onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru

Summary

This website contacted 4 IPs in 4 countries across 7 domains to perform 7 HTTP transactions. The main IP is 31.28.24.190, located in Moscow, Russian Federation and belongs to HOSTING-MSK, RU. The main domain is onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 23rd 2019. Valid for: 3 months.

This is the only time onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	395224 (BITLY-AS) (BITLY-AS - Bitly Inc)
1 1	67.199.248.10 67.199.248.10	395224 (BITLY-AS) (BITLY-AS - Bitly Inc)
2 2	37.187.146.140 37.187.146.140	16276 (OVH) (OVH)
1	31.28.24.190 31.28.24.190	12616 (HOSTING-MSK) (HOSTING-MSK)
2	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
7	4

1 67.199.248.11 (United States) 1 redirects

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly

www.bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.187.146.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns420167.ip-37-187-146.eu

muzibuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.28.24.190 (Moscow, Russian Federation)

ASN12616 (HOSTING-MSK, RU)
PTR: sni0.hoster.ru

onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudflare.com cdnjs.cloudflare.com	14 KB
2	muzibuzz.com 2 redirects muzibuzz.com	878 B
2	bit.ly 2 redirects www.bit.ly bit.ly	551 B
1	googleapis.com ajax.googleapis.com	30 KB
1	hoster-test.ru onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru	14 KB
0	microsoftonline.com Failed login.microsoftonline.com Failed
0	bootstrapcdn.com Failed stackpath.bootstrapcdn.com Failed maxcdn.bootstrapcdn.com Failed
7	7

	Domain	Requested by
2	cdnjs.cloudflare.com	onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
2	muzibuzz.com	2 redirects
1	ajax.googleapis.com	onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
1	onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
1	bit.ly	1 redirects
1	www.bit.ly	1 redirects
0	login.microsoftonline.com Failed	onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
0	maxcdn.bootstrapcdn.com Failed	onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
0	stackpath.bootstrapcdn.com Failed	onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
7	9

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru Let's Encrypt Authority X3	`2019-06-23` - `2019-09-21`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html
Frame ID: A241A9F173E527BC7BBFB51A60F590D1
Requests: 6 HTTP requests in this frame

Frame: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
Frame ID: 80EE9F4B17CA3927D6BC4C115E086AE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bit.ly/33CsXrCA90nsIooOc1TI HTTP 301
http://bit.ly/33CsXrCA90nsIooOc1TI HTTP 301
https://muzibuzz.com/vandyke HTTP 301
https://muzibuzz.com/vandyke/ HTTP 302
https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

7
Requests

57 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

4
IPs

4
Countries

58 kB
Transfer

177 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bit.ly/33CsXrCA90nsIooOc1TI HTTP 301
http://bit.ly/33CsXrCA90nsIooOc1TI HTTP 301
https://muzibuzz.com/vandyke HTTP 301
https://muzibuzz.com/vandyke/ HTTP 302
https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request rema.html Show response
onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/
Redirect Chain

http://www.bit.ly/33CsXrCA90nsIooOc1TI
http://bit.ly/33CsXrCA90nsIooOc1TI
https://muzibuzz.com/vandyke
https://muzibuzz.com/vandyke/
https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html

36 KB
14 KB

9459ms
149ms

Document
text/html

31.28.24.190
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.28.24.190 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: sni0.hoster.ru
Software: nginx /
Resource Hash: 5d0cd3c11c8500c9356e1bcabfdeabb9766ac95efd0e3ec5898cb9b6e60cf271

Request headers

:method: GET
:authority: onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
:scheme: https
:path: /rema.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Tue, 25 Jun 2019 15:49:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 24 Jun 2019 07:41:22 GMT
etag: W/"33e6249-8e34-58c0cf04448c4"
content-encoding: gzip

Redirect headers

Date: Tue, 25 Jun 2019 15:48:59 GMT
Server: Apache/2.4.33 (cPanel) OpenSSL/1.0.2o mod_bwlimited/1.4
X-Powered-By: PHP/5.6.35
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=defd069a3263d245979237013e520512; path=/
location: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
7 KB 38ms
16ms Stylesheet
text/css 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
URL: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 15:49:06 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-9226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 14 Jun 2020 15:49:06 GMT
cache-control: public, max-age=30672000
cf-ray: 4ec816ed68e764c1-FRA
served-in-seconds: 0.001

GET font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
URL: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 16:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1985026
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30399
x-xss-protection: 0
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jun 2020 16:25:20 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 46ms
24ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
URL: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru/rema.html
Origin: https://onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru

Response headers

date: Tue, 25 Jun 2019 15:49:06 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 14 Jun 2020 15:49:06 GMT
cache-control: public, max-age=30672000
cf-ray: 4ec816ed6871272a-FRA
served-in-seconds: 0.004

GET bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 0
0

GET logout.srf
login.microsoftonline.com/ Frame 80EE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Domain: login.microsoftonline.com
URL: https://login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
cdnjs.cloudflare.com
login.microsoftonline.com
maxcdn.bootstrapcdn.com
muzibuzz.com
onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru
stackpath.bootstrapcdn.com
www.bit.ly
login.microsoftonline.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
2606:4700::6813:c697
2a00:1450:4001:808::200a
31.28.24.190
37.187.146.140
67.199.248.10
67.199.248.11
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
5d0cd3c11c8500c9356e1bcabfdeabb9766ac95efd0e3ec5898cb9b6e60cf271

onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru Open in urlscan Pro 31.28.24.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

57 %HTTPS

33 %IPv6

7 Domains

9 Subdomains

4 IPs

4 Countries

58 kBTransfer

177 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

onedrive.liveviewuserauthaspx209hr28jh.srv159397.hoster-test.ru Open in urlscan Pro
31.28.24.190 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

4
IPs

4
Countries

58 kB
Transfer

177 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions