c4e0fa885a26018e67f7cd003feadfd1a6a9d99e1d67061dfc108

libanswers.crev.edukgroup.com Open in urlscan Pro 52.5.154.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

33 %IPv6

6 Domains

7 Subdomains

5 IPs

1 Countries

1885 kBTransfer

2216 kBSize

0 Cookies

7 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

libanswers.crev.edukgroup.com Open in urlscan Pro
52.5.154.105 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

1885 kB
Transfer

2216 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions