URL: http://bersstimarab.ddns.ms/86.h
Submission: On March 31 via manual from US

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 8 HTTP transactions. The main IP is 193.70.117.105, located in Poland and belongs to OVH, FR. The main domain is bersstimarab.ddns.ms.
This is the only time bersstimarab.ddns.ms was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 193.70.117.105 16276 (OVH)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 83.140.30.11 12552 (IPO-EU)
2 2a00:1450:400... 15169 (GOOGLE)
8 4
Domain Requested by
3 bersstimarab.ddns.ms bersstimarab.ddns.ms
2 www.youtube.com bersstimarab.ddns.ms
1 media4.picsearch.com bersstimarab.ddns.ms
1 tse1.mm.bing.net bersstimarab.ddns.ms
1 tse3.mm.bing.net bersstimarab.ddns.ms
8 5

This site contains no links.

Subject Issuer Validity Valid
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 3 frames:

Primary Page: http://bersstimarab.ddns.ms/86.h
Frame ID: DA3FB98C7C4F00ADD1DA141EED01C505
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yGClDQBU-Lw
Frame ID: 27EBDB4AF8AB6AFE4D6EC007635E62C3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3joEWfiGQpE
Frame ID: BCDBC11544325D1BBBA8D0E196B9EAA0
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

50 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

4
Countries

32 kB
Transfer

41 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 86.h
bersstimarab.ddns.ms/
18 KB
8 KB
Document
General
Full URL
http://bersstimarab.ddns.ms/86.h
Protocol
HTTP/1.1
Server
193.70.117.105 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip105.ip-193-70-117.eu
Software
nginx/1.10.3 /
Resource Hash
f486ec6c8129c1fee6b89feea208da0cdf3dc5d3bd4f8dd815fd640841ef4e1b

Request headers

Host
bersstimarab.ddns.ms
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.10.3
Date
Tue, 31 Mar 2020 14:06:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
tatexuds=2248960; expires=Wed, 01-Apr-2020 14:06:54 GMT; Max-Age=86400; path=/; domain=.bersstimarab.ddns.ms
Content-Encoding
gzip
miyaykaxeb.js
bersstimarab.ddns.ms/js/
100 B
408 B
Script
General
Full URL
http://bersstimarab.ddns.ms/js/miyaykaxeb.js
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/86.h
Protocol
HTTP/1.1
Server
193.70.117.105 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip105.ip-193-70-117.eu
Software
nginx/1.10.3 /
Resource Hash
38af9ce8e757958c8a21a731dca9a8d066b1a148679c4755ecf1ed012afb58b2

Request headers

Referer
http://bersstimarab.ddns.ms/86.h
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 14:06:55 GMT
Server
nginx/1.10.3
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
th
tse3.mm.bing.net/
10 KB
10 KB
Image
General
Full URL
https://tse3.mm.bing.net/th?id=OIP.rzELPQs4i0vmg9lab4DpLAHaFP&pid=Api&P=0&w=300&h=300
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/86.h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
538c48ec760138e73eb24bb8a6345550368b9d444be2381dacfcd4ee1faaee77

Request headers

Referer
http://bersstimarab.ddns.ms/86.h
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 31 Mar 2020 14:06:54 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: EF0AE01DED3646B79F23A7D2A904CB62 Ref B: FRAEDGE0710 Ref C: 2020-03-31T14:06:54Z
access-control-allow-origin
*
x-cache
TCP_MISS
content-type
image/jpeg
status
200
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
cache-control
public, max-age=1209600
timing-allow-origin
*
access-control-allow-headers
*
content-length
9883
th
tse1.mm.bing.net/
10 KB
10 KB
Image
General
Full URL
https://tse1.mm.bing.net/th?id=OIP.haoHnaG6Ohlj6oJgwSBmvAHaDl&pid=Api&P=0&w=300&h=300
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/86.h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d290441191a7747f49dca4a5484e89dc249aefacbc18e4f0176e955395f3ad5c

Request headers

Referer
http://bersstimarab.ddns.ms/86.h
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 31 Mar 2020 14:06:54 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 54300F8FCCBB4E99BDDC58255DAFA8A7 Ref B: FRAEDGE0710 Ref C: 2020-03-31T14:06:54Z
access-control-allow-origin
*
x-cache
TCP_MISS
content-type
image/jpeg
status
200
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
cache-control
public, max-age=1209600
timing-allow-origin
*
access-control-allow-headers
*
content-length
9995
is
media4.picsearch.com/
4 KB
4 KB
Image
General
Full URL
http://media4.picsearch.com/is?Ezq169hjlc5-zBdWzzaHbSP6JZHy7wyLmeRLHTHoR1U&height=224
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/86.h
Protocol
HTTP/1.1
Server
83.140.30.11 , Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
7dc11c6ff354b285a9f164453c5bee868fa7364edc800d5754ae37e1a73be9fd

Request headers

Referer
http://bersstimarab.ddns.ms/86.h
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 14:06:55 GMT
Last-Modified
Mon, 09 Mar 2020 00:00:00 GMT
Server
Apache/2.4.7 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=2, max=128
Content-Length
3618
Content-Type
image/jpeg
yorukdfbw.js
bersstimarab.ddns.ms/js/
0
173 B
Script
General
Full URL
http://bersstimarab.ddns.ms/js/yorukdfbw.js?0.6646007616963745
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/js/miyaykaxeb.js
Protocol
HTTP/1.1
Server
193.70.117.105 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip105.ip-193-70-117.eu
Software
nginx/1.10.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bersstimarab.ddns.ms/86.h
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 14:06:55 GMT
Server
nginx/1.10.3
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
yGClDQBU-Lw
www.youtube.com/embed/ Frame 27EB
0
0
Document
General
Full URL
https://www.youtube.com/embed/yGClDQBU-Lw
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/86.h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/yGClDQBU-Lw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://bersstimarab.ddns.ms/86.h
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://bersstimarab.ddns.ms/86.h

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
br
content-type
text/html; charset=utf-8
cache-control
no-cache
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Tue, 31 Mar 2020 14:06:55 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=Sh-pXD9o4Gs; path=/; domain=.youtube.com; secure; expires=Sun, 27-Sep-2020 14:06:55 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=Sh-pXD9o4Gs; path=/; domain=.youtube.com; secure; expires=Sun, 27-Sep-2020 14:06:55 GMT; httponly; samesite=None YSC=kfa9drwIEe8; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 31-Mar-2020 14:36:55 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
3joEWfiGQpE
www.youtube.com/embed/ Frame BCDB
0
0
Document
General
Full URL
https://www.youtube.com/embed/3joEWfiGQpE
Requested by
Host: bersstimarab.ddns.ms
URL: http://bersstimarab.ddns.ms/86.h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/3joEWfiGQpE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://bersstimarab.ddns.ms/86.h
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://bersstimarab.ddns.ms/86.h

Response headers

status
200
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
date
Tue, 31 Mar 2020 14:06:55 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=MJRtaVMU10c; path=/; domain=.youtube.com; secure; expires=Sun, 27-Sep-2020 14:06:55 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=MJRtaVMU10c; path=/; domain=.youtube.com; secure; expires=Sun, 27-Sep-2020 14:06:55 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 31-Mar-2020 14:36:55 GMT YSC=qu_g8Bazsos; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

5 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: kfa9drwIEe8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Sh-pXD9o4Gs
.bersstimarab.ddns.ms/ Name: zaqtnocedati
Value: 3257167612
.youtube.com/ Name: GPS
Value: 1
.bersstimarab.ddns.ms/ Name: tatexuds
Value: 2248960