URL: https://onedrive-page.pages.dev/
Submission Tags: @phishunt_io
Submission: On December 20 via api from DE — Scanned from CA

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 172.66.47.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is onedrive-page.pages.dev.
TLS certificate: Issued by WE1 on December 20th 2024. Valid for: 3 months.
This is the only time onedrive-page.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.66.47.159 13335 (CLOUDFLAR...)
2 47.246.22.206 24429 (TAOBAO Zh...)
2 104.21.79.246 13335 (CLOUDFLAR...)
5 3
Apex Domain
Subdomains
Transfer
2 us.kg
oneapi.opkg.us.kg
668 B
2 bytecdntp.com
lf3-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 190177
47 KB
1 pages.dev
onedrive-page.pages.dev
16 KB
5 3
Domain Requested by
2 oneapi.opkg.us.kg onedrive-page.pages.dev
2 lf3-cdn-tos.bytecdntp.com onedrive-page.pages.dev
lf3-cdn-tos.bytecdntp.com
1 onedrive-page.pages.dev
5 3

This site contains no links.

Subject Issuer Validity Valid
onedrive-page.pages.dev
WE1
2024-12-20 -
2025-03-20
3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1
2024-05-21 -
2025-05-20
a year crt.sh
opkg.us.kg
WE1
2024-12-20 -
2025-03-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://onedrive-page.pages.dev/
Frame ID: F41D5BCBC506EE3968CE9E2BF1D21A4A
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Onedrive CDN

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

64 kB
Transfer

179 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
onedrive-page.pages.dev/
72 KB
16 KB
Document
General
Full URL
https://onedrive-page.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee09bab9f0af565cbde71f15cc231370e1aa4967b28fd9abcda98492d69fcb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8f4d773778f0aaa0-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 20 Dec 2024 06:09:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yjk4Y5eZjz%2F%2FP8XC4u4x4CURrcwVi8uOGruGHPIaSpTpR7ka1Z6CIeiAiNcTzrfW0B4w7Bo6XFlmVC5hvMtQs%2FfRRzn2xdBdupc4iko4bi5hGW4P1jfVouK4eDf3WHASJEril%2BtCTsbmlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=19971&min_rtt=19454&rtt_var=3703&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4189&recv_bytes=4490&delivery_rate=619&cwnd=12000&unsent_bytes=0&cid=740e4328e3583e16&ts=113&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
material-design-iconic-font.min.css
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/material-design-iconic-font/2.2.0/css/
69 KB
9 KB
Stylesheet
General
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Requested by
Host: onedrive-page.pages.dev
URL: https://onedrive-page.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.246.22.206 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onedrive-page.pages.dev/

Response headers

content-encoding
gzip
etag
W/"61ec5fe0-1149f"
age
650394
expires
Sat, 11 Jan 2025 17:27:50 GMT
server-timing
inner; dur=14
x-cache
HIT TCP_HIT dirn:11:798291582
date
Thu, 12 Dec 2024 17:29:56 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Sat, 22 Jan 2022 19:49:52 GMT
x-tt-trace-host
01ee264833e7b7a216672d47695cca5819afc70c9b6287baa7505e0574b248bb1a74e90837d88357c7d9b5a135443fa16f4375e46100a4cfa1b9aa6089098b557b434b6fde6b9e0c3e62e0aaaf2fca7129
cache-control
max-age=2592000
x-swift-cachetime
2565572
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
ens-cache26.l2us3[0,0,304-0,H], ens-cache5.l2us3[1,0], ens-cache7.us27[0,0,200-0,H], ens-cache3.us27[2,0]
ali-swift-global-savetime
1734024596
x-swift-savetime
Fri, 13 Dec 2024 00:50:24 GMT
access-control-allow-origin
*
x-tt-trace-id
00-24121301295674DE8F49BB6107BDF1B0-495C27A424DDBBC3-00
content-length
7980
eagleid
2ff6169717346749907888425e
x-tt-logid
2024121301295674DE8F49BB6107BDF1B0
server
Tengine
x-response-cinfo
149.88.16.244
x-response-cache
edge_hit
Material-Design-Iconic-Font.woff2
lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/material-design-iconic-font/2.2.0/fonts/
37 KB
38 KB
Font
General
Full URL
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by
Host: lf3-cdn-tos.bytecdntp.com
URL: https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.246.22.206 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive-page.pages.dev
Referer
https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Response headers

etag
"61ec5fdf-95f0"
age
1852651
expires
Sat, 28 Dec 2024 19:37:59 GMT
server-timing
inner; dur=11
x-cache
HIT TCP_HIT dirn:12:904141210
date
Thu, 28 Nov 2024 19:32:19 GMT
content-type
application/octet-stream
last-modified
Sat, 22 Jan 2022 19:49:51 GMT
x-tt-trace-host
01d7a1ee92f4e5b73f40fe6ba1fec34e993a8e7bdf0bbc41f6f7896b67b4b6ea55fb3943caf30e73052969e24351c07bfa4c02bf735679bfd6fe68c97e722bd8a4cb8853b5094f82cdbd8bb3bd9f195330
cache-control
max-age=2592000
x-swift-cachetime
2566510
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
ens-cache11.l2us3[0,0,304-0,H], ens-cache1.l2us3[1,0], ens-cache6.us27[0,0,200-0,H], ens-cache2.us27[2,0]
ali-swift-global-savetime
1732822339
x-swift-savetime
Fri, 29 Nov 2024 02:37:09 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-tt-trace-id
00-24112903321901DD7FDFC48731097C09-1E776DD31EBDF9CA-00
content-length
38384
eagleid
2ff6169617346749909063525e
x-tt-logid
2024112903321901DD7FDFC48731097C09
server
Tengine
x-response-cinfo
149.88.16.244
x-response-cache
edge_hit
/
oneapi.opkg.us.kg/
0
0
Preflight
General
Full URL
https://oneapi.opkg.us.kg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.79.246 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://onedrive-page.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8f4d774bddedac70-YYZ
date
Fri, 20 Dec 2024 06:09:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MrdXa616ZyTgObkOOLICGeDN4j5FY1Y6EjtWBP%2ByPL2JHcZ3dnXm23C4pMjaseavlPhJ4r8P44Qg8C6U1NsjIIQWRfAxNVZAHMSdM5L0%2FP0M9lebSWBhVE24FkZjlci67Ceguw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23117&min_rtt=21539&rtt_var=9206&sent=13&recv=9&lost=1&retrans=2&sent_bytes=5147&recv_bytes=4395&delivery_rate=18923&cwnd=8400&unsent_bytes=0&cid=5282191d0a6f16bb&ts=92&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
/
oneapi.opkg.us.kg/
25 B
668 B
XHR
General
Full URL
https://oneapi.opkg.us.kg/
Requested by
Host: onedrive-page.pages.dev
URL: https://onedrive-page.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.79.246 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97415ac71a9e73f8b25ae0552e40bf15e440c68da08f229c644fbc2d2e4baa30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
Referer
https://onedrive-page.pages.dev/

Response headers

cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJuA1mvBHoVuSLW8DitcoPtguQMfL%2BNmd63%2BZvLBB48LFCuEBtxKElPeUkw96rWusaJbBRHpPj%2Fk%2BCheYjD4FwPBBXz8a%2Bq7JL1XdO0uYW2NHQY79P938EylWPoqo4Sf4UklMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f4d774c0e27ac70-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
25
server-timing
cfL4;desc="?proto=QUIC&rtt=23669&min_rtt=20161&rtt_var=7576&sent=17&recv=13&lost=1&retrans=2&sent_bytes=5908&recv_bytes=4884&delivery_rate=62841&cwnd=8400&unsent_bytes=0&cid=5282191d0a6f16bb&ts=2315&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 20 Dec 2024 06:09:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| GLOBAL_CONFIG function| createCORSRequest function| sendRequest function| fromCdn function| loadResource function| putPreviewLoadingAnimation function| switchGlobalLoadingIndicator function| renderPage function| renderPath function| renderFileList function| renderTreeNode function| renderMarkdown function| handleEncryptedFolder function| addPathListener function| addTreeNodeListener function| addFileListLineListener function| addBackForwardListener function| addFileUploadListener function| addBackToTopListener function| switchRightDisplay function| switchBackForwardStatus function| back function| forward function| preCache function| preCacheCheck function| sortList function| fetchFileList function| loadNextPage function| uploadFiles object| api object| backForwardCache object| fileCache object| resourceCache

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://onedrive-page.pages.dev/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff