zzlavltypthgyfzum232yq-on.drv.tw

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 47.89.250.243, located in United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is zzlavltypthgyfzum232yq-on.drv.tw.
TLS certificate: Issued by R3 on April 16th 2021. Valid for: 3 months.

This is the only time zzlavltypthgyfzum232yq-on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	47.89.250.243 47.89.250.243	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	35.213.153.15 35.213.153.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	4

2 47.89.250.243 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

zzlavltypthgyfzum232yq-on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.153.15 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 15.153.213.35.bc.googleusercontent.com

mattdwightmattdwight.mattdwight.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	drv.tw zzlavltypthgyfzum232yq-on.drv.tw drv.tw	4 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	mattdwight.com.au mattdwightmattdwight.mattdwight.com.au	58 KB
4	3

	Domain	Requested by
1	www.googletagmanager.com	mattdwightmattdwight.mattdwight.com.au
1	mattdwightmattdwight.mattdwight.com.au	zzlavltypthgyfzum232yq-on.drv.tw
1	drv.tw	zzlavltypthgyfzum232yq-on.drv.tw
1	zzlavltypthgyfzum232yq-on.drv.tw
4	4

This site contains no links.

Subject Issuer	Validity	Valid
*.drv.tw R3	`2021-04-16` - `2021-07-15`	3 months	crt.sh
*.mattdwight.com.au R3	`2021-05-13` - `2021-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://zzlavltypthgyfzum232yq-on.drv.tw/onedrive.live.com%3Fid%3DF5B836041CF5E329!106%26cid%3DF5B836041CF5E329/onedrive.live.com_%20id%3DF5B836041CF5E329!110%26cid%3DF5B836041CF5E329%26parId%3DF5B836041CF5E329!10211
Frame ID: 5D89827175EBC044842C1472EF961440
Requests: 2 HTTP requests in this frame

Frame: https://mattdwightmattdwight.mattdwight.com.au/adobeacrobatindex.html
Frame ID: 4061C6648F961C4E456199B1BFC9A33C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

92 kB
Transfer

232 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request onedrive.live.com_%20id%3DF5B836041CF5E329!110%26cid%3DF5B836041CF5E329%26parId%3DF5B836041CF5E329!10211 Show response
zzlavltypthgyfzum232yq-on.drv.tw/onedrive.live.com%3Fid%3DF5B836041CF5E329!106%26cid%3DF5B836041CF5E329/ 13 KB
3 KB 2153ms
1613ms Document
text/html 47.89.250.243
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://zzlavltypthgyfzum232yq-on.drv.tw/onedrive.live.com%3Fid%3DF5B836041CF5E329!106%26cid%3DF5B836041CF5E329/onedrive.live.com_%20id%3DF5B836041CF5E329!110%26cid%3DF5B836041CF5E329%26parId%3DF5B836041CF5E329!10211
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.89.250.243 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 06701400a0552c4e263d00bc4b0c158eac664a888d062e7e47db1b369c4eb962

Request headers

:method: GET
:authority: zzlavltypthgyfzum232yq-on.drv.tw
:scheme: https
:path: /onedrive.live.com%3Fid%3DF5B836041CF5E329!106%26cid%3DF5B836041CF5E329/onedrive.live.com_%20id%3DF5B836041CF5E329!110%26cid%3DF5B836041CF5E329%26parId%3DF5B836041CF5E329!10211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.14.0 (Ubuntu)
date: Wed, 19 May 2021 08:04:01 GMT
content-type: text/html
last-modified: Mon, 17 May 2021 15:52:50 GMT
cache-control: public, max-age=604800
vary: Accept-Encoding
content-encoding: gzip
x-cache: BYPASS
set-cookie: uid=rBEO6WCkxnGdFTrQCPc7Ag==; domain=.drv.tw; path=/

GET
H2 200 wd.js Show response
drv.tw/inc/ 365 B
592 B 378ms
160ms Script
application/javascript 47.89.250.243
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://drv.tw/inc/wd.js
Requested by: Host: zzlavltypthgyfzum232yq-on.drv.tw
URL: https://zzlavltypthgyfzum232yq-on.drv.tw/onedrive.live.com%3Fid%3DF5B836041CF5E329!106%26cid%3DF5B836041CF5E329/onedrive.live.com_%20id%3DF5B836041CF5E329!110%26cid%3DF5B836041CF5E329%26parId%3DF5B836041CF5E329!10211
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.89.250.243 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer: https://zzlavltypthgyfzum232yq-on.drv.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 08:04:02 GMT
last-modified: Mon, 28 Dec 2020 05:44:07 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5fe970a7-16d"
x-cache: BYPASS
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 365
expires: Thu, 20 May 2021 08:04:02 GMT

GET
H2 200 adobeacrobatindex.html Show response
mattdwightmattdwight.mattdwight.com.au/ Frame 4061 90 KB
58 KB 1232ms
347ms Document
text/html 35.213.153.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mattdwightmattdwight.mattdwight.com.au/adobeacrobatindex.html
Requested by: Host: zzlavltypthgyfzum232yq-on.drv.tw
URL: https://zzlavltypthgyfzum232yq-on.drv.tw/onedrive.live.com%3Fid%3DF5B836041CF5E329!106%26cid%3DF5B836041CF5E329/onedrive.live.com_%20id%3DF5B836041CF5E329!110%26cid%3DF5B836041CF5E329%26parId%3DF5B836041CF5E329!10211
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.213.153.15 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 15.153.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6a2d1218509f901b8370b86ef890269cd4980884ad3964361ac53a0f35b8436

Request headers

:method: GET
:authority: mattdwightmattdwight.mattdwight.com.au
:scheme: https
:path: /adobeacrobatindex.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://zzlavltypthgyfzum232yq-on.drv.tw/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://zzlavltypthgyfzum232yq-on.drv.tw/

Response headers

server: nginx
date: Wed, 19 May 2021 08:03:56 GMT
content-type: text/html
last-modified: Sat, 15 May 2021 12:29:53 GMT
vary: Accept-Encoding
etag: W/"609fbec1-16876"
expires: Mon, 15 Nov 2021 08:03:56 GMT
cache-control: max-age=15552000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br

GET
DATA 200
OK truncated
/ Frame 4061 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c49f98e14f4534a8fb8b9e244d746a422fbdbfb5cf7eca817fb4542bce44401

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4061 28 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1adb64717fd76d52831c6b4c508b2f37c3ca5d32956da9475c8e5390453fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4061 76 KB
30 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA

Requested by

Host: mattdwightmattdwight.mattdwight.com.au
URL: https://mattdwightmattdwight.mattdwight.com.au/adobeacrobatindex.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db24fbdb4f50c6b092acf82cbe333e9f00b55553091035e0c9622e55f885e766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mattdwightmattdwight.mattdwight.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 08:04:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30992
x-xss-protection: 0
last-modified: Wed, 19 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 May 2021 08:04:03 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mattdwightmattdwight.mattdwight.com.au/adobeacrobatindex.html(Line 233) Message: [object CSSStyleDeclaration]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drv.tw
mattdwightmattdwight.mattdwight.com.au
www.googletagmanager.com
zzlavltypthgyfzum232yq-on.drv.tw
2a00:1450:4001:811::2008
35.213.153.15
47.89.250.243
06701400a0552c4e263d00bc4b0c158eac664a888d062e7e47db1b369c4eb962
1d1adb64717fd76d52831c6b4c508b2f37c3ca5d32956da9475c8e5390453fa7
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33
9c49f98e14f4534a8fb8b9e244d746a422fbdbfb5cf7eca817fb4542bce44401
b6a2d1218509f901b8370b86ef890269cd4980884ad3964361ac53a0f35b8436
db24fbdb4f50c6b092acf82cbe333e9f00b55553091035e0c9622e55f885e766

zzlavltypthgyfzum232yq-on.drv.tw Open in urlscan Pro 47.89.250.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

92 kBTransfer

232 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

zzlavltypthgyfzum232yq-on.drv.tw Open in urlscan Pro
47.89.250.243 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

92 kB
Transfer

232 kB
Size

0
Cookies

4 HTTP transactions
2 data transactions