185.252.30.100 Open in urlscan Pro
185.252.30.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://homepage.univie.ac.at/buchbergej98/columbia.html
Effective URL:
http://185.252.30.100/~icevme/columbia/
Submission: On December 06 via manual (December 6th 2020, 5:09:10 am UTC) from SG

Summary HTTP 2 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 2 HTTP transactions. The main IP is 185.252.30.100, located in Iran, Islamic Republic Of and belongs to POSHTVAR-AS, IR. The main domain is 185.252.30.100.

This is the only time 185.252.30.100 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:62a:4:70... 2001:62a:4:70::80:132	1853 (ACONET AC...) (ACONET ACOnet Backbone)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	185.252.30.100 185.252.30.100	209279 (POSHTVAR-AS) (POSHTVAR-AS)
2	3

1 2001:62a:4:70::80:132 (Vienna, Austria)

ASN1853 (ACONET ACOnet Backbone, AT)

homepage.univie.ac.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.252.30.100 (Iran, Islamic Republic Of) 1 redirects

ASN209279 (POSHTVAR-AS, IR)
PTR: server101.sosaystart.com

185.252.30.100	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	bit.ly 1 redirects bit.ly	260 B
1	univie.ac.at homepage.univie.ac.at	397 B
2	2

	Domain	Requested by
1	bit.ly	1 redirects
1	homepage.univie.ac.at
2	2

This site contains links to these domains. Also see Links.

Domain
cuit.columbia.edu
policylibrary.columbia.edu

Subject Issuer	Validity	Valid
homepage.univie.ac.at GEANT OV RSA CA 4	`2020-07-08` - `2022-07-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://185.252.30.100/~icevme/columbia/
Frame ID: D46E93E2C802DA004627E335CBADFB71
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://homepage.univie.ac.at/buchbergej98/columbia.html Page URL
https://bit.ly/3gdhF3U HTTP 301
http://185.252.30.100/~icevme/columbia HTTP 301
http://185.252.30.100/~icevme/columbia/ Page URL

Detected technologies

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

2
Requests

50 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

194 kB
Transfer

303 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cuit.columbia.edu/phishing
Title: phishing emails

Search URL Search Domain Scan URL

URL: https://cuit.columbia.edu/cuit/manage-my-uni
Title: Manage My Uni

Search URL Search Domain Scan URL

URL: http://policylibrary.columbia.edu/acceptable-usage-information-resources-policy
Title: Acceptable Usage of Information Resources Policy

Search URL Search Domain Scan URL

URL: https://cuit.columbia.edu/service-desk
Title: CUIT Service Desk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://homepage.univie.ac.at/buchbergej98/columbia.html Page URL
https://bit.ly/3gdhF3U HTTP 301
http://185.252.30.100/~icevme/columbia HTTP 301
http://185.252.30.100/~icevme/columbia/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set columbia.html Show response homepage.univie.ac.at/buchbergej98/	67 B 397 B	138ms 60ms	Document text/html	2001:62a:4:70::80:132 ACONET ACOnet Bac...
General Check archive.org Show headers Download Go to Full URL https://homepage.univie.ac.at/buchbergej98/columbia.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:62a:4:70::80:132 Vienna, Austria, ASN1853 (ACONET ACOnet Backbone, AT), Reverse DNS Software Apache/2.2.15 (Red Hat) / Resource Hash `66d42631332b8c1f9c0ed4f9946062fc96e28aef78cfacc41d67466c7b073e79` Request headers Host homepage.univie.ac.at Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 06 Dec 2020 05:08:54 GMT Server Apache/2.2.15 (Red Hat) Accept-Ranges bytes Content-Length 67 Connection close Content-Type text/html Set-Cookie BIGipServer~WWW-Cluster~web1.univie.ac.at_pool_ipv6=vi2001062a000400700000000000800027.20480; path=/; Httponly; Secure Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request / Show response 185.252.30.100/~icevme/columbia/ Redirect Chain https://bit.ly/3gdhF3U http://185.252.30.100/~icevme/columbia http://185.252.30.100/~icevme/columbia/	180 KB 116 KB	187ms 187ms	Document text/html	185.252.30.100 POSHTVAR-AS
General Check archive.org Show headers Download Go to Full URL http://185.252.30.100/~icevme/columbia/ Protocol HTTP/1.1 Server 185.252.30.100 , Iran, Islamic Republic Of, ASN209279 (POSHTVAR-AS, IR), Reverse DNS server101.sosaystart.com Software / Resource Hash `bfc090930568f02b089099afeddbe019dc4f0aabe205ddf5b2b86ad061ebb9db` Request headers Host 185.252.30.100 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer https://homepage.univie.ac.at/buchbergej98/columbia.html Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://homepage.univie.ac.at/buchbergej98/columbia.html Response headers Connection Keep-Alive Content-Type text/html Last-Modified Sun, 24 Nov 2019 20:15:50 GMT Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding Content-Length 118976 Date Sun, 06 Dec 2020 05:08:55 GMT Redirect headers Connection Keep-Alive Content-Type text/html Content-Length 706 Date Sun, 06 Dec 2020 05:08:55 GMT Location http://185.252.30.100/~icevme/columbia/
GET DATA	200 OK	truncated /	41 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2d9e9ba6e840806ee0ddd86873fd67059a12e7f5930d14e4649bd6899d8fa0f6` Request headers Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	20 KB 20 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5` Request headers Origin http://185.252.30.100 Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated /	19 KB 19 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54` Request headers Origin http://185.252.30.100 Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated /	3 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `249cebd0760dee13018a3d8dba851f448f5a97b0bcd988ec27f33535be01082f` Request headers Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	365 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1a81391d1b7231897f95db103421f28ba0815f32d82c522cfa7afe20c3b9cabd` Request headers Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	613 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6bb3bcb1166e88666cd56268d48f419ab4fa259023e3b22976b0bc90024afede` Request headers Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	19 KB 19 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `89b4a9b860f84872988c00daa136cb19cce5534a3fb4f000210ee98ef9e33b4d` Request headers Origin http://185.252.30.100 Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff2
GET DATA	200 OK	truncated /	19 KB 19 KB		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761` Request headers Origin http://185.252.30.100 Referer http://185.252.30.100/~icevme/columbia/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff2

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
homepage.univie.ac.at
185.252.30.100
2001:62a:4:70::80:132
67.199.248.10
1a81391d1b7231897f95db103421f28ba0815f32d82c522cfa7afe20c3b9cabd
249cebd0760dee13018a3d8dba851f448f5a97b0bcd988ec27f33535be01082f
2d9e9ba6e840806ee0ddd86873fd67059a12e7f5930d14e4649bd6899d8fa0f6
57a4bb5c5fad1da04cf1d43c824c9117e6ae12d5fca469fd4e525e216fb37761
66d42631332b8c1f9c0ed4f9946062fc96e28aef78cfacc41d67466c7b073e79
6bb3bcb1166e88666cd56268d48f419ab4fa259023e3b22976b0bc90024afede
89b4a9b860f84872988c00daa136cb19cce5534a3fb4f000210ee98ef9e33b4d
bfc090930568f02b089099afeddbe019dc4f0aabe205ddf5b2b86ad061ebb9db
d4310e56d4f24aebaedcd972bbb25ec84f414fa5b9be2766749b518f4a920ba5
f496b4544f491ae23fe1b2d7ce5aa997627e0bc8c10e778c159591e1c5482b54

185.252.30.100 Open in urlscan Pro 185.252.30.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

3 IPs

3 Countries

194 kBTransfer

303 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

185.252.30.100 Open in urlscan Pro
185.252.30.100 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

3
Countries

194 kB
Transfer

303 kB
Size

0
Cookies

2 HTTP transactions
8 data transactions