x01.aidata.io - urlscan.io

Summary

This website contacted 1 IPs in 3 countries across 5 domains to perform 1 HTTP transactions. The main IP is 89.108.119.43, located in Russian Federation and belongs to AS-REG, RU. The main domain is x01.aidata.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 25th 2020. Valid for: 2 years.

This is the only time x01.aidata.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 5	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
4 4	148.251.236.115 148.251.236.115	24940 (HETZNER-AS) (HETZNER-AS)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1	1

5 148.251.237.106 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.251.236.115 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow

8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	upravel.com 9 redirects sync.upravel.com 8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com	5 KB
2	aidata.io 1 redirects x01.aidata.io	466 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	670 B
1	bluekai.com 1 redirects stags.bluekai.com	322 B
1	5

	Domain	Requested by
5	sync.upravel.com	5 redirects
4	8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com	4 redirects
2	x01.aidata.io	1 redirects
2	dmg.digitaltarget.ru	2 redirects
2	cm.g.doubleclick.net	2 redirects
1	stags.bluekai.com	1 redirects
1	6

This site contains no links.

Subject Issuer	Validity	Valid
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://x01.aidata.io/0.gif?pid=6012937&id=XlU33nBNJaors-H75ZPe&bounce=1
Frame ID: 01400BFF9D6C036B1B9D71A233DDD11E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

1
IPs

3
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	204	Primary Request 0.gif x01.aidata.io/ Redirect Chain https://sync.upravel.com/image?source=sape&id=0100007F2C5A4F5F720CB91C0253100D https://sync.upravel.com/image?source=sape&id=0100007F2C5A4F5F720CB91C0253100D&session_tpt=eyJoZWFkZXJzIjp7fX0 https://8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com/image?source=sape&id=0100007F2C5A4F5F720CB91C0253100D&ud_tpt=eyJoZWFkZXJzIjp7fX0 https://sync.upravel.com/google/sync https://8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com/google/sync?ud_tpt=eyJoZWFkZXJzIjp7fX0 https://cm.g.doubleclick.net/pixel?google_nid=mgcom&google_cm&google_hm=j_t_WjHlR-2ArQu_cUrC_g https://cm.g.doubleclick.net/pixel?google_nid=mgcom&google_cm=&google_hm=j_t_WjHlR-2ArQu_cUrC_g&google_tc= https://sync.upravel.com/image?source=google&google_gid=CAESEBJXSizb8x4Gs-z_MqlYPeI&google_cver=1 https://8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com/image?source=google&google_gid=CAESEBJXSizb8x4Gs-z_MqlYPeI&google_cver=1&ud_tpt=eyJoZWFkZXJzIjp7fX0 https://sync.upravel.com/amberdata/sync https://8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com/amberdata/sync?ud_tpt=eyJoZWFkZXJzIjp7fX0 https://dmg.digitaltarget.ru/1/6401/i/i?a=685&e=8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe&i=9566058090203936&c=up:8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.ss:685 https://dmg.digitaltarget.ru/awg/custom/6401/i/i?call_source=awg&a=685&e=8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe&i=9566058090203936&c=up:8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.ss:685 https://stags.bluekai.com/site/85777?id=XlU33nBNJaors-H75ZPe&phint=partner=amberdata&redir=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6012937%26id%3DXlU33nBNJaors-H75ZPe https://x01.aidata.io/0.gif?pid=6012937&id=XlU33nBNJaors-H75ZPe https://x01.aidata.io/0.gif?pid=6012937&id=XlU33nBNJaors-H75ZPe&bounce=1	0 0	66ms 65ms	Document text/plain	89.108.119.43 AS-REG
General Check archive.org Show headers Download Go to Full URL https://x01.aidata.io/0.gif?pid=6012937&id=XlU33nBNJaors-H75ZPe&bounce=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51370.reg.regrucolo.ru Software nginx / Resource Hash Request headers :method GET :authority x01.aidata.io :scheme https :path /0.gif?pid=6012937&id=XlU33nBNJaors-H75ZPe&bounce=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie __upin=6k3XcihPMHuLKsCSlSkfWQ; __upints=1620978197 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx date Fri, 14 May 2021 07:43:17 GMT expires Fri, 14 May 2021 07:43:16 GMT cache-control no-cache no-store, must-revalidate, post-check=0, pre-check=0 pragma no-cache last-modified Fri, 14 May 2021 07:43:16 GMT set-cookie __upin=6k3XcihPMHuLKsCSlSkfWQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1620978197;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' Redirect headers server nginx date Fri, 14 May 2021 07:43:17 GMT content-length 0 location https://x01.aidata.io/0.gif?pid=6012937&id=XlU33nBNJaors-H75ZPe&bounce=1 expires Fri, 14 May 2021 07:43:16 GMT cache-control no-cache no-store, must-revalidate, post-check=0, pre-check=0 pragma no-cache last-modified Fri, 14 May 2021 07:43:16 GMT set-cookie __upin=6k3XcihPMHuLKsCSlSkfWQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1620978197;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8ffb7f5a-31e5-47ed-80ad-0bbf714ac2fe.sync.upravel.com
cm.g.doubleclick.net
dmg.digitaltarget.ru
stags.bluekai.com
sync.upravel.com
x01.aidata.io
142.250.186.162
148.251.236.115
148.251.237.106
185.15.175.132
23.45.99.241
89.108.119.43

x01.aidata.io Open in urlscan Pro 89.108.119.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

1 IPs

3 Countries

0 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

x01.aidata.io Open in urlscan Pro
89.108.119.43 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

1
IPs

3
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions
0 data transactions