amstaff.city - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 172.67.219.232, located in United States and belongs to CLOUDFLARENET, US. The main domain is amstaff.city.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2024. Valid for: 3 months.

This is the only time amstaff.city was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.219.232 172.67.219.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	172.67.8.141 172.67.8.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.195.116.113 51.195.116.113	16276 (OVH) (OVH)
6	3

4 172.67.219.232 (United States)

ASN13335 (CLOUDFLARENET, US)

amstaff.city	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.8.141 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.116.113 (France)

ASN16276 (OVH, FR)
PTR: vps-451f3654.vps.ovh.net

mdbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	amstaff.city amstaff.city	48 KB
2	amung.us 1 redirects whos.amung.us — Cisco Umbrella Rank: 17539 widgets.amung.us — Cisco Umbrella Rank: 36185	2 KB
1	mdbootstrap.com mdbootstrap.com — Cisco Umbrella Rank: 294622	28 KB
6	3

	Domain	Requested by
4	amstaff.city	amstaff.city
1	mdbootstrap.com	amstaff.city
1	widgets.amung.us	amstaff.city
1	whos.amung.us	1 redirects
6	4

This site contains links to these domains. Also see Links.

Domain
discord.gg
i.imgur.com

Subject Issuer	Validity	Valid
amstaff.city GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
mdbootstrap.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amstaff.city/index.php
Frame ID: B99D546889369CBFC38EC0FB250FB34D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Eventi Sportivi

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

78 kB
Transfer

349 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/Y8cWqzwNQ2
Title: ENTRA IN DISCORD

Search URL Search Domain Scan URL

URL: https://i.imgur.com/MoPb48Z.jpeg
Title: Link Orari

Search URL Search Domain Scan URL

URL: https://i.imgur.com/mwVRfL0.jpeg
Title: Link Orari

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://whos.amung.us/cwidget/l4ttszqxx0/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=426&c=000000ffffff&p=left

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request index.php Show response amstaff.city/	30 KB 4 KB	153ms 100ms	Document text/html	172.67.219.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstaff.city/index.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3130e6fc16e6bc1ad6e8facc8c28fe039016388b0a4c5d0b7647f7c04889de44` Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 87b72025cf56baaf-MXP content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Apr 2024 12:41:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLXI%2BZk%2Buic2iE%2F50x7L%2FHWWj%2BsMJHU190vfXR6B%2B7HjOR8jPBN9q57xQ91BGzpk66QE%2F1kcOTk9QdOaBL8uETRYY2dEjFChluHaW0cxjXMTo4TNRdjndhyg43OzMPw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H3	200	mdb.min.css amstaff.city/	287 KB 41 KB	45ms 44ms	Stylesheet text/css	172.67.219.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstaff.city/mdb.min.css Requested by Host: amstaff.city URL: https://amstaff.city/index.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3098d013d9b9d698314daf3bddbd93dbcd9e325a838aa29637ba08892d6dcb0a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amstaff.city/index.php Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 12:41:16 GMT content-encoding br cf-cache-status HIT last-modified Sun, 28 Jan 2024 19:51:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 152788 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbbrQoMnQtBehdjLo%2BCylSiB17X0cPzevTFQce0Na%2B13hQ6Ghf44gWyGJNagCX2C1MjSnDHvYUutRPgNNLdtUrXdobCIbYbOE5bHr%2BUKpb32gduAEzvzP3R0yB4k8Pw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 87b720266852baaf-MXP alt-svc h3=":443"; ma=86400 expires Fri, 03 May 2024 18:14:48 GMT
GET H3	200	offcanvas.css amstaff.city/	2 KB 1 KB	39ms 38ms	Stylesheet text/css	172.67.219.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstaff.city/offcanvas.css Requested by Host: amstaff.city URL: https://amstaff.city/index.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c5871fc7e39234f3b27fd2f0bbd067a723eec81059f2521535c10fb20bd9550` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amstaff.city/index.php Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Apr 2024 12:41:16 GMT content-encoding br cf-cache-status HIT last-modified Mon, 18 Dec 2023 19:52:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 140729 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wy%2Byj7w0FsyekL9nO3%2BSGjHO27dTR%2BvamcEXL%2FDuzEOJ3qfK2R8NWIG2%2FC4BqxnJrN6MXyMNKL%2FnIKb9%2FRFZ3KlL36t1ixwKZcFaSYpbB9MN1wjA%2FDAnvPr9y%2BAgjTs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 87b720266853baaf-MXP alt-svc h3=":443"; ma=86400 expires Fri, 03 May 2024 21:35:47 GMT
GET H3	200	/ widgets.amung.us/draw/ Redirect Chain https://whos.amung.us/cwidget/l4ttszqxx0/000000ffffff.png https://widgets.amung.us/draw/?w=colored&n=426&c=000000ffffff&p=left	1 KB 2 KB	52ms 42ms	Image image/png	172.67.8.141 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=colored&n=426&c=000000ffffff&p=left Requested by Host: amstaff.city URL: https://amstaff.city/index.php Protocol H3 Server 172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a1d7a2960f64db381a2969d8fce0f058e207b284f11f181614abbe1647e987a4` Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer https://amstaff.city/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Sun, 28 Apr 2024 12:41:16 GMT cf-cache-status HIT last-modified Sun, 07 Apr 2024 08:36:09 GMT server cloudflare age 1829107 vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=2678400 content-disposition filename=wau-widget.png cf-ray 87b720287fa90e75-MXP alt-svc h3=":443"; ma=86400 expires Mon, 08 Apr 2024 08:36:08 GMT Redirect headers date Sun, 28 Apr 2024 12:41:16 GMT cf-cache-status DYNAMIC server cloudflare content-type text/html; charset=UTF-8 location https://widgets.amung.us/draw/?w=colored&n=426&c=000000ffffff&p=left cache-control no-cache, no-store, must-revalidate cf-ray 87b72026ac5a0e75-MXP alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	flags.png mdbootstrap.com/img/svg/	27 KB 28 KB	170ms 71ms	Image image/png	51.195.116.113 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://mdbootstrap.com/img/svg/flags.png Requested by Host: amstaff.city URL: https://amstaff.city/mdb.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.195.116.113 , France, ASN16276 (OVH, FR), Reverse DNS vps-451f3654.vps.ovh.net Software nginx/1.19.8 / Resource Hash `94d5c7f1661301c4a6dc491d72dd559a0620cd917a826f0df1b023bb96ea9ddd` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amstaff.city/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 28 Apr 2024 12:41:16 GMT Last-Modified Fri, 18 Oct 2019 14:31:00 GMT Server nginx/1.19.8 ETag "5da9cca4-6ddb" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 28123 Expires Mon, 28 Apr 2025 12:41:16 GMT
GET H3	404	favicon.ico amstaff.city/	1 KB 1 KB	84ms 83ms	Other text/html	172.67.219.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://amstaff.city/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://amstaff.city/index.php Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 28 Apr 2024 12:41:16 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=By0rjnUBIPK%2F2IMGX8fh4mysvsSFqp8NrKQ8QBewhAEmSKqztUox%2FM%2F6e0VjAXgSFJlW4PAk02OdiJphkrp5tyEZVQh9HT1TgNmhN4aSjOGjRM7L8ukiO3OQD4Ikoqg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-ray 87b72028cc0abaaf-MXP alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| vw24

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://amstaff.city/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amstaff.city
mdbootstrap.com
whos.amung.us
widgets.amung.us
172.67.219.232
172.67.8.141
51.195.116.113
0c5871fc7e39234f3b27fd2f0bbd067a723eec81059f2521535c10fb20bd9550
3098d013d9b9d698314daf3bddbd93dbcd9e325a838aa29637ba08892d6dcb0a
3130e6fc16e6bc1ad6e8facc8c28fe039016388b0a4c5d0b7647f7c04889de44
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
94d5c7f1661301c4a6dc491d72dd559a0620cd917a826f0df1b023bb96ea9ddd
a1d7a2960f64db381a2969d8fce0f058e207b284f11f181614abbe1647e987a4

amstaff.city Open in urlscan Pro 172.67.219.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

78 kBTransfer

349 kBSize

0 Cookies

3 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

amstaff.city Open in urlscan Pro
172.67.219.232 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

78 kB
Transfer

349 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions