aircaqnada.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 154.80.183.126, located in Johannesburg, South Africa and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is aircaqnada.com.

This is the only time aircaqnada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	154.80.183.126 154.80.183.126	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
2	103.235.46.191 103.235.46.191	55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
1 2	154.80.175.132 154.80.175.132	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
6	4

2 154.80.183.126 (Johannesburg, South Africa)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

aircaqnada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.80.175.132 (Johannesburg, South Africa) 1 redirects

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

yabo88.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	yabo88.org 1 redirects yabo88.org	187 B
2	baidu.com push.zhanzhang.baidu.com Failed hm.baidu.com	14 KB
2	aircaqnada.com aircaqnada.com	1 KB
6	3

	Domain	Requested by
2	yabo88.org	1 redirects aircaqnada.com
2	hm.baidu.com	aircaqnada.com
2	aircaqnada.com	aircaqnada.com
0	push.zhanzhang.baidu.com Failed	aircaqnada.com
6	4

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-01-13` - `2020-06-25`	5 months	crt.sh
yabo88.org Let's Encrypt Authority X3	`2019-11-24` - `2020-02-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://aircaqnada.com/
Frame ID: 51A8F0AAB7CC2F0ABB6B77D82798AFB7
Requests: 5 HTTP requests in this frame

Frame: https://yabo88.org/
Frame ID: 94E65B42C50BA95085FDC854FBFA25C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

15 kB
Transfer

39 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://yabo88.org/ HTTP 301
https://yabo88.org/

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request / Show response
aircaqnada.com/ 1 KB
819 B 5947ms
384ms Document
text/html 154.80.183.126
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: http://aircaqnada.com/
Protocol: HTTP/1.1
Server: 154.80.183.126 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 41ee7d18f6108361a64abbe96260ef5a341404f569c5e56119525ab3aaf9db7a

Request headers

Host: aircaqnada.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Fri, 14 Feb 2020 17:59:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK pc.js Show response
aircaqnada.com/tj/ 394 B
708 B 195ms
194ms Script
application/javascript 154.80.183.126
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: http://aircaqnada.com/tj/pc.js
Requested by: Host: aircaqnada.com
URL: http://aircaqnada.com/
Protocol: HTTP/1.1
Server: 154.80.183.126 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 3f0c7c3cb3117dec8533c35bd9a9c49c73ca7a04afc06ca7f5274be25fda23d7

Request headers

Referer: http://aircaqnada.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 17:59:48 GMT
Last-Modified: Sat, 01 Feb 2020 11:05:10 GMT
Server: nginx
ETag: "5e355b66-18a"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 394
Expires: Sat, 15 Feb 2020 05:59:48 GMT

GET push.js
push.zhanzhang.baidu.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 37 KB
14 KB 699ms
303ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?22fcda28f3c9b89e238bd3ef1f0566d4

Requested by

Host: aircaqnada.com
URL: http://aircaqnada.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

dd45b5a88365abb9930e006d4f21db6d7b6f400d5986c450f10a5405e6bb0ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://aircaqnada.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 17:59:49 GMT
Content-Encoding: gzip
Server: apache
Etag: 451fbd20d2ab8b207b531bfdccd0ae6c
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13508

GET
H2

200

/
yabo88.org/ Frame 94E6
Redirect Chain

http://yabo88.org/
https://yabo88.org/

0
0

575ms
191ms

Document
text/html

154.80.175.132
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://yabo88.org/
Requested by: Host: aircaqnada.com
URL: http://aircaqnada.com/tj/pc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.80.175.132 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: yabo88.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://aircaqnada.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://aircaqnada.com/

Response headers

status: 200
server: nginx
date: Fri, 14 Feb 2020 18:00:04 GMT
content-type: text/html
last-modified: Fri, 14 Feb 2020 11:48:44 GMT
vary: Accept-Encoding
etag: W/"5e46891c-12b1"
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 14 Feb 2020 18:00:04 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yabo88.org/

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 327ms
326ms Image
image/gif 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=434275620&si=22fcda28f3c9b89e238bd3ef1f0566d4&v=1.2.68&lv=1&sn=15964&ct=!!&tt=%E4%BA%9A%E5%8D%9A%E4%BD%93%E8%82%B2%E8%BF%9B%E5%85%A5

Requested by

Host: aircaqnada.com
URL: http://aircaqnada.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://aircaqnada.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 17:59:49 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yabo88.org/	1969-12-31 23:59:59	Name: Hm_lpvt_7fb71d5883564748d2fb09d3cd9f9c98 Value: 1581703206
			.yabo88.org/	1970-01-19 16:07:19	Name: Hm_lvt_7fb71d5883564748d2fb09d3cd9f9c98 Value: 1581703206

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aircaqnada.com
hm.baidu.com
push.zhanzhang.baidu.com
yabo88.org
push.zhanzhang.baidu.com
103.235.46.191
154.80.175.132
154.80.183.126
3f0c7c3cb3117dec8533c35bd9a9c49c73ca7a04afc06ca7f5274be25fda23d7
41ee7d18f6108361a64abbe96260ef5a341404f569c5e56119525ab3aaf9db7a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dd45b5a88365abb9930e006d4f21db6d7b6f400d5986c450f10a5405e6bb0ff9

aircaqnada.com Open in urlscan Pro 154.80.183.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

50 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

15 kBTransfer

39 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Indicators

aircaqnada.com Open in urlscan Pro
154.80.183.126 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

15 kB
Transfer

39 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions