146.185.239.3 Open in urlscan Pro
146.185.239.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hells-paradise.de/dateien/tattoo.html
Effective URL:
http://146.185.239.3/sTDS/go.php?sid=4&sref=
Submission: On February 18 via api (February 18th 2024, 9:45:50 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 146.185.239.3, located in Russian Federation and belongs to GOODTEC, LV. The main domain is 146.185.239.3.

This is the only time 146.185.239.3 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	31.47.255.220 31.47.255.220	45012 (CLOUDPIT) (CLOUDPIT)
2	192.187.111.220 192.187.111.220	33387 (NOCIX) (NOCIX)
1	64.70.19.203 64.70.19.203	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
1	146.185.239.3 146.185.239.3	212496 (GOODTEC) (GOODTEC)
12	5

6 31.47.255.220 (Germany)

ASN45012 (CLOUDPIT, DE)
PTR: web34.alfahosting-server.de

hells-paradise.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.187.111.220 (United States)

ASN33387 (NOCIX, US)
PTR: jyt.qwiqo.live

c11n4.i.teaserguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vn4.r.teaserguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.70.19.203 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: mailrelay.203.website.ws

r.mega-us-pills.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.239.3 (Russian Federation)

ASN212496 (GOODTEC, LV)
PTR: free.gbnhost.com

146.185.239.3	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hells-paradise.de hells-paradise.de	170 KB
2	teaserguide.com c11n4.i.teaserguide.com vn4.r.teaserguide.com	2 KB
1	mega-us-pills.ws r.mega-us-pills.ws
0	Failed function sub() { [native code] }. Failed
12	4

	Domain	Requested by
6	hells-paradise.de	hells-paradise.de
1	r.mega-us-pills.ws	hells-paradise.de
1	vn4.r.teaserguide.com	hells-paradise.de
1	c11n4.i.teaserguide.com	hells-paradise.de
0	127.0.0.1 Failed	vn4.r.teaserguide.com c11n4.i.teaserguide.com
12	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 4 frames:

Primary Page: http://146.185.239.3/sTDS/go.php?sid=4&sref=
Frame ID: 7AC7248CA155F9B0446C7792E14FE17C
Requests: 7 HTTP requests in this frame

Frame: http://127.0.0.1/
Frame ID: BA86E80A47A041BB213207F09335BB88
Requests: 2 HTTP requests in this frame

Frame: http://127.0.0.1/
Frame ID: 7EA94A5E3E421123BB278AD78FB9149A
Requests: 2 HTTP requests in this frame

Frame: http://r.mega-us-pills.ws/?snitch&se_referrer=&default_keyword=Tattoo%20%5BHells%20Paradise%20Tattoo%20%26%20Piercing%20Studio%20in%20Hof%5D&keyword=Tattoo%20%5BHells%20Paradise%20Tattoo%20%26%20Piercing%20Studio%20in%20Hof%5D
Frame ID: 8532E91A9A212881F480266A5D5B5C6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hells-paradise.de/dateien/tattoo.html Page URL
http://146.185.239.3/sTDS/go.php?sid=4&sref= Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

172 kB
Transfer

194 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hells-paradise.de/dateien/tattoo.html Page URL
http://146.185.239.3/sTDS/go.php?sid=4&sref= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://vn4.r.teaserguide.com/snitch?ch=1&default_keyword=Tattoo+%5BHells+Paradise+Tattoo+%26+Piercing+Studio+in+Hof%5D&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODI5OTk0NSwiaWF0IjoxNzA4MjkyNzQ1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFoNmNycXZ0bTQ1MjFuYWMzZW9uazEiLCJuYmYiOjE3MDgyOTI3NDUsInRzIjoxNzA4MjkyNzQ1NDg0NzQ0fQ.zhfoGDDg-qAyVlBGXwqTXaRRO-DnKVgted9hJo5RMvo&referrer=&se_referrer=&sid=122ca4d5-cea7-11ee-bc52-ab7f67bb2b2e&source=hells-paradise.de HTTP 302
http://127.0.0.1/

Request Chain 10

http://c11n4.i.teaserguide.com/snitch?ch=1&default_keyword=Tattoo+%5BHells+Paradise+Tattoo+%26+Piercing+Studio+in+Hof%5D&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODI5OTk0NSwiaWF0IjoxNzA4MjkyNzQ1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFoNmNyc3RmZ3EyYjFxYmMzZW9vMDEiLCJuYmYiOjE3MDgyOTI3NDUsInRzIjoxNzA4MjkyNzQ1NTE3MDI2fQ.6rlWxlYekOm0ad3CpIlKAV7VKnV1BWhx705J27A19tg&referrer=&se_referrer=&sid=12319722-cea7-11ee-ab5c-ab7f21c2cc44&source=hells-paradise.de HTTP 302
http://127.0.0.1/

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	tattoo.html Show response hells-paradise.de/dateien/	27 KB 6 KB	583ms 111ms	Document text/html	31.47.255.220 CLOUDPIT
General Check archive.org Show headers Download Go to Full URL http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 31.47.255.220 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS web34.alfahosting-server.de Software nginx / Resource Hash `5e32f7c127c287d06db79c3dae8c7a66b4e67a3c5d9cf44398b36dbe62c81b5b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 18 Feb 2024 21:45:45 GMT ETag W/"5673d67a-6c0c" Last-Modified Fri, 18 Dec 2015 09:48:42 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	basic.css hells-paradise.de/styles/	4 KB 2 KB	116ms 110ms	Stylesheet text/css	31.47.255.220 CLOUDPIT
General Check archive.org Show headers Download Go to Full URL http://hells-paradise.de/styles/basic.css Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 31.47.255.220 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS web34.alfahosting-server.de Software nginx / Resource Hash `7beafe0c7e6e13d3689637d3c20c1881cd8ce4044e2bf996f09972702e22abf3` Request headers accept-language en-US,en;q=0.9 Referer http://hells-paradise.de/dateien/tattoo.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 21:45:45 GMT Content-Encoding gzip Last-Modified Thu, 19 Apr 2012 16:35:55 GMT Server nginx ETag W/"4f903eeb-1115" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	logo2.jpg hells-paradise.de/images/	94 KB 94 KB	199ms 104ms	Image image/jpeg	31.47.255.220 CLOUDPIT
General Check archive.org Show headers Download Go to Show image Full URL http://hells-paradise.de/images/logo2.jpg Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 31.47.255.220 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS web34.alfahosting-server.de Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://hells-paradise.de/dateien/tattoo.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 21:45:45 GMT Last-Modified Thu, 19 Apr 2012 16:35:12 GMT Server nginx ETag "4f903ec0-176c0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 95936
GET H/1.1	200 OK	contentpic-tattoo.jpg hells-paradise.de/images/	21 KB 21 KB	203ms 106ms	Image image/jpeg	31.47.255.220 CLOUDPIT
General Check archive.org Show headers Download Go to Show image Full URL http://hells-paradise.de/images/contentpic-tattoo.jpg Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 31.47.255.220 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS web34.alfahosting-server.de Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://hells-paradise.de/dateien/tattoo.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 21:45:45 GMT Last-Modified Thu, 19 Apr 2012 16:35:11 GMT Server nginx ETag "4f903ebf-542d" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 21549
GET H/1.1	200 OK	ande-propic.jpg hells-paradise.de/images/	23 KB 23 KB	208ms 108ms	Image image/jpeg	31.47.255.220 CLOUDPIT
General Check archive.org Show headers Download Go to Show image Full URL http://hells-paradise.de/images/ande-propic.jpg Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 31.47.255.220 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS web34.alfahosting-server.de Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://hells-paradise.de/dateien/tattoo.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 21:45:45 GMT Last-Modified Thu, 19 Apr 2012 16:35:09 GMT Server nginx ETag "4f903ebd-5b7c" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 23420
GET H/1.1	200 OK	caro-propic.jpg hells-paradise.de/images/	23 KB 24 KB	208ms 109ms	Image image/jpeg	31.47.255.220 CLOUDPIT
General Check archive.org Show headers Download Go to Show image Full URL http://hells-paradise.de/images/caro-propic.jpg Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 31.47.255.220 , Germany, ASN45012 (CLOUDPIT, DE), Reverse DNS web34.alfahosting-server.de Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://hells-paradise.de/dateien/tattoo.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 21:45:45 GMT Last-Modified Thu, 19 Apr 2012 16:35:10 GMT Server nginx ETag "4f903ebe-5d5b" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 23899
GET H/1.1	200 OK	snitch c11n4.i.teaserguide.com/ Frame BA86	616 B 1 KB	171ms 39ms	Document text/html	192.187.111.220 NOCIX
General Check archive.org Show headers Download Go to Full URL http://c11n4.i.teaserguide.com/snitch?default_keyword=Tattoo%20%5BHells%20Paradise%20Tattoo%20%26%20Piercing%20Studio%20in%20Hof%5D&referrer=&se_referrer=&source=hells-paradise.de Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 192.187.111.220 , United States, ASN33387 (NOCIX, US), Reverse DNS jyt.qwiqo.live Software nginx / Resource Hash Request headers Referer http://hells-paradise.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control max-age=0, private, must-revalidate connection close content-length 616 content-type text/html; charset=utf-8 date Sun, 18 Feb 2024 21:45:44 GMT server nginx
GET H/1.1	200 OK	snitch vn4.r.teaserguide.com/ Frame 7EA9	614 B 1 KB	135ms 39ms	Document text/html	192.187.111.220 NOCIX
General Check archive.org Show headers Download Go to Full URL http://vn4.r.teaserguide.com/snitch?default_keyword=Tattoo%20%5BHells%20Paradise%20Tattoo%20%26%20Piercing%20Studio%20in%20Hof%5D&referrer=&se_referrer=&source=hells-paradise.de Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 192.187.111.220 , United States, ASN33387 (NOCIX, US), Reverse DNS jyt.qwiqo.live Software nginx / Resource Hash Request headers Referer http://hells-paradise.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control max-age=0, private, must-revalidate connection close content-length 614 content-type text/html; charset=utf-8 date Sun, 18 Feb 2024 21:45:44 GMT server nginx
GET H/1.1	200 OK	/ r.mega-us-pills.ws/ Frame 8532	574 B 0	271ms 85ms	Document text/html	64.70.19.203 CENTURYLINK-LEGAC...
General Check archive.org Show headers Download Go to Full URL http://r.mega-us-pills.ws/?snitch&se_referrer=&default_keyword=Tattoo%20%5BHells%20Paradise%20Tattoo%20%26%20Piercing%20Studio%20in%20Hof%5D&keyword=Tattoo%20%5BHells%20Paradise%20Tattoo%20%26%20Piercing%20Studio%20in%20Hof%5D Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 64.70.19.203 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US), Reverse DNS mailrelay.203.website.ws Software openresty / Resource Hash Request headers Referer http://hells-paradise.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 574 Content-Type text/html; charset=ISO-8859-1 Date Sun, 18 Feb 2024 21:45:45 GMT Server openresty
GET H/1.1	200 OK	Primary Request go.php Show response 146.185.239.3/sTDS/	18 B 275 B	325ms 208ms	Document text/html	146.185.239.3 GOODTEC
General Check archive.org Show headers Download Go to Full URL http://146.185.239.3/sTDS/go.php?sid=4&sref= Requested by Host: hells-paradise.de URL: http://hells-paradise.de/dateien/tattoo.html Protocol HTTP/1.1 Server 146.185.239.3 , Russian Federation, ASN212496 (GOODTEC, LV), Reverse DNS free.gbnhost.com Software nginx/1.18.0 (Ubuntu) / Resource Hash `05455b434aaee0ec7b3f37a2796f73cb09b3570ebacef9b96f3621d78d450b87` Request headers Referer http://hells-paradise.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 18 Feb 2024 21:45:45 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET		/ 127.0.0.1/ Frame 7EA9 Redirect Chain http://vn4.r.teaserguide.com/snitch?ch=1&default_keyword=Tattoo+%5BHells+Paradise+Tattoo+%26+Piercing+Studio+in+Hof%5D&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODI5OT... http://127.0.0.1/	0 0

GET		/ 127.0.0.1/ Frame BA86 Redirect Chain http://c11n4.i.teaserguide.com/snitch?ch=1&default_keyword=Tattoo+%5BHells+Paradise+Tattoo+%26+Piercing+Studio+in+Hof%5D&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODI5... http://127.0.0.1/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 127.0.0.1
URL: http://127.0.0.1/

Domain: 127.0.0.1
URL: http://127.0.0.1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hells-paradise.de/dateien	1969-12-31 23:59:59	Name: hells-paradise.d Value: 1
			hells-paradise.de/dateien	1970-01-20 18:31:33	Name: _gax Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
c11n4.i.teaserguide.com
hells-paradise.de
r.mega-us-pills.ws
vn4.r.teaserguide.com
127.0.0.1
146.185.239.3
192.187.111.220
31.47.255.220
64.70.19.203
05455b434aaee0ec7b3f37a2796f73cb09b3570ebacef9b96f3621d78d450b87
5e32f7c127c287d06db79c3dae8c7a66b4e67a3c5d9cf44398b36dbe62c81b5b
7beafe0c7e6e13d3689637d3c20c1881cd8ce4044e2bf996f09972702e22abf3

146.185.239.3 Open in urlscan Pro 146.185.239.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

172 kBTransfer

194 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

146.185.239.3 Open in urlscan Pro
146.185.239.3 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

172 kB
Transfer

194 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions