lao19.yyxiangnienen.ltd

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 8.210.249.5, located in Central, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is lao19.yyxiangnienen.ltd.

This is the only time lao19.yyxiangnienen.ltd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.171.147.15 163.171.147.15	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	121.36.34.201 121.36.34.201	55990 (HWCSNET H...) (HWCSNET Huawei Cloud Service data center)
5	8.210.249.5 8.210.249.5	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
7	3

1 163.171.147.15 (United States)

ASN54994 (QUANTILNETWORKS, US)

i.carnoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.36.34.201 (China)

ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
PTR: ecs-121-36-34-201.compute.hwclouds-dns.com

res.variflight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.210.249.5 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

lao19.yyxiangnienen.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	yyxiangnienen.ltd lao19.yyxiangnienen.ltd	190 KB
1	variflight.com res.variflight.com	4 KB
1	carnoc.com i.carnoc.com	2 KB
7	3

	Domain	Requested by
5	lao19.yyxiangnienen.ltd	i.carnoc.com lao19.yyxiangnienen.ltd
1	res.variflight.com	i.carnoc.com
1	i.carnoc.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
*.carnoc.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.variflight.com GeoTrust RSA CA 2018	`2022-01-25` - `2023-02-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://lao19.yyxiangnienen.ltd/
Frame ID: E871CEADF42E855DD4E48E60EB6071BD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

登录入口

Page URL History Show full URLs

https://i.carnoc.com/prompt/prompt-jump/?url=http%3A%2F%2Flao19.yyxiangnienen.ltd Page URL
http://lao19.yyxiangnienen.ltd/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

29 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

197 kB
Transfer

392 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://i.carnoc.com/prompt/prompt-jump/?url=http%3A%2F%2Flao19.yyxiangnienen.ltd Page URL
http://lao19.yyxiangnienen.ltd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response i.carnoc.com/prompt/prompt-jump/	5 KB 2 KB	1314ms 376ms	Document text/html	163.171.147.15 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Full URL https://i.carnoc.com/prompt/prompt-jump/?url=http%3A%2F%2Flao19.yyxiangnienen.ltd Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 163.171.147.15 , United States, ASN54994 (QUANTILNETWORKS, US), Reverse DNS Software nginx / Resource Hash `d26b31e3d42f12d01d4edb19e54dd7c226d34a060bfc5e439d28b60345254e53` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 1650 Content-Type text/html; charset=utf-8 Date Fri, 09 Sep 2022 07:43:45 GMT ETag "12f9-5d27669d4a718-gzip" Last-Modified Mon, 06 Dec 2021 08:55:07 GMT Server nginx X-Via 1.1 PSxgHK5bd29:0 (Cdn Cache Server V2.0), 1.1 ml64:8 (Cdn Cache Server V2.0), 1.1 PS-VIE-01Lw182:7 (Cdn Cache Server V2.0) X-Ws-Request-Id 631aeeb1_PS-VIE-01Lw182_23592-49766
GET H/1.1	200 OK	logo_header.png res.variflight.com/carnoc/zt/hubairports/img/	4 KB 4 KB	1396ms 288ms	Image image/png	121.36.34.201 HWCSNET Huawei Cl...
General Check archive.org Show headers Download Go to Show image Full URL https://res.variflight.com/carnoc/zt/hubairports/img/logo_header.png Requested by Host: i.carnoc.com URL: https://i.carnoc.com/prompt/prompt-jump/?url=http%3A%2F%2Flao19.yyxiangnienen.ltd Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 121.36.34.201 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN), Reverse DNS ecs-121-36-34-201.compute.hwclouds-dns.com Software nginx / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://i.carnoc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Fri, 09 Sep 2022 07:43:47 GMT Last-Modified Thu, 02 Jul 2020 01:48:25 GMT Server nginx ETag "107e-5a96b9aaa4c40" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 4222 Expires Fri, 09 Sep 2022 08:43:47 GMT
GET H/1.1	200 OK	Primary Request / Show response lao19.yyxiangnienen.ltd/	14 KB 5 KB	854ms 268ms	Document text/html	8.210.249.5 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://lao19.yyxiangnienen.ltd/ Requested by Host: i.carnoc.com URL: https://i.carnoc.com/prompt/prompt-jump/?url=http%3A%2F%2Flao19.yyxiangnienen.ltd Protocol HTTP/1.1 Server 8.210.249.5 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c705fb1eba0d7e663e398b5ca8ea94ccf3beb39b16e6035f336dfce01fa7ca8a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 4924 Content-Type text/html; charset=utf-8 Date Fri, 09 Sep 2022 07:43:48 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET
GET H/1.1	200 OK	jquery-3.4.1.js Show response lao19.yyxiangnienen.ltd/Content/	274 KB 108 KB	281ms 281ms	Script application/javascript	8.210.249.5 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://lao19.yyxiangnienen.ltd/Content/jquery-3.4.1.js Requested by Host: lao19.yyxiangnienen.ltd URL: http://lao19.yyxiangnienen.ltd/ Protocol HTTP/1.1 Server 8.210.249.5 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lao19.yyxiangnienen.ltd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Fri, 09 Sep 2022 07:43:48 GMT Content-Encoding gzip ETag "ad8fa0dd5f7d71:0" Last-Modified Thu, 23 Dec 2021 08:14:05 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Accept-Ranges bytes
GET H/1.1	200 OK	login1.css lao19.yyxiangnienen.ltd/Content/css/	57 KB 38 KB	284ms 283ms	Stylesheet text/css	8.210.249.5 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://lao19.yyxiangnienen.ltd/Content/css/login1.css Requested by Host: lao19.yyxiangnienen.ltd URL: http://lao19.yyxiangnienen.ltd/ Protocol HTTP/1.1 Server 8.210.249.5 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c06e9a6e71cdc18f5b8463d249b14d38c203e05d88d748bc386cef4cf433d8ce` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lao19.yyxiangnienen.ltd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Fri, 09 Sep 2022 07:43:48 GMT Content-Encoding gzip Last-Modified Wed, 22 Dec 2021 12:44:12 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "882a69f31f7d71:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 38673
GET H/1.1	200 OK	exmail_logo_1473e91.png lao19.yyxiangnienen.ltd/Content/images/	8 KB 8 KB	266ms 266ms	Image image/png	8.210.249.5 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://lao19.yyxiangnienen.ltd/Content/images/exmail_logo_1473e91.png Requested by Host: lao19.yyxiangnienen.ltd URL: http://lao19.yyxiangnienen.ltd/ Protocol HTTP/1.1 Server 8.210.249.5 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `4a6713994e049050918e714b0a3e06496b1dba8d8330209d029ed0082bef9eb9` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lao19.yyxiangnienen.ltd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Fri, 09 Sep 2022 07:43:49 GMT Last-Modified Wed, 22 Dec 2021 12:54:17 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "63b9c4733f7d71:0" Content-Type image/png Accept-Ranges bytes Content-Length 7900
GET H/1.1	200 OK	new_login_background_1475f40.jpg lao19.yyxiangnienen.ltd/Content/images/	31 KB 31 KB	277ms 276ms	Image image/jpeg	8.210.249.5 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://lao19.yyxiangnienen.ltd/Content/images/new_login_background_1475f40.jpg Requested by Host: lao19.yyxiangnienen.ltd URL: http://lao19.yyxiangnienen.ltd/Content/css/login1.css Protocol HTTP/1.1 Server 8.210.249.5 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `f0d1bace273f73c41fa28c8596e4cb77ea1d92262d582e3eb338ae80aab38478` Request headers accept-language nl-NL,nl;q=0.9 Referer http://lao19.yyxiangnienen.ltd/Content/css/login1.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Fri, 09 Sep 2022 07:43:49 GMT Last-Modified Wed, 22 Dec 2021 11:41:06 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "2b8a79ce28f7d71:0" Content-Type image/jpeg Accept-Ranges bytes Content-Length 31658

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lao19.yyxiangnienen.ltd/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: pv2yiepqb2o22hlvxbszwnuz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.carnoc.com
lao19.yyxiangnienen.ltd
res.variflight.com
121.36.34.201
163.171.147.15
8.210.249.5
4a6713994e049050918e714b0a3e06496b1dba8d8330209d029ed0082bef9eb9
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
c06e9a6e71cdc18f5b8463d249b14d38c203e05d88d748bc386cef4cf433d8ce
c705fb1eba0d7e663e398b5ca8ea94ccf3beb39b16e6035f336dfce01fa7ca8a
d26b31e3d42f12d01d4edb19e54dd7c226d34a060bfc5e439d28b60345254e53
f0d1bace273f73c41fa28c8596e4cb77ea1d92262d582e3eb338ae80aab38478

lao19.yyxiangnienen.ltd Open in urlscan Pro 8.210.249.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

29 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

197 kBTransfer

392 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Indicators

lao19.yyxiangnienen.ltd Open in urlscan Pro
8.210.249.5 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

29 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

197 kB
Transfer

392 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions