www.oyonlibya.com Open in urlscan Pro
160.202.97.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_
Submission: On December 13 via manual (December 13th 2018, 1:10:25 pm UTC) from EG

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 160.202.97.224, located in Mooresville, United States and belongs to QUICKPACKET - QuickPacket, LLC, US. The main domain is www.oyonlibya.com.

This is the only time www.oyonlibya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	160.202.97.224 160.202.97.224	46261 (QUICKPACKET) (QUICKPACKET - QuickPacket)
2	220.243.212.50 220.243.212.50	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
2	183.131.207.78 183.131.207.78	136190 (CHINATELE...) (CHINATELECOM-YUNNAN-DALI-MAN DaLi)
1	210.245.226.14 210.245.226.14	17444 (NWT-AS-AP...) (NWT-AS-AP AS number for New World Telephone Ltd.)
8	4

3 160.202.97.224 (Mooresville, United States)

ASN46261 (QUICKPACKET - QuickPacket, LLC, US)

www.oyonlibya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.243.212.50 (Beijing, China)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.131.207.78 (Jinhua, China)

ASN136190 (CHINATELECOM-YUNNAN-DALI-MAN DaLi, CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.245.226.14 (Hong Kong)

ASN17444 (NWT-AS-AP AS number for New World Telephone Ltd., HK)
PTR: ip14.ce.nwt.simlinkhk.com

www.3152018bb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	51.la js.users.51.la ia.51.la	12 KB
3	oyonlibya.com www.oyonlibya.com	2 KB
1	3152018bb.com www.3152018bb.com
8	3

	Domain	Requested by
3	www.oyonlibya.com	www.oyonlibya.com
2	ia.51.la	www.oyonlibya.com
2	js.users.51.la	www.oyonlibya.com
1	www.3152018bb.com	www.oyonlibya.com
8	4

This site contains links to these domains. Also see Links.

Domain
www.51.la

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-03-19`	3 years	crt.sh
www.334455bet.com Go Daddy Secure Certificate Authority - G2	`2018-04-27` - `2019-09-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_
Frame ID: F98BFCF12C7E5C0C7CBDF031E1920021
Requests: 7 HTTP requests in this frame

Frame: https://www.3152018bb.com/99.html
Frame ID: CF0EC89F2D48A0859634723B7B837A62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i

Page Statistics

8
Requests

38 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

14 kB
Transfer

22 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.51.la/?comId=19550925
Title: 51La

Search URL Search Domain Scan URL

URL: https://www.51.la/?comId=19450065
Title: 51La

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request hbt.php Show response www.oyonlibya.com/	429 B 484 B	655ms 154ms	Document text/html	160.202.97.224 QuickPacket
General Check archive.org Show headers Download Go to Full URL http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Protocol HTTP/1.1 Server 160.202.97.224 Mooresville, United States, ASN46261 (QUICKPACKET - QuickPacket, LLC, US), Reverse DNS Software nginx / PHP/5.4.41 Resource Hash `9a0b215f79b723ed94ec014c2ac0acbd5a443c44a3e6ef5acc4f11d09031afcc` Request headers Host www.oyonlibya.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Thu, 13 Dec 2018 21:10:12 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/5.4.41 Content-Encoding gzip
GET H/1.1	200 OK	tj.js Show response www.oyonlibya.com/	168 B 411 B	154ms 153ms	Script application/javascript	160.202.97.224 QuickPacket
General Check archive.org Show headers Download Go to Full URL http://www.oyonlibya.com/tj.js Requested by Host: www.oyonlibya.com URL: http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Protocol HTTP/1.1 Server 160.202.97.224 Mooresville, United States, ASN46261 (QUICKPACKET - QuickPacket, LLC, US), Reverse DNS Software nginx / Resource Hash `b838d8740dd2178cb86e8efee1c8fdb32be4bf6522b2387a1e01eb51179ada29` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.oyonlibya.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Connection keep-alive Cache-Control no-cache Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Dec 2018 21:10:12 GMT Last-Modified Mon, 16 Jul 2018 17:44:17 GMT Server nginx ETag "5b4cd971-a8" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 168
GET H/1.1	200 OK	jquery.min.js Show response www.oyonlibya.com/	11 KB 1 KB	308ms 154ms	Script application/javascript	160.202.97.224 QuickPacket
General Check archive.org Show headers Download Go to Full URL http://www.oyonlibya.com/jquery.min.js Requested by Host: www.oyonlibya.com URL: http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Protocol HTTP/1.1 Server 160.202.97.224 Mooresville, United States, ASN46261 (QUICKPACKET - QuickPacket, LLC, US), Reverse DNS Software nginx / Resource Hash `c6ccfcbe2db9da6a299a5cbe34437074c32584a274905af4e1859148fdf4a0d3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.oyonlibya.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Connection keep-alive Cache-Control no-cache Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Dec 2018 21:10:12 GMT Content-Encoding gzip Last-Modified Mon, 16 Jul 2018 17:44:17 GMT Server nginx ETag W/"5b4cd971-2c4a" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	19550925.js Show response js.users.51.la/	5 KB 6 KB	1326ms 162ms	Script application/javascript	220.243.212.50 QUANTIL NETWORKS INC
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/19550925.js Requested by Host: www.oyonlibya.com URL: http://www.oyonlibya.com/tj.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US), Reverse DNS Software nginx/1.14.0 / Resource Hash `62f94d222df1c48d235ef61c5709c0c206945e7c945ace6892324b71d0a7399c` Request headers Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-id 19550925 id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVxNfwtvk8CVAN6VeqoKuAvR8a2yB40 Last-Modified Thu Aug 16 17:48:51 CST 2018 Server nginx/1.14.0 Age 54334 ETag "e6d913160d08e0b3f36240d8a95e06bf" Content-Type application/javascript;charset=UTF-8 version-id G0011165422341C3FFFF900B00830CFA Date Thu, 13 Dec 2018 13:09:51 GMT Content-Disposition inline;filename=f.txt Connection keep-alive request-id 00000167A472F8DA9007FEC9D44D28DC x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc Content-Length 5193 X-Via 1.1 lsh81:1 (Cdn Cache Server V2.0)[371 200 2], 1.1 lsh188:3 (Cdn Cache Server V2.0)[0 200 0]
GET H/1.1	200 OK	19450065.js Show response js.users.51.la/	5 KB 6 KB	1335ms 166ms	Script application/javascript	220.243.212.50 QUANTIL NETWORKS INC
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/19450065.js Requested by Host: www.oyonlibya.com URL: http://www.oyonlibya.com/tj.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US), Reverse DNS Software nginx/1.14.0 / Resource Hash `d680ffb9e33a3a0f5e87a55738d0f2184702229fc4f357fa2ebbc7a0a0770c59` Request headers Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-id 19450065 id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS53OMyRB6k/xKc6XNTJNhpEHkvWoiRQ Last-Modified Thu Aug 16 17:33:06 CST 2018 Server nginx/1.14.0 Age 3457 ETag "02aad3f8df18e959ac18aa2cb0617df6" Content-Type application/javascript;charset=UTF-8 version-id G00111654214D583FFFF900B0081D42A Date Thu, 13 Dec 2018 13:09:51 GMT Content-Disposition inline;filename=f.txt Connection keep-alive request-id 00000167A77B4C869006396578AB6E8D x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc Content-Length 5193 X-Via 1.1 luoshan78:1 (Cdn Cache Server V2.0)[460 200 2], 1.1 lsh187:0 (Cdn Cache Server V2.0)[0 200 0]
GET H/1.1	200	go1 ia.51.la/	0 262 B	709ms 341ms	Image application/octet-stream	183.131.207.78 CHINATELECOM-YUNN...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=19550925&rt=1544706591986&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1544706591986&tt=%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599&kw=&cu=http%253A%252F%252Fwww.oyonlibya.com%252Fhbt.php%253Frewrite%253Dalfatek2_12%252Fbuttons%252Fcollapse_&pu= Requested by* Host: www.oyonlibya.com URL: http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Protocol HTTP/1.1 Server 183.131.207.78 Jinhua, China, ASN136190 (CHINATELECOM-YUNNAN-DALI-MAN DaLi, CN), Reverse DNS Software HuaweiCloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Dec 2018 13:09:52 GMT Server HuaweiCloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H/1.1	200	go1 ia.51.la/	0 262 B	698ms 339ms	Image application/octet-stream	183.131.207.78 CHINATELECOM-YUNN...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=19450065&rt=1544706591996&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1544706591996&tt=%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599&kw=&cu=http%253A%252F%252Fwww.oyonlibya.com%252Fhbt.php%253Frewrite%253Dalfatek2_12%252Fbuttons%252Fcollapse_&pu= Requested by* Host: www.oyonlibya.com URL: http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Protocol HTTP/1.1 Server 183.131.207.78 Jinhua, China, ASN136190 (CHINATELECOM-YUNNAN-DALI-MAN DaLi, CN), Reverse DNS Software HuaweiCloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Dec 2018 13:09:52 GMT Server HuaweiCloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H/1.1	200 OK	99.html www.3152018bb.com/ Frame CF0E	0 0	2544ms 238ms	Document text/html	210.245.226.14 NWT-AS-AP AS numb...
General Check archive.org Show headers Download Go to Full URL https://www.3152018bb.com/99.html Requested by Host: www.oyonlibya.com URL: http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.245.226.14 , Hong Kong, ASN17444 (NWT-AS-AP AS number for New World Telephone Ltd., HK), Reverse DNS ip14.ce.nwt.simlinkhk.com Software nginx / Resource Hash Request headers Host www.3152018bb.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.oyonlibya.com/hbt.php?rewrite=alfatek2_12/buttons/collapse_ Response headers Server nginx Date Thu, 13 Dec 2018 13:16:38 GMT Content-Type text/html Content-Length 999 Last-Modified Wed, 03 Oct 2018 01:29:37 GMT Connection keep-alive ETag "5bb41b81-3e7" Accept-Ranges bytes

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
www.3152018bb.com
www.oyonlibya.com
160.202.97.224
183.131.207.78
210.245.226.14
220.243.212.50
62f94d222df1c48d235ef61c5709c0c206945e7c945ace6892324b71d0a7399c
9a0b215f79b723ed94ec014c2ac0acbd5a443c44a3e6ef5acc4f11d09031afcc
b838d8740dd2178cb86e8efee1c8fdb32be4bf6522b2387a1e01eb51179ada29
c6ccfcbe2db9da6a299a5cbe34437074c32584a274905af4e1859148fdf4a0d3
d680ffb9e33a3a0f5e87a55738d0f2184702229fc4f357fa2ebbc7a0a0770c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.oyonlibya.com Open in urlscan Pro 160.202.97.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

38 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

14 kBTransfer

22 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

www.oyonlibya.com Open in urlscan Pro
160.202.97.224 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

14 kB
Transfer

22 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions