aidavanna.ru Open in urlscan Pro
5.9.143.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aidavanna.ru/js/action.html
Submission: On November 30 via manual (November 30th 2016, 8:14:46 pm UTC) from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 5.9.143.172, located in Germany and belongs to HETZNER-AS , DE. The main domain is aidavanna.ru.

This is the only time aidavanna.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.9.143.172 5.9.143.172	24940 (HETZNER-AS ) (HETZNER-AS )
4	2a00:1288:f00... 2a00:1288:f00e:1fc::c:1101	10310 (YAHOO-1) (YAHOO-1 - Yahoo!)
1	95.101.249.7 95.101.249.7	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
9	4

1 5.9.143.172 (Germany)

ASN24940 (HETZNER-AS , DE)
PTR: static.172.143.9.5.clients.your-server.de

aidavanna.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:f00e:1fc::c:1101 (United Kingdom)

ASN10310 (YAHOO-1 - Yahoo!, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.249.7 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-249-7.deploy.akamaitechnologies.com

www.marketingcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	yimg.com s.yimg.com s1.yimg.com Failed	77 KB
1	marketingcloud.com www.marketingcloud.com	67 KB
1	aidavanna.ru aidavanna.ru	15 KB
0	yahoo.com Failed mg.mail.yahoo.com Failed
9	4

	Domain	Requested by
4	s.yimg.com	aidavanna.ru
1	www.marketingcloud.com	aidavanna.ru
1	aidavanna.ru
0	mg.mail.yahoo.com Failed	aidavanna.ru
0	s1.yimg.com Failed	aidavanna.ru
9	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://aidavanna.ru/js/action.html
Frame ID: 19851.1
Requests: 9 HTTP requests in this frame

Frame: https://mg.mail.yahoo.com/mailfe/resources?o=iframe&src=login
Frame ID: 19851.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

9
Requests

56 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

159 kB
Transfer

358 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 6

http://www.marketingcloud.com/blog/wp-content/uploads/2014/06/capture92.jpg
https://www.marketingcloud.com/blog/wp-content/uploads/2014/06/capture92.jpg

9 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request action.html Show response aidavanna.ru/js/	44 KB 15 KB	56ms 2ms	Document text/html	5.9.143.172 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://aidavanna.ru/js/action.html Protocol HTTP/1.1 Server 5.9.143.172 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS static.172.143.9.5.clients.your-server.de Software nginx/1.2.1 / Resource Hash `8b21629f443562199f39bfc544f3607fba27fe82746787263d7f94b3775d918b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Language en-US,en;q=0.8 Accept-Encoding gzip, deflate, sdch Pragma no-cache Host aidavanna.ru Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Response headers Expires Thu, 31 Dec 2037 23:55:55 GMT Date Wed, 30 Nov 2016 20:14:38 GMT Cache-Control max-age=315360000 Connection keep-alive Last-Modified Fri, 25 Nov 2016 04:48:01 GMT Content-Encoding gzip Content-Type text/html Transfer-Encoding chunked Server nginx/1.2.1
GET H2	200	combo s.yimg.com/zz/	95 KB 29 KB	36ms 11ms	Stylesheet text/css	2a00:1288:f00e:1fc::c:1101 Yahoo!
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/zz/combo?/sf/assets/mbrlogin/css/pure-0.3.0-min.css&/sf/assets/mbrlogin/css/12/mbr-min.css&/sf/assets/mbrlogin/css/3/sprite-min.css&/sf/assets/mbrlogin/css/17/mbr-desktop-min.css&/sf/assets/mbrlogin/css/desktop/header/2/header-min.css&/sf/assets/mbrlogin/css/desktop/contents/1/contents-min.css&/sf/assets/mbrlogin/css/desktop/login/1/flags-min.css&/sf/assets/mbrlogin/css/desktop/login/52/login-min.css&/sf/assets/mbrlogin/css/desktop/footer/6/footer-min.css&/sf/assets/mbrlogin/css/mobile/deviceswitcher/2/deviceswitcher-min.css&/sf/assets/mbrlogin/css/desktop/lad/1/lad-min.css&kx/yucs/uh3s/atomic/63/css/atomic-min.css&kx/yucs/uh_common/meta/3/css/meta-min.css&kx/yucs/uh3s/uh/394/css/uh-center-aligned-min.css Requested by Host: aidavanna.ru URL: http://aidavanna.ru/js/action.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:f00e:1fc::c:1101 , United Kingdom, ASN10310 (YAHOO-1 - Yahoo!, US), Reverse DNS Software ATS / Resource Hash `4a804cd9dc024798fd0b5368695f2471e6fa1a090f9b8b527349a66c931cb691` Request headers referer http://aidavanna.ru/js/action.html accept-language en-US,en;q=0.8 :method GET user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 cache-control no-cache :authority s.yimg.com :scheme https accept-encoding gzip, deflate, sdch, br pragma no-cache :path /zz/combo?/sf/assets/mbrlogin/css/pure-0.3.0-min.css&/sf/assets/mbrlogin/css/12/mbr-min.css&/sf/assets/mbrlogin/css/3/sprite-min.css&/sf/assets/mbrlogin/css/17/mbr-desktop-min.css&/sf/assets/mbrlogin/css/desktop/header/2/header-min.css&/sf/assets/mbrlogin/css/desktop/contents/1/contents-min.css&/sf/assets/mbrlogin/css/desktop/login/1/flags-min.css&/sf/assets/mbrlogin/css/desktop/login/52/login-min.css&/sf/assets/mbrlogin/css/desktop/footer/6/footer-min.css&/sf/assets/mbrlogin/css/mobile/deviceswitcher/2/deviceswitcher-min.css&/sf/assets/mbrlogin/css/desktop/lad/1/lad-min.css&kx/yucs/uh3s/atomic/63/css/atomic-min.css&kx/yucs/uh_common/meta/3/css/meta-min.css&kx/yucs/uh3s/uh/394/css/uh-center-aligned-min.css accept text/css,/;q=0.1 Referer http://aidavanna.ru/js/action.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Response headers date Sat, 25 Jun 2016 21:11:33 GMT last-modified Sat, 25 Jun 2016 21:11:33 GMT status 200 age 13647785 vary Accept-Encoding expires Thu, 02 Mar 2017 15:50:26 GMT cache-control max-age=31536000, public content-encoding gzip server ATS content-length 29498 via http/1.0 c4.ycs.bf1.yahoo.com (ApacheTrafficServer [cRs f ]), https/1.1 l2.ycs.ams.yahoo.com (ApacheTrafficServer [cRs f ]) content-type text/css
GET H2	200	combo s.yimg.com/zz/	95 KB 19 KB	56ms 32ms	Stylesheet text/css	2a00:1288:f00e:1fc::c:1101 Yahoo!
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/zz/combo?os/stencil/3.0.1/desktop/styles-ltr.css Requested by Host: aidavanna.ru URL: http://aidavanna.ru/js/action.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:f00e:1fc::c:1101 , United Kingdom, ASN10310 (YAHOO-1 - Yahoo!, US), Reverse DNS Software ATS / Resource Hash `86527ec354b48ba17a5294dd3ec4825d98a43c3d65e4fb17c964c61a6e0f36c4` Request headers accept-encoding gzip, deflate, sdch, br :path /zz/combo?os/stencil/3.0.1/desktop/styles-ltr.css user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 accept text/css,/;q=0.1 accept-language en-US,en;q=0.8 :authority s.yimg.com referer http://aidavanna.ru/js/action.html :method GET cache-control no-cache :scheme https pragma no-cache Referer http://aidavanna.ru/js/action.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Response headers content-type text/css status 200 cache-control max-age=536112000, public content-length 19336 last-modified Wed, 05 Oct 2016 10:40:53 GMT age 4872826 vary Accept-Encoding server ATS via http/1.0 c3.ycs.bf1.yahoo.com (ApacheTrafficServer [cRs f ]), https/1.1 l2.ycs.ams.yahoo.com (ApacheTrafficServer [cRs f ]) content-encoding gzip expires Mon, 01 Aug 2033 09:50:27 GMT date Wed, 05 Oct 2016 10:40:53 GMT
GET		yahoo_en-US_f_p_bestfit_2x.png s1.yimg.com/rz/d/	0 0

GET H2	200	g-r-min.js s.yimg.com/rq/darla/2-8-9/js/	54 KB 25 KB	13ms 13ms	Script application/x-javascript	2a00:1288:f00e:1fc::c:1101 Yahoo!
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/rq/darla/2-8-9/js/g-r-min.js Requested by Host: aidavanna.ru URL: http://aidavanna.ru/js/action.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:f00e:1fc::c:1101 , United Kingdom, ASN10310 (YAHOO-1 - Yahoo!, US), Reverse DNS Software ATS / Resource Hash Request headers user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 :method GET :path /rq/darla/2-8-9/js/g-r-min.js cache-control no-cache :authority s.yimg.com accept-language en-US,en;q=0.8 referer http://aidavanna.ru/js/action.html accept-encoding gzip, deflate, sdch, br pragma no-cache accept / :scheme https Referer http://aidavanna.ru/js/action.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Response headers status 200 content-length 67536 via HTTP/1.1 web1.use26.mobstor.bf1.yahoo.com UserFiberFramework/1.0, https/1.1 l2.ycs.ams.yahoo.com (ApacheTrafficServer [cRs f ]) x-ysws-request-id 8eebf828-917d-4245-aa47-70f126850b2c content-type application/x-javascript; charset=utf-8 content-encoding gzip x-ysws-visited-replicas gops.use26.mobstor.vip.bf1.yahoo.com vary Accept-Encoding expires Thu, 01 Dec 2016 12:17:03 GMT server ATS last-modified Wed, 02 Sep 2015 23:07:34 GMT age 28655 accept-ranges bytes cache-control public,max-age=86400 etag "YM:1:3d8e1637-5541-4dde-bbe1-03565f7d43a500051ecbbb619123" date Wed, 30 Nov 2016 12:17:03 GMT
GET		combo s.yimg.com/zz/	0 0

GET		resources mg.mail.yahoo.com/mailfe/ Frame 1985	0 0

GET H2	200	capture92.jpg www.marketingcloud.com/blog/wp-content/uploads/2014/06/ Redirect Chain http://www.marketingcloud.com/blog/wp-content/uploads/2014/06/capture92.jpg https://www.marketingcloud.com/blog/wp-content/uploads/2014/06/capture92.jpg	66 KB 67 KB	66ms 32ms	Image image/jpeg	95.101.249.7 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.marketingcloud.com/blog/wp-content/uploads/2014/06/capture92.jpg Requested by Host: aidavanna.ru URL: http://aidavanna.ru/js/action.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.249.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-101-249-7.deploy.akamaitechnologies.com Software nginx / Resource Hash `afab528ae06bea603cf4f9e3b9afd6d8267afbbf1da3e30fc9f3dc3ab9be67b9` Request headers accept-language en-US,en;q=0.8 :scheme https accept-encoding gzip, deflate, sdch, br :path /blog/wp-content/uploads/2014/06/capture92.jpg :authority www.marketingcloud.com accept image/webp,image/,/;q=0.8 user-agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 referer http://aidavanna.ru/js/action.html :method GET cache-control no-cache pragma no-cache Referer http://aidavanna.ru/js/action.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Response headers x-pantheon-styx-hostname styx112b8753 accept-ranges bytes content-length 67687 status 200 expires Wed, 23 Nov 2016 17:45:47 GMT server nginx x-styx-req-id styx-5224a805eae2fd4ae0468af4578e8ee8 surrogate-key-raw cache-control max-age=604800 xkey /KJzYGyginR0PqmRC+mz m0/11Rpk66R8eFef27T2 x-styx-version StyxGo surrogate-key /KJzYGyginR0PqmRC+mz m0/11Rpk66R8eFef27T2 last-modified Fri, 25 Sep 2015 21:10:05 GMT content-type image/jpeg x-varnish 385949488 date Wed, 30 Nov 2016 20:14:39 GMT x-pantheon-endpoint eab0f74d-8f42-49ff-963f-868bd7e342bf etag "5605b82d-10867" Redirect headers Content-Length 0 Location https://www.marketingcloud.com/blog/wp-content/uploads/2014/06/capture92.jpg Date Wed, 30 Nov 2016 20:14:39 GMT Server AkamaiGHost Connection keep-alive
GET H2	200	yahoo_mail_en-US_s_f_pw_351x40_mail.png s.yimg.com/rz/d/	3 KB 4 KB	35ms 11ms	Image image/png	2a00:1288:f00e:1fc::c:1101 Yahoo!
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/rz/d/yahoo_mail_en-US_s_f_pw_351x40_mail.png Requested by Host: aidavanna.ru URL: http://aidavanna.ru/js/action.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:f00e:1fc::c:1101 , United Kingdom, ASN10310 (YAHOO-1 - Yahoo!, US), Reverse DNS Software ATS / Resource Hash `f2d2954c92bde1ca42361ce83e1d02f929f1463f4f9d1b11d4e5c430c9aff8b4` Request headers accept-encoding gzip, deflate, sdch, br pragma no-cache :method GET :scheme https accept image/webp,image/,/;q=0.8 :authority* s.yimg.com user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 cache-control no-cache accept-language en-US,en;q=0.8 :path /rz/d/yahoo_mail_en-US_s_f_pw_351x40_mail.png referer http://aidavanna.ru/js/action.html Referer http://aidavanna.ru/js/action.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36 Response headers accept-ranges bytes via HTTP/1.1 web14.use26.mobstor.bf1.yahoo.com UserFiberFramework/1.0, https/1.1 l9.ycs.ams.yahoo.com (ApacheTrafficServer [cRs f ]) age 72241 expires Thu, 01 Dec 2016 00:12:20 GMT x-ysws-request-id cfb8f8cb-30ab-4fe1-8a0f-a9f8d83c2b98 last-modified Tue, 29 Nov 2016 22:01:20 GMT etag "YM:1:27fb15d1-5b80-407f-b546-9e236c181e0800054277ba721778" content-type image/png server ATS date Wed, 30 Nov 2016 00:10:37 GMT x-ysws-visited-replicas gops.use26.mobstor.vip.bf1.yahoo.com content-length 3273 status 200 cache-control private
GET DATA	200 OK	truncated /	390 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `901d8fc97a6042616f425eb4c074ee3495cda7124a2a313c92a4f62eb7c0e03f` Request headers Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s1.yimg.com
URL: https://s1.yimg.com/rz/d/yahoo_en-US_f_p_bestfit_2x.png

Domain: s.yimg.com
URL: https://s.yimg.com/zz/combo?/sf/assets/mbrlogin/js/3/login-yui-3.18.1-combined-min.js&/ss/rapid-3.19.js&/sf/assets/mbrlogin/js/2/mbr-min.js&/sf/assets/mbrlogin/js/5/cache-min.js&/sf/assets/mbrlogin/js/10/useractivity-min.js&/sf/assets/mbrlogin/js/5/fieldmon-min.js&/sf/assets/mbrlogin/js/1/mbr-desktop-min.js&/sf/assets/mbrlogin/js/desktop/login/49/login-min.js&/sf/assets/mbrlogin/js/mobile/deviceswitcher/1/deviceswitcher-min.js&/sf/assets/mbrlogin/js/common/comscore/1/comscore-min.js&/sf/assets/mbrlogin/js/desktop/lad/10/lad-min.js&kx/yucs/uh3s/uh/414/js/uh-min.js&kx/yucs/uh3s/uh/379/js/escregex-min.js&kx/yucs/uh3s/uh/376/js/persistence-min.js&kx/yucs/uh3s/uh/401/js/menu_group_plugin-min.js&kx/yucs/uh3s/uh/399/js/menu-plugin-min.js&kx/yucs/uh3s/uh/426/js/menu_handler_v2-min.js&kx/yucs/uh3s/uh/376/js/gallery-jsonp-min.js&kx/yucs/uh3s/uh/408/js/logo_debug-min.js&kx/yucs/uh3/uh/js/958/localeDateFormat-min.js&kx/yucs/uh3s/uh/409/js/timestamp_library-min.js&kx/yucs/uh3s/uh/376/js/usermenu_v2-min.js&kx/yucs/uh3/signout-link/10/js/signout-min.js&kx/yucs/uhc/rapid/41/js/uh_rapid-min.js&kx/yucs/uhc/meta/66/js/meta-min.js

Domain: mg.mail.yahoo.com
URL: https://mg.mail.yahoo.com/mailfe/resources?o=iframe&src=login

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aidavanna.ru
mg.mail.yahoo.com
s.yimg.com
s1.yimg.com
www.marketingcloud.com
mg.mail.yahoo.com
s.yimg.com
s1.yimg.com
2a00:1288:f00e:1fc::c:1101
5.9.143.172
95.101.249.7
4a804cd9dc024798fd0b5368695f2471e6fa1a090f9b8b527349a66c931cb691
86527ec354b48ba17a5294dd3ec4825d98a43c3d65e4fb17c964c61a6e0f36c4
8b21629f443562199f39bfc544f3607fba27fe82746787263d7f94b3775d918b
901d8fc97a6042616f425eb4c074ee3495cda7124a2a313c92a4f62eb7c0e03f
afab528ae06bea603cf4f9e3b9afd6d8267afbbf1da3e30fc9f3dc3ab9be67b9
f2d2954c92bde1ca42361ce83e1d02f929f1463f4f9d1b11d4e5c430c9aff8b4

aidavanna.ru Open in urlscan Pro 5.9.143.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

9 Requests

56 %HTTPS

33 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

159 kBTransfer

358 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

aidavanna.ru Open in urlscan Pro
5.9.143.172 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

56 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

159 kB
Transfer

358 kB
Size

0
Cookies

9 HTTP transactions
1 data transactions