user.xdticket.com
Open in
urlscan Pro
116.62.204.102
Public Scan
Submission: On July 29 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on July 21st 2020. Valid for: a year.
This is the only time user.xdticket.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 116.62.204.102 116.62.204.102 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
7 | 2 |
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
user.xdticket.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
xdticket.com
user.xdticket.com |
15 KB |
0 |
ly.com
Failed
union.ly.com Failed |
|
0 |
40017.cn
Failed
js.40017.cn Failed |
|
7 | 3 |
Domain | Requested by | |
---|---|---|
4 | user.xdticket.com |
user.xdticket.com
|
0 | union.ly.com Failed |
user.xdticket.com
|
0 | js.40017.cn Failed |
user.xdticket.com
|
7 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ly.com |
promotion.aliyun.com |
cdn-daikuan.360jie.com.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
user.xdticket.com Encryption Everywhere DV TLS CA - G1 |
2020-07-21 - 2021-07-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://user.xdticket.com/
Frame ID: D52CDDBDD98E7437BDECA62E95182E14
Requests: 7 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: 汽车票
Search URL Search Domain Scan URL
Title: 阿里云
Search URL Search Domain Scan URL
Title: 360
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
user.xdticket.com/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.css
user.xdticket.com/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.css
user.xdticket.com/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
user.xdticket.com/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tc_mes.0.0.1.js
js.40017.cn/cn/new_ui/airplane/cooperation/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
tc_mes.0.0.1.js
js.40017.cn/cn/new_ui/airplane/cooperation/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
tc_mes.0.0.1.js
union.ly.com/tcapp/Scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- js.40017.cn
- URL
- http://js.40017.cn/cn/new_ui/airplane/cooperation/tc_mes.0.0.1.js
- Domain
- js.40017.cn
- URL
- http://js.40017.cn/cn/new_ui/airplane/cooperation/tc_mes.0.0.1.js
- Domain
- union.ly.com
- URL
- http://union.ly.com/tcapp/Scripts/tc_mes.0.0.1.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| messenger0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
js.40017.cn
union.ly.com
user.xdticket.com
js.40017.cn
union.ly.com
116.62.204.102
5195c2c0ad52ef42d1de5f7dbc7f1a9d24d0b38738f034d551c2376405d9e035
668417fc165658c12064769839b66175d14cb618dc58d26df80ef70e8d5a7f47
aaba350e30034beb414c6d76ba689801d19e223198b8c7a397e19839e11956b7
b3136a3758d89e547da1e963f0eaca835a6a07b6bd558522a2f82d124d09d470