URL: https://copctrainingcenter.com/iwk2u
Submission: On January 31 via manual from IN — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 193.3.19.53, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is copctrainingcenter.com.
TLS certificate: Issued by R3 on January 28th 2022. Valid for: 3 months.
This is the only time copctrainingcenter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

MIME: 7-zip archive data, version 0.4
Size: 959 KB (982293 bytes, 100% done)
Downloaded from: https://fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsLm7f2roXUDox8ricEUsKbvvLs_akPuDGFm_kK0LEJyhS3IcbV7XzTA/Transaction_details_trxn_0388762091881_pdf.7z?download&psid=1

Domain & IP information

IP Address AS Autonomous System
1 193.3.19.53 50340 (SELECTEL-MSK)
1 1 13.107.42.13 8068 (MICROSOFT...)
1 13.107.42.12 8068 (MICROSOFT...)
2 2
Apex Domain
Subdomains
Transfer
1 1drv.com
fnz0aa.db.files.1drv.com
1 live.com
onedrive.live.com — Cisco Umbrella Rank: 2486
789 B
1 copctrainingcenter.com
copctrainingcenter.com
430 B
2 3
Domain Requested by
1 fnz0aa.db.files.1drv.com
1 onedrive.live.com 1 redirects
1 copctrainingcenter.com
2 3

This site contains no links.

Subject Issuer Validity Valid
hackday.net
R3
2022-01-28 -
2022-04-28
3 months crt.sh
storage.live.com
Microsoft RSA TLS CA 01
2021-08-19 -
2022-08-19
a year crt.sh

This page contains 1 frames:

Frame: https://fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsLm7f2roXUDox8ricEUsKbvvLs_akPuDGFm_kK0LEJyhS3IcbV7XzTA/Transaction_details_trxn_0388762091881_pdf.7z?download&psid=1
Frame ID: 68503B1C88AB072619EAE683DC679B18
Requests: 2 HTTP requests in this frame

Screenshot


Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

0 kB
Transfer

0 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://onedrive.live.com/download?cid=A495F9919D8A1067&resid=A495F9919D8A1067%21105&authkey=ALAksdhRc-UN1yU HTTP 302
  • https://fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsLm7f2roXUDox8ricEUsKbvvLs_akPuDGFm_kK0LEJyhS3IcbV7XzTA/Transaction_details_trxn_0388762091881_pdf.7z?download&psid=1

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request iwk2u
copctrainingcenter.com/
149 B
430 B
Document
General
Full URL
https://copctrainingcenter.com/iwk2u
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.3.19.53 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
d3d448c382dd14bc79b5d194e464e15ea76640740dc68249fe285ff3a0cf2c0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 31 Jan 2022 07:51:07 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
149
Connection
keep-alive
Keep-Alive
timeout=60
Last-Modified
Mon, 31 Jan 2022 05:31:51 GMT
ETag
"95-5d6da1a0dc8ef"
Accept-Ranges
bytes
Transaction_details_trxn_0388762091881_pdf.7z
fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsLm7f2roXU...
Redirect Chain
  • https://onedrive.live.com/download?cid=A495F9919D8A1067&resid=A495F9919D8A1067%21105&authkey=ALAksdhRc-UN1yU
  • https://fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsL...
0
0
Document
General
Full URL
https://fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsLm7f2roXUDox8ricEUsKbvvLs_akPuDGFm_kK0LEJyhS3IcbV7XzTA/Transaction_details_trxn_0388762091881_pdf.7z?download&psid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.12 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
1drv.ms
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://copctrainingcenter.com/iwk2u

Response headers

cache-control
public
content-type
application/octet-stream
content-encoding
gzip
content-location
https://fnz0aa.db.files.1drv.com/y4mJ8-gLBGLvzFCEILRN72bzx5vl_FY9U1GQ2D6DdWJST0X57WsUFkEUQBYk9CpTNWRRWreYlSuNfFCmYiWv_dY1E5PMkdETml5MPbqIBymCNt0FaE_1hu7AJZF6GAbCwHTNnWhtoGi-f-jleYyKpnbRAbygPXKxVZ1qMk2Q28bG-StMhV8ZCoKH5rka28wM5Ja
expires
Sun, 01 May 2022 07:51:11 GMT
last-modified
Mon, 31 Jan 2022 05:21:46 GMT
accept-ranges
bytes
etag
A495F9919D8A1067!105.2
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver
DB3PPF1C9663735
strict-transport-security
max-age=31536000; includeSubDomains
ms-cv
KKfzh2pEDEC5ICbzaLtxJQ.0
x-sqldataorigin
S
ctag
aYzpBNDk1Rjk5MTlEOEExMDY3ITEwNS4yNTc
x-preauthinfo
rv;poba;
content-disposition
attachment; filename="Transaction_details_trxn_0388762091881_pdf.7z"
x-content-type-options
nosniff
x-streamorigin
X
x-asmversion
UNKNOWN; 19.830.111.2003
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 567579D60CC241CCBD3AFA8FCAD5F09E Ref B: FRAEDGE0822 Ref C: 2022-01-31T07:51:08Z
date
Mon, 31 Jan 2022 07:51:10 GMT

Redirect headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html
expires
-1
location
https://fnz0aa.db.files.1drv.com/y4mNL7_BxWDB72UtwWTM5bVrtX8rCbP4F-J2v06vD-yMTfrz1QzD-dzdPsrNXSxrfGVZVaHppabAz1ZbRJ4lHneqc8VpiCrRQ9eEX-Yzpmxd8NIYt9BBWGDkTkx3Yv0aw_bUk7HGKEH7-Pd3nTcRU0wSczsiKEofHCsLm7f2roXUDox8ricEUsKbvvLs_akPuDGFm_kK0LEJyhS3IcbV7XzTA/Transaction_details_trxn_0388762091881_pdf.7z?download&psid=1
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-msnserver
RDE42AAC93BE8D
x-odwebserver
centralus0-odwebpl
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: EDACBAD0527E4E1E8E5E96DDF121BC06 Ref B: FRAEDGE1221 Ref C: 2022-01-31T07:51:08Z
date
Mon, 31 Jan 2022 07:51:08 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.live.com/ Name: E
Value: P:SOz9cI7k2Yg=:n2ZR2yq3/QHv+h5lRlekK9Ov0z0sXdiwYt46+49G9vQ=:F
.live.com/ Name: xid
Value: ab5eb6a8-8a4f-43a8-9761-e496e6237be9&&RDE42AAC93BE8D&63
.live.com/ Name: xidseq
Value: 1
.live.com/ Name: wla42
Value:

1 Console Messages

Source Level URL
Text
network error URL: https://copctrainingcenter.com/iwk2u
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

copctrainingcenter.com
fnz0aa.db.files.1drv.com
onedrive.live.com
13.107.42.12
13.107.42.13
193.3.19.53
d3d448c382dd14bc79b5d194e464e15ea76640740dc68249fe285ff3a0cf2c0f