app.variflight.com Open in urlscan Pro
163.171.132.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://121.42.185.125/
Effective URL:
https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Submission: On November 16 via api (November 16th 2020, 10:52:56 pm UTC) from CN

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 16 HTTP transactions. The main IP is 163.171.132.119, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is app.variflight.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 6th 2020. Valid for: 2 years.

This is the only time app.variflight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	121.42.185.125 121.42.185.125	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1 15	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
16	3

1 121.42.185.125 (Hangzhou, China) 1 redirects

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

121.42.185.125	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 163.171.132.119 (Germany) 1 redirects

ASN54994 (QUANTILNETWORKS, US)

app.variflight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.variflight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	variflight.com 1 redirects app.variflight.com static.variflight.com	579 KB
2	baidu.com hm.baidu.com	16 KB
16	2

	Domain	Requested by
13	static.variflight.com	app.variflight.com
2	hm.baidu.com	app.variflight.com
2	app.variflight.com	1 redirects
16	3

This site contains no links.

Subject Issuer	Validity	Valid
*.variflight.com GeoTrust RSA CA 2018	`2020-02-06` - `2022-02-05`	2 years	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Frame ID: CB5EDC2E59EA2BD6A1C338AD58F95400
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://121.42.185.125/ HTTP 302
https://app.variflight.com/htmlserver/yanwuxian?channel=qdjc&mobile= HTTP 302
https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

595 kB
Transfer

893 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://121.42.185.125/ HTTP 302
https://app.variflight.com/htmlserver/yanwuxian?channel=qdjc&mobile= HTTP 302
https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
app.variflight.com/html/activity/malldelay/
Redirect Chain

http://121.42.185.125/
https://app.variflight.com/htmlserver/yanwuxian?channel=qdjc&mobile=
https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986

5 KB
2 KB

1021ms
1020ms

Document
text/html

163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0aa60b6d046cc67fd4c8bf76fef4697e4520afb6f91a455a50f49122d613f5e8

Request headers

Host: app.variflight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1641
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 13 Jun 2019 07:59:36 GMT
ETag: "1472-58b2fe9376a00-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
X-Via: 1.1 PSdgflkfFRA2sg74:2 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 5fb302b1_PSdgflkfFRA2gb7_58319-29683

Redirect headers

Date: Mon, 16 Nov 2020 22:52:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: nginx
Status: 302 Found
Location: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
X-Via: 1.1 PSdgflkfFRA2sg74:14 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 5fb302b0_PSdgflkfFRA2gb7_58319-29537

GET
H/1.1 200
OK libs.css
static.variflight.com/assets/activity/malldelay/css/ 95 KB
14 KB 1738ms
1156ms Stylesheet
text/css 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/css/libs.css?v=f7e39a
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: e166dc836b7d5aa1ba994487a6b30971ffaf9a38d4b71000e8efc92c038db738

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Nov 2018 07:36:51 GMT
Server: nginx/1.10.0
ETag: "17b75-579fa109c0ac0-gzip"
X-Ws-Request-Id: 5fb302b3_PSdgflkfFRA2gb7_58268-56152
Content-Type: text/css
Access-Control-Allow-Origin: https://app.variflight.com
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13967
X-Via: 1.1 PSdgflkfFRA1ox201:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:5 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK frame.css
static.variflight.com/assets/activity/malldelay/css/ 14 KB
3 KB 1320ms
738ms Stylesheet
text/css 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/css/frame.css?v=8ad6e5
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: abc4ccdea78bac91651ab8a13fd7c4b74c2691329d78b4ca619ced6605c2a646

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Sep 2018 07:03:13 GMT
Server: nginx/1.10.0
ETag: "3796-575cf6abcee40-gzip"
X-Ws-Request-Id: 5fb302b3_PSdgflkfFRA2gb7_58319-29915
Content-Type: text/css
Access-Control-Allow-Origin: https://app.variflight.com
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2873
X-Via: 1.1 PSdgflkfFRA1hb199:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:0 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK index.css
static.variflight.com/assets/activity/malldelay/css/ 9 KB
5 KB 1485ms
903ms Stylesheet
text/css 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/css/index.css?v=610043
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 2253c7c33ad1cab633ba195a1a9f1ed1e2978b7fd09e35b3c8ab245790d96efd

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Dec 2018 07:57:08 GMT
Server: nginx/1.10.0
ETag: "2559-57c2d9cb47d00-gzip"
X-Ws-Request-Id: 5fb302b3_PSdgflkfFRA2gb7_58140-5281
Content-Type: text/css
Access-Control-Allow-Origin: https://app.variflight.com
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4373
X-Via: 1.1 PSdgflkfFRA1ox201:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:4 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK delaytop-3fd3f5.png
static.variflight.com/assets/activity/malldelay/img/ 321 KB
321 KB 51ms
50ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.variflight.com/assets/activity/malldelay/img/delaytop-3fd3f5.png
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 3decd8857f02dbe1caeb5268f0d61a412b3b4f4f893b92d6d2c42cf4b0fd52b9

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Sep 2018 08:34:21 GMT
Server: nginx/1.10.0
Age: 1
ETag: W/"503e2-576d63497dd40"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58233-15680
Content-Type: image/png
Access-Control-Allow-Origin: https://app.variflight.com
Transfer-Encoding: chunked
X-Cache-Spec: Yes
Connection: keep-alive
X-Via: 1.1 PSxgHK5bd29:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:13 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK pic1-e59c88.png
static.variflight.com/assets/activity/malldelay/img/ 21 KB
22 KB 35ms
34ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.variflight.com/assets/activity/malldelay/img/pic1-e59c88.png
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 74a5bb02c3158534cec19b7e490706b7563be32b27c86fe13325bd908af2acf6

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Sep 2018 07:03:13 GMT
Server: nginx/1.10.0
Age: 1
ETag: W/"546f-575cf6abcee40"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58233-15700
Content-Type: image/png
Access-Control-Allow-Origin: https://app.variflight.com
Transfer-Encoding: chunked
X-Cache-Spec: Yes
Connection: keep-alive
X-Via: 1.1 PSxgHK5bd29:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:1 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK pic2-6d7426.png
static.variflight.com/assets/activity/malldelay/img/ 28 KB
29 KB 38ms
38ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.variflight.com/assets/activity/malldelay/img/pic2-6d7426.png
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: f1ae040beb18d989456ca16f00bad8b0598b02535c3bd6037f7b680461ceb401

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Sep 2018 07:03:13 GMT
Server: nginx/1.10.0
Age: 1
ETag: W/"708f-575cf6abcee40"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58140-5418
Content-Type: image/png
Access-Control-Allow-Origin: https://app.variflight.com
Transfer-Encoding: chunked
X-Cache-Spec: Yes
Connection: keep-alive
X-Via: 1.1 PSxgHK5bd29:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:9 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK pic3-b529f8.png
static.variflight.com/assets/activity/malldelay/img/ 23 KB
24 KB 35ms
34ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.variflight.com/assets/activity/malldelay/img/pic3-b529f8.png
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: a948d2dc6e635d03301261e345ec13dbba8e2a61e4c62e73482ca0d1f9f1389c

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Sep 2018 07:03:13 GMT
Server: nginx/1.10.0
Age: 1
ETag: W/"5d2a-575cf6abcee40"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58233-15706
Content-Type: image/png
Access-Control-Allow-Origin: https://app.variflight.com
Transfer-Encoding: chunked
X-Cache-Spec: Yes
Connection: keep-alive
X-Via: 1.1 PSxgHK5bd29:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:5 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK pic4-9ef206.png
static.variflight.com/assets/activity/malldelay/img/ 42 KB
43 KB 78ms
78ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.variflight.com/assets/activity/malldelay/img/pic4-9ef206.png
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 09442021a9b0530e7a90c13766577553415304bbf39e0521469fa2cf214d5dcd

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 03:11:51 GMT
Server: nginx/1.10.0
Age: 1
ETag: W/"a91c-584f6aeadcbc0"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58140-5424
Content-Type: image/png
Access-Control-Allow-Origin: https://app.variflight.com
Transfer-Encoding: chunked
X-Cache-Spec: Yes
Connection: keep-alive
X-Via: 1.1 PSxgHK5bd29:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:5 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK text-a197f4.png
static.variflight.com/assets/activity/malldelay/img/ 33 KB
33 KB 41ms
41ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.variflight.com/assets/activity/malldelay/img/text-a197f4.png
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 0998889dd6beb1b60bce98ad005884104946db74ea43cae1911498b709176db6

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Oct 2018 06:20:50 GMT
Server: nginx/1.10.0
Age: 1
ETag: W/"8440-5791bb87f9480"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58233-15713
Content-Type: image/png
Access-Control-Allow-Origin: https://app.variflight.com
Transfer-Encoding: chunked
X-Cache-Spec: Yes
Connection: keep-alive
X-Via: 1.1 PSxgHK5bd29:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:5 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK runtime.js Show response
static.variflight.com/assets/activity/malldelay/js/ 1 KB
1 KB 1358ms
778ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/js/runtime.js?v=d41d8c
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 83164306add65b43a2aed0da6925eb259d214191db86c827009922cbf88e1f5c

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Sep 2018 07:03:13 GMT
Server: nginx/1.10.0
ETag: "5a8-575cf6abcee40-gzip"
X-Ws-Request-Id: 5fb302b3_PSdgflkfFRA2gb7_58233-15552
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://app.variflight.com
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 782
X-Via: 1.1 PSdgflkfFRA1bc200:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:4 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK libs.js Show response
static.variflight.com/assets/activity/malldelay/js/ 142 KB
39 KB 1563ms
983ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/js/libs.js?v=2c4fee
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 6dcbbd779d3d38d9ac6ec000436ef522550396c22d046bb38f5ba4260def55e8

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Nov 2018 07:36:51 GMT
Server: nginx/1.10.0
ETag: "237d7-579fa109c0ac0-gzip"
X-Ws-Request-Id: 5fb302b3_PSdgflkfFRA2gb7_58285-55063
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://app.variflight.com
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39682
X-Via: 1.1 PSdgflkfFRA1bc200:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:7 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK frame.js Show response
static.variflight.com/assets/activity/malldelay/js/ 109 KB
41 KB 1623ms
1044ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/js/frame.js?v=3ae325
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 51c675b30eee47e6d9e5c15b90d07eca7aa5856a62e8bc8582bcc1a8f822ec90

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Nov 2018 07:36:51 GMT
Server: nginx/1.10.0
ETag: "1b317-579fa109c0ac0-gzip"
X-Ws-Request-Id: 5fb302b3_PSdgflkfFRA2gb7_58202-17904
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://app.variflight.com
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41171
X-Via: 1.1 PSdgflkfFRA1bc200:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:13 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK index.js Show response
static.variflight.com/assets/activity/malldelay/js/ 4 KB
2 KB 729ms
728ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.variflight.com/assets/activity/malldelay/js/index.js?v=361023
Requested by: Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx/1.10.0 /
Resource Hash: 78ae3e94b26ef0899f5a4bbc45fbe0da4078720d66f62b85f9ed14b831ad5f91

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jun 2019 07:59:36 GMT
Server: nginx/1.10.0
ETag: "e77-58b2fe9376a00-gzip"
X-Ws-Request-Id: 5fb302b4_PSdgflkfFRA2gb7_58319-30032
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://app.variflight.com
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1456
X-Via: 1.1 PSdgflkfFRA1hb199:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:0 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 41 KB
15 KB 1085ms
528ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8776b9ad9dea034aca36d4abf7d500ae

Requested by

Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

2b102f80e8b29e3f3c69cf293726a03f9ce0bf7b090511bb87c223160d65b747

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 22:52:37 GMT
Content-Encoding: gzip
Server: apache
Etag: ca81582845e4f4f503b47498ec43219b
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14922

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2285f9239eea37933e5b2c2c971db9860eac93190f822397574cf571efa23a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 576 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d083702c44cb1b86518b18a6b923637e440f03694720e16081d870d01639b259

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 390ms
390ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?kb=0&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=68082038&si=8776b9ad9dea034aca36d4abf7d500ae&su=https%3A%2F%2Fapp.variflight.com%2Fhtml%2Factivity%2Fmalldelay%2Findex.html%3Fchannel%3Dqdjc%26mobile%3D%26cacherandom%3D1539853986&v=1.2.80&lv=1&api=6_0&sn=25193&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fapp.variflight.com%2Fv4%2Fsupermall%2Fdelayactivity%3Fchannel%3Dqdjc&tt=%E8%B6%85%E7%BA%A7%E5%95%86%E6%97%85%E8%AE%A1%E5%88%92

Requested by

Host: app.variflight.com
URL: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.variflight.com/html/activity/malldelay/index.html?channel=qdjc&mobile=&cacherandom=1539853986
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Nov 2020 22:52:38 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app.variflight.com/	1969-12-31 23:59:59	Name: Hm_lpvt_8776b9ad9dea034aca36d4abf7d500ae Value: 1605567158
			.app.variflight.com/	1970-01-19 22:45:03	Name: Hm_lvt_8776b9ad9dea034aca36d4abf7d500ae Value: 1605567158

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://static.variflight.com/assets/activity/malldelay/js/frame.js?v=3ae325(Line 6) Message: Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api	info	URL: https://static.variflight.com/assets/activity/malldelay/js/frame.js?v=3ae325(Line 6) Message: You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.variflight.com
hm.baidu.com
static.variflight.com
103.235.46.191
121.42.185.125
163.171.132.119
09442021a9b0530e7a90c13766577553415304bbf39e0521469fa2cf214d5dcd
0998889dd6beb1b60bce98ad005884104946db74ea43cae1911498b709176db6
0aa60b6d046cc67fd4c8bf76fef4697e4520afb6f91a455a50f49122d613f5e8
2253c7c33ad1cab633ba195a1a9f1ed1e2978b7fd09e35b3c8ab245790d96efd
2285f9239eea37933e5b2c2c971db9860eac93190f822397574cf571efa23a46
2b102f80e8b29e3f3c69cf293726a03f9ce0bf7b090511bb87c223160d65b747
3decd8857f02dbe1caeb5268f0d61a412b3b4f4f893b92d6d2c42cf4b0fd52b9
51c675b30eee47e6d9e5c15b90d07eca7aa5856a62e8bc8582bcc1a8f822ec90
6dcbbd779d3d38d9ac6ec000436ef522550396c22d046bb38f5ba4260def55e8
74a5bb02c3158534cec19b7e490706b7563be32b27c86fe13325bd908af2acf6
78ae3e94b26ef0899f5a4bbc45fbe0da4078720d66f62b85f9ed14b831ad5f91
83164306add65b43a2aed0da6925eb259d214191db86c827009922cbf88e1f5c
a948d2dc6e635d03301261e345ec13dbba8e2a61e4c62e73482ca0d1f9f1389c
abc4ccdea78bac91651ab8a13fd7c4b74c2691329d78b4ca619ced6605c2a646
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d083702c44cb1b86518b18a6b923637e440f03694720e16081d870d01639b259
e166dc836b7d5aa1ba994487a6b30971ffaf9a38d4b71000e8efc92c038db738
f1ae040beb18d989456ca16f00bad8b0598b02535c3bd6037f7b680461ceb401

app.variflight.com Open in urlscan Pro 163.171.132.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

595 kBTransfer

893 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

app.variflight.com Open in urlscan Pro
163.171.132.119 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

595 kB
Transfer

893 kB
Size

2
Cookies

16 HTTP transactions
2 data transactions