origin-hr.com - urlscan.io

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 23.244.133.70, located in Los Angeles, United States and belongs to ENZUINC-, US. The main domain is origin-hr.com.

This is the only time origin-hr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	23.244.133.70 23.244.133.70	18978 (ENZUINC-) (ENZUINC-)
1	23.88.165.125 23.88.165.125	18978 (ENZUINC-) (ENZUINC-)
1	122.228.91.87 122.228.91.87	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	23.88.165.126 23.88.165.126	18978 (ENZUINC-) (ENZUINC-)
7	5

3 23.244.133.70 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)

origin-hr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.165.125 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)

23.88.165.125	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.165.126 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)

23.88.165.126	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	origin-hr.com origin-hr.com	10 KB
2	51.la js.users.51.la ia.51.la	4 KB
7	2

	Domain	Requested by
3	origin-hr.com	origin-hr.com
1	ia.51.la	origin-hr.com
1	js.users.51.la	23.88.165.125
7	3

This site contains links to these domains. Also see Links.

Domain
www.51.la

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://origin-hr.com/sitemap.html
Frame ID: 5D73948447AABF2EF39DE7FEAFF755C5
Requests: 6 HTTP requests in this frame

Frame: http://23.88.165.126:136/index01.htm
Frame ID: 82F992F7301CE0C2BCF7EC58C4141985
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

5
IPs

2
Countries

14 kB
Transfer

15 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.51.la/?comId=20677459
Title: 51La

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sitemap.html Show response origin-hr.com/	8 KB 8 KB	1475ms 924ms	Document text/html	23.244.133.70 ENZUINC-
General Check archive.org Show headers Download Go to Full URL http://origin-hr.com/sitemap.html Protocol HTTP/1.1 Server 23.244.133.70 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software Microsoft-IIS/7.5 / PHP/5.2.17 ASP.NET Resource Hash `96370b0cecc8a008e09a5ea352ab2d8488ad8342339ec0e29564873b3699340a` Request headers Host origin-hr.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html Server Microsoft-IIS/7.5 X-Powered-By PHP/5.2.17 ASP.NET Date Thu, 19 Nov 2020 02:10:17 GMT Connection close
GET H/1.1	200 OK	mapcss.css origin-hr.com/style/css/	1 KB 1 KB	320ms 306ms	Stylesheet text/css	23.244.133.70 ENZUINC-
General Check archive.org Show headers Download Go to Full URL http://origin-hr.com/style/css/mapcss.css Requested by Host: origin-hr.com URL: http://origin-hr.com/sitemap.html Protocol HTTP/1.1 Server 23.244.133.70 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `18922491f35cd5a05d7f4c418f0099e0c136de299b497cc2848d4fde6f8ae0f2` Request headers Referer http://origin-hr.com/sitemap.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 02:10:17 GMT Last-Modified Fri, 06 Mar 2020 08:20:40 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "b891671f90f3d51:0" Content-Type text/css Accept-Ranges bytes Content-Length 1135
GET H/1.1	200 OK	js.js Show response origin-hr.com/images/	100 B 307 B	322ms 308ms	Script application/x-javascript	23.244.133.70 ENZUINC-
General Check archive.org Show headers Download Go to Full URL http://origin-hr.com/images/js.js Requested by Host: origin-hr.com URL: http://origin-hr.com/sitemap.html Protocol HTTP/1.1 Server 23.244.133.70 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software Microsoft-IIS/7.5 / PHP/5.2.17, ASP.NET Resource Hash `7602a50dc9290706eaf66e08a24c0906da669e00fd822f5ef2bc214cb746b871` Request headers Referer http://origin-hr.com/sitemap.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 02:10:17 GMT Server Microsoft-IIS/7.5 Connection close X-Powered-By PHP/5.2.17, ASP.NET Content-Type application/x-javascript; charset=gb2312
GET H/1.1	200 OK	js.js Show response 23.88.165.125/	313 B 575 B	322ms 308ms	Script application/x-javascript	23.88.165.125 ENZUINC-
General Check archive.org Show headers Download Go to Full URL http://23.88.165.125/js.js Requested by Host: origin-hr.com URL: http://origin-hr.com/images/js.js Protocol HTTP/1.1 Server 23.88.165.125 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `64bfd8c43a5d7bbb7c53e013bb94700fe22c284bff2a62d526958c0b0ef74992` Request headers Referer http://origin-hr.com/sitemap.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 19 Nov 2020 02:10:18 GMT Last-Modified Sat, 07 Mar 2020 08:09:12 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "e97da2af57f4d51:0" Content-Type application/x-javascript Accept-Ranges bytes Content-Length 313
GET H/1.1	200 OK	20677459.js Show response js.users.51.la/	5 KB 3 KB	1211ms 1195ms	Script application/javascript	122.228.91.87 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL http://js.users.51.la/20677459.js Requested by Host: 23.88.165.125 URL: http://23.88.165.125/js.js Protocol HTTP/1.1 Server 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software nginx/1.14.0 / Resource Hash `6575c9b0b579827b40d7df69b51ae8716e2f1252ba037babc069927da958d036` Request headers Referer http://origin-hr.com/sitemap.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-id 20677459 Date Thu, 19 Nov 2020 02:10:12 GMT Content-Encoding gzip X-Ws-Request-Id 5fb5d404_ianxin170_36547-39311 Age 48335 Transfer-Encoding chunked X-Via 1.1 zhshx11:3 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSzjjxdx9ck95:9 (Cdn Cache Server V2.0)[45 200 2], 1.1 zhdx119:8 (Cdn Cache Server V2.0)[0 200 0] Content-Disposition inline;filename=f.txt Connection keep-alive Request-Id 000001754BBD7FEB9054FB6B515EB2FE x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSKxcjnVL10lWXQSAYHzEC2f2mmyvuaZ Last-Modified Sat Mar 07 12:18:48 CST 2020 Server nginx/1.14.0 ETag "b81399ba23429a8dfed898d58c817602" Vary Accept-Encoding Content-Type application/javascript;charset=UTF-8 version-id G0011170B3379131FFFF901790210D1D
GET H/1.1	200	go1 ia.51.la/	0 255 B	553ms 536ms	Image application/octet-stream	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=20677459&rt=1605751813046&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1605751813046&tt=ooXX%25E7%2594%25B5%25E5%25BD%25B1%2520-%2520%25E7%25BD%2591%25E7%25AB%2599%25E5%259C%25B0%25E5%259B%25BE&kw=&cu=http%253A%252F%252Forigin-hr.com%252Fsitemap.html&pu= Requested by* Host: origin-hr.com URL: http://origin-hr.com/sitemap.html Protocol HTTP/1.1 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://origin-hr.com/sitemap.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 02:10:13 GMT Server CloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H/1.1	200 OK	index01.htm 23.88.165.126/ Frame 82F9	0 0	320ms 160ms	Document text/html	23.88.165.126 ENZUINC-
General Check archive.org Show headers Download Go to Full URL http://23.88.165.126:136/index01.htm Requested by Host: origin-hr.com URL: http://origin-hr.com/sitemap.html Protocol HTTP/1.1 Server 23.88.165.126 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash Request headers Host 23.88.165.126:136 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://origin-hr.com/sitemap.html Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://origin-hr.com/sitemap.html Response headers Content-Type text/html Last-Modified Wed, 11 Nov 2020 06:05:10 GMT Accept-Ranges bytes ETag "69328b9cf0b7d61:0" Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Date Thu, 19 Nov 2020 02:10:19 GMT Content-Length 2045

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
origin-hr.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
origin-hr.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
origin-hr.com/	1969-12-31 23:59:59	Name: __tins__20677459 Value: %7B%22sid%22%3A%201605751813046%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201605753613046%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
origin-hr.com
122.228.91.87
183.131.207.66
23.244.133.70
23.88.165.125
23.88.165.126
18922491f35cd5a05d7f4c418f0099e0c136de299b497cc2848d4fde6f8ae0f2
64bfd8c43a5d7bbb7c53e013bb94700fe22c284bff2a62d526958c0b0ef74992
6575c9b0b579827b40d7df69b51ae8716e2f1252ba037babc069927da958d036
7602a50dc9290706eaf66e08a24c0906da669e00fd822f5ef2bc214cb746b871
96370b0cecc8a008e09a5ea352ab2d8488ad8342339ec0e29564873b3699340a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

origin-hr.com Open in urlscan Pro 23.244.133.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

5 IPs

2 Countries

14 kBTransfer

15 kBSize

3 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

origin-hr.com Open in urlscan Pro
23.244.133.70 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

5
IPs

2
Countries

14 kB
Transfer

15 kB
Size

3
Cookies

7 HTTP transactions
0 data transactions