urlscan.io logo urlscan.io
SecurityTrails logo

serialnadivane.ru Open in urlscan Pro
2a03:6f00:1::5c35:7203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pioneervalley.alum.wellesley.edu/e.html?u=http://chilp.it/9062898&t=7199-179250
Effective URL: https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.p...
Submission: On May 13 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 1 HTTP transactions. The main IP is 2a03:6f00:1::5c35:7203, located in Murino, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is serialnadivane.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 13th 2019. Valid for: 3 months.
This is the only time serialnadivane.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 207.171.2.237 7012 (AS7012)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a03:6f00:1::... 9123 (TIMEWEB-AS)
1 1
Apex Domain
Subdomains		 Transfer
1 serialnadivane.ru
serialnadivane.ru
3 KB
1 chilp.it
chilp.it
545 B
1 wellesley.edu
pioneervalley.alum.wellesley.edu
535 B
1 3
Domain Requested by
1 serialnadivane.ru
1 chilp.it 1 redirects
1 pioneervalley.alum.wellesley.edu 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid
serialnadivane.ru
Let's Encrypt Authority X3		 2019-03-13 -
2019-06-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/?meant=cpg1bqzz012r0kp
Frame ID: B470B31375F9E0ED25200184BB331668
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pioneervalley.alum.wellesley.edu/e.html?u=http://chilp.it/9062898&t=7199-179250 HTTP 302
    http://chilp.it/9062898 HTTP 301
    https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/comm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

1
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

3 kB
Transfer

5 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pioneervalley.alum.wellesley.edu/e.html?u=http://chilp.it/9062898&t=7199-179250 HTTP 302
    http://chilp.it/9062898 HTTP 301
    https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/?meant=cpg1bqzz012r0kp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/
Redirect Chain
  • https://pioneervalley.alum.wellesley.edu/e.html?u=http://chilp.it/9062898&t=7199-179250
  • http://chilp.it/9062898
  • https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/?meant=cpg1bqzz012r0kp
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/?meant=cpg1bqzz012r0kp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6f00:1::5c35:7203 Murino, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
00951c9d8c3a761a59909ee40b742361faeca5ccdc7d4c650a7b51c8a6e0570c

Request headers

:method
GET
:authority
serialnadivane.ru
:scheme
https
:path
/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/?meant=cpg1bqzz012r0kp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 13 May 2019 23:06:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Date
Mon, 13 May 2019 23:06:03 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1d56480f38e218c75c8a9e85039eac3c1557788763; expires=Tue, 12-May-20 23:06:03 GMT; path=/; domain=.chilp.it; HttpOnly
X-Powered-By
PHP/5.3.3
Location
https://serialnadivane.ru/2018/04/crosgdsfgdsn/news_view/classement/preflysearch/register/generic/commentblock/home_page.php/eyr/wyby/?meant=cpg1bqzz012r0kp
Server
cloudflare
CF-RAY
4d6847dd1e0f64e5-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chilp.it
pioneervalley.alum.wellesley.edu
serialnadivane.ru
207.171.2.237
2606:4700:30::681f:542a
2a03:6f00:1::5c35:7203
00951c9d8c3a761a59909ee40b742361faeca5ccdc7d4c650a7b51c8a6e0570c