daniaviation.com Open in urlscan Pro
66.96.161.197  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Gmail.html Show response daniaviation.com/	82 KB 30 KB	231ms 138ms	Document text/html	66.96.161.197 The Endurance Int...
General Check archive.org Show headers Download Go to Full URL http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 66.96.161.197 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US), Reverse DNS 197.161.96.66.static.eigbox.net Software Microsoft-IIS/10.0, IIS111P / ASP.NET Resource Hash 39d4a69030e8decd594d7e9c12387bd8b19ca0f492a55c3b0b1890272eeef97e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host daniaviation.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Content-Encoding gzip ETag "a56ed37452bd11:0" Last-Modified Mon, 30 Nov 2015 07:59:25 GMT Server Microsoft-IIS/10.0, IIS111P X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/html Cache-Control private,max-age=86400 Accept-Ranges bytes Content-Length 29939 Expires Wed, 01 Jan 1997 12:00:00 GMT
GET H/1.1	404 Not Found	css.css trillanmanilla.altervista.org/http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/	0 0	3ms 1ms	Stylesheet text/html	94.130.141.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://trillanmanilla.altervista.org/http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/css.css Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 94.130.141.246 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS ns372.altervista.org Software Apache / Resource Hash Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=1, max=100 Content-Length 1734 Content-Type text/html
GET H/1.1	404 Not Found	javascript.js trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/	0 0	1ms 1ms	Script text/html	94.130.141.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/javascript.js Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 94.130.141.246 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS ns372.altervista.org Software Apache / Resource Hash Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=1, max=99 Content-Length 1734 Content-Type text/html
GET H/1.1	404 Not Found	client trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/	0 0	2ms 1ms	Script text/html	94.130.141.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/client Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 94.130.141.246 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS ns372.altervista.org Software Apache / Resource Hash Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=1, max=100 Content-Length 1734 Content-Type text/html
GET H/1.1	404 Not Found	affiliate_client.js trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/	0 0	2ms 1ms	Script text/html	94.130.141.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/affiliate_client.js Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 94.130.141.246 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS ns372.altervista.org Software Apache / Resource Hash Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=1, max=100 Content-Length 1734 Content-Type text/html
GET S	200	logo_2x.png ssl.gstatic.com/accounts/ui/	5 KB 5 KB	5ms 5ms	Image image/png	216.58.206.3 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/accounts/ui/logo_2x.png Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol SPDY Server 216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f3.1e100.net Software sffe / Resource Hash 749ecb257b4dabd6c2d346578fcbe63a96bf94c1f2366496409296167f03b7a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 12 Feb 2018 17:16:16 GMT x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 2884874 content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 5274 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 17:16:16 GMT
GET S	200	avatar_2x.png ssl.gstatic.com/accounts/ui/	626 B 690 B	6ms 5ms	Image image/png	216.58.206.3 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/accounts/ui/avatar_2x.png Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol SPDY Server 216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f3.1e100.net Software sffe / Resource Hash cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Sat, 03 Feb 2018 21:45:38 GMT x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 3646312 content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 626 x-xss-protection 1; mode=block expires Sun, 03 Feb 2019 21:45:38 GMT
GET S	200	logo_strip_2x.png ssl.gstatic.com/accounts/ui/	10 KB 10 KB	11ms 10ms	Image image/png	216.58.206.3 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/accounts/ui/logo_strip_2x.png Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol SPDY Server 216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f3.1e100.net Software sffe / Resource Hash b2d3305551055e5d28aea38f218ee6ff6006afb8c80cc4f206a206bcb758df7c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Feb 2018 11:32:54 GMT x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 1955076 content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 10297 x-xss-protection 1; mode=block expires Sat, 23 Feb 2019 11:32:54 GMT
GET S	200	universal_language_settings-21.png ssl.gstatic.com/images/icons/ui/common/	199 B 291 B	7ms 6ms	Image image/png	216.58.206.3 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol SPDY Server 216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f3.1e100.net Software sffe / Resource Hash 59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 12 Feb 2018 16:24:57 GMT x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 2887953 content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 199 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 16:24:57 GMT
GET H/1.1	404 Not Found	affiliate_client.js trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/	0 0	1ms 1ms	Script text/html	94.130.141.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/affiliate_client.js Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 94.130.141.246 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS ns372.altervista.org Software Apache / Resource Hash Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=1, max=99 Content-Length 1734 Content-Type text/html
GET H/1.1	200 OK	checkmark.png ssl.gstatic.com/ui/v1/menu/	239 B 598 B	6ms 6ms	Image image/png	216.58.206.3 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL http://ssl.gstatic.com/ui/v1/menu/checkmark.png Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 216.58.206.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f3.1e100.net Software sffe / Resource Hash 2210e36b5b21e54cd4dc2ccdcc06138db8598d704ebf19052e5caa84edb4a675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 23 Feb 2018 11:22:43 GMT X-Content-Type-Options nosniff Last-Modified Thu, 21 Apr 2016 03:17:22 GMT Server sffe Age 1955687 Vary Origin Content-Type image/png Cache-Control public, max-age=31536000 Accept-Ranges bytes Content-Length 239 X-XSS-Protection 1; mode=block Expires Sat, 23 Feb 2019 11:22:43 GMT
GET H/1.1	404 Not Found	opt_content.js trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/	0 0	1ms 1ms	Script text/html	94.130.141.246 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://trillanmanilla.altervista.org/Sign%20in%20-%20Google%20Accounts_files/opt_content.js Requested by Host: daniaviation.com URL: http://daniaviation.com/Gmail.html Protocol HTTP/1.1 Server 94.130.141.246 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS ns372.altervista.org Software Apache / Resource Hash Request headers Referer http://daniaviation.com/Gmail.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 18 Mar 2018 02:37:30 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=1, max=98 Content-Length 1734 Content-Type text/html

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gaia_attachEvent object| G function| Gb function| Ga object| Gc function| Gd function| Ge function| Gf function| Gg function| Gh function| Gj function| Gi object| Gk object| Gl function| Gm function| Gn object| Go string| Gp object| Gq object| Gr object| Gs function| Gt function| Gu function| Gv function| Gw function| G_checkConnectionMain function| G_setPostMessageSupportFlag object| __CHECK_CONNECTION_CONFIG function| gaia_parseFragment function| gaia_prefillEmail function| gaia_setFocus function| gaia_scrollToElement function| gaia_onLoginSubmit

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.youtube.com/accounts	1970-01-18 14:35:40	Name: CheckConnectionTempCookie259 Value: 120814

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

daniaviation.com
ssl.gstatic.com
trillanmanilla.altervista.org
216.58.206.3
66.96.161.197
94.130.141.246
2210e36b5b21e54cd4dc2ccdcc06138db8598d704ebf19052e5caa84edb4a675
39d4a69030e8decd594d7e9c12387bd8b19ca0f492a55c3b0b1890272eeef97e
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
749ecb257b4dabd6c2d346578fcbe63a96bf94c1f2366496409296167f03b7a7
b2d3305551055e5d28aea38f218ee6ff6006afb8c80cc4f206a206bcb758df7c
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0