citylinkscourier.eu3.biz Open in urlscan Pro
185.176.43.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://citylinkscourier.eu3.biz/Account%20(3).html
Submission: On April 18 via manual (April 18th 2023, 12:13:44 pm UTC) from IN — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 185.176.43.64, located in Bulgaria and belongs to ZETTA-AS, BG. The main domain is citylinkscourier.eu3.biz.

This is the only time citylinkscourier.eu3.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.176.43.64 185.176.43.64	44476 (ZETTA-AS) (ZETTA-AS)
1 1	85.190.0.100 85.190.0.100	29686 (PROBENETW...) (PROBENETWORKS-AS)
1	2001:1bc0:ad:... 2001:1bc0:ad::d140	29686 (PROBENETW...) (PROBENETWORKS-AS)
2	2

1 185.176.43.64 (Bulgaria)

ASN44476 (ZETTA-AS, BG)

citylinkscourier.eu3.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.190.0.100 (Germany) 1 redirects

ASN29686 (PROBENETWORKS-AS, DE)
PTR: hpage.com

file2.npage.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1bc0:ad::d140 (Germany)

ASN29686 (PROBENETWORKS-AS, DE)

file2.hpage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	hpage.com file2.hpage.com
1	npage.de 1 redirects file2.npage.de	225 B
1	eu3.biz citylinkscourier.eu3.biz	41 KB
2	3

	Domain	Requested by
1	file2.hpage.com	citylinkscourier.eu3.biz
1	file2.npage.de	1 redirects
1	citylinkscourier.eu3.biz
2	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://citylinkscourier.eu3.biz/Account%20(3).html
Frame ID: 0ABEFBF04D42E1CE26027FC69648CC5B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Microsoft Word (Editors) Expand

Overall confidence: 100%
Detected patterns

(?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)

Page Statistics

2
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

41 kB
Transfer

40 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://file2.npage.de/014736/95/bilder/untitled.png HTTP 301
https://file2.hpage.com/014736/95/bilder/untitled.png

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Account%20(3).html Show response citylinkscourier.eu3.biz/	40 KB 41 KB	217ms 70ms	Document text/html	185.176.43.64 ZETTA-AS
General Check archive.org Show headers Download Go to Full URL http://citylinkscourier.eu3.biz/Account%20(3).html Protocol HTTP/1.1 Server 185.176.43.64 , Bulgaria, ASN44476 (ZETTA-AS, BG), Reverse DNS Software Apache / Resource Hash `12920bddca4df1c802fd0ed07902758f784972fa227020fe974511eee10543cd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 41332 Content-Type text/html Date Tue, 18 Apr 2023 12:13:39 GMT ETag "a174-5f99635bd2ccc" Keep-Alive timeout=5, max=100 Last-Modified Tue, 18 Apr 2023 06:13:45 GMT Server Apache
GET H2	404	untitled.png file2.hpage.com/014736/95/bilder/ Redirect Chain http://file2.npage.de/014736/95/bilder/untitled.png https://file2.hpage.com/014736/95/bilder/untitled.png	0 0	217ms 41ms	Image text/html	2001:1bc0:ad::d140 PROBENETWORKS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://file2.hpage.com/014736/95/bilder/untitled.png Requested by Host: citylinkscourier.eu3.biz URL: http://citylinkscourier.eu3.biz/Account%20(3).html Protocol H2 Server 2001:1bc0:ad::d140 , Germany, ASN29686 (PROBENETWORKS-AS, DE), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://citylinkscourier.eu3.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Redirect headers Location https://file2.hpage.com/014736/95/bilder/untitled.png Date Tue, 18 Apr 2023 12:13:39 GMT Server openresty Connection keep-alive Content-Length 166 Content-Type text/html

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://file2.hpage.com/014736/95/bilder/untitled.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citylinkscourier.eu3.biz
file2.hpage.com
file2.npage.de
185.176.43.64
2001:1bc0:ad::d140
85.190.0.100
12920bddca4df1c802fd0ed07902758f784972fa227020fe974511eee10543cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

citylinkscourier.eu3.biz Open in urlscan Pro 185.176.43.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

2 Requests

0 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

41 kBTransfer

40 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

citylinkscourier.eu3.biz Open in urlscan Pro
185.176.43.64 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

41 kB
Transfer

40 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions