urlscan.io logo urlscan.io
SecurityTrails logo

cs23.biz Open in urlscan Pro
164.90.194.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
Effective URL: https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
Submission: On June 19 via manual from ES — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 164.90.194.65, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is cs23.biz.
TLS certificate: Issued by R3 on June 1st 2024. Valid for: 3 months.
This is the only time cs23.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 164.90.194.65 14061 (DIGITALOC...)
2 2
Apex Domain
Subdomains		 Transfer
2 cs23.biz
cs23.biz
26 KB
2 1
Domain Requested by
2 cs23.biz
2 1

This site contains no links.

Subject Issuer Validity Valid
cs12.biz
R3		 2024-06-01 -
2024-08-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
Frame ID: 25876F23081A9B42C8BB1D182F33A2FC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

menselijke verificatie

Page URL History Show full URLs

  1. http://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr HTTP 307
    https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

26 kB
Transfer

26 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr HTTP 307
    https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cs23.biz/
Redirect Chain
  • http://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
  • https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.90.194.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
aa72d81dce1a459236b76dc72d4436df92e88aea366be3f355c5794f91ea53cf
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 19 Jun 2024 10:07:03 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

Location
https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
Non-Authoritative-Reason
HttpsUpgrades
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
cs23.biz/ 		0
125 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cs23.biz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.90.194.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 10:07:03 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
.cs23.biz/ Name: uuid
Value: 43c242fe-6f98-4e6f-b0c1-91c4ecd563f0

1 Console Messages

Source Level URL
Text
javascript warning URL: https://cs23.biz/?sp=haztszjrgm5donjygextcoi&spu=hfsgcntfg45ha3ddf43tkobr(Line 12)
Message:
Scripts may close only the windows that were opened by them.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs23.biz
164.90.194.65
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
aa72d81dce1a459236b76dc72d4436df92e88aea366be3f355c5794f91ea53cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855