erhremodeling.com Open in urlscan Pro
154.208.126.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://erhremodeling.taigroupwindows.com/
Effective URL:
https://erhremodeling.com/
Submission Tags: @phishunt_io
Submission: On April 26 via api (April 26th 2021, 2:48:14 pm UTC) from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 154.208.126.131, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is erhremodeling.com.
TLS certificate: Issued by R3 on March 30th 2021. Valid for: 3 months.

This is the only time erhremodeling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.53.209.100 185.53.209.100	397423 (TIER-NET) (TIER-NET)
2	154.208.126.131 154.208.126.131	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	119.188.176.48 119.188.176.48	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	122.10.42.16 122.10.42.16	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	103.235.46.39 103.235.46.39	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
12	122.10.18.72 122.10.18.72	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
21	8

1 185.53.209.100 (Dallas, United States) 1 redirects

ASN397423 (TIER-NET, US)

erhremodeling.taigroupwindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.208.126.131 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

erhremodeling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.188.176.48 (Qingdao, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.10.42.16 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

xhdy.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.39 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 122.10.18.72 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

leyu1688.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	leyu1688.com leyu1688.com	80 KB
3	baidu.com hm.baidu.com sp0.baidu.com	15 KB
2	erhremodeling.com erhremodeling.com	1 KB
1	google-analytics.com www.google-analytics.com	73 B
1	xhdy.cc xhdy.cc	475 B
1	googletagmanager.com www.googletagmanager.com	45 KB
1	bdstatic.com zz.bdstatic.com	562 B
1	taigroupwindows.com 1 redirects erhremodeling.taigroupwindows.com	380 B
21	8

	Domain	Requested by
12	leyu1688.com	erhremodeling.com leyu1688.com
2	hm.baidu.com	erhremodeling.com
2	erhremodeling.com	erhremodeling.com
1	www.google-analytics.com	www.googletagmanager.com
1	sp0.baidu.com	erhremodeling.com
1	xhdy.cc	erhremodeling.com
1	www.googletagmanager.com	erhremodeling.com
1	zz.bdstatic.com	erhremodeling.com
1	erhremodeling.taigroupwindows.com	1 redirects
21	9

This site contains no links.

Subject Issuer	Validity	Valid
erhremodeling.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
xhdy.cc R3	`2021-03-05` - `2021-06-03`	3 months	crt.sh
leyu1688.com R3	`2021-03-05` - `2021-06-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://erhremodeling.com/
Frame ID: 9C547F04E92601A5B8E1C00F7B38E26B
Requests: 9 HTTP requests in this frame

Frame: https://leyu1688.com/
Frame ID: EF4C4AD66F3DD9C74E4DB7BA191B016C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://erhremodeling.taigroupwindows.com/ HTTP 301
https://erhremodeling.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

142 kB
Transfer

1466 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://erhremodeling.taigroupwindows.com/ HTTP 301
https://erhremodeling.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
erhremodeling.com/
Redirect Chain

https://erhremodeling.taigroupwindows.com/
https://erhremodeling.com/

211 B
276 B

817ms
270ms

Document
text/html

154.208.126.131
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://erhremodeling.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.208.126.131 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5b52987332c5d6a88f85896a17b93c818ac132ea65d53fcd7314d47a1d9842a7

Request headers

:method: GET
:authority: erhremodeling.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.18.0
date: Mon, 26 Apr 2021 14:47:40 GMT
content-type: text/html;charset=UTF-8
s-name: 192.168.28.2
content-encoding: gzip

Redirect headers

x-powered-by: PHP/7.0.33
set-cookie: PHPSESSID=5gnk1qt02pp6a875fhsqdu5me0; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
location: https://erhremodeling.com/
content-length: 0
date: Mon, 26 Apr 2021 14:47:39 GMT
server: LiteSpeed
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 SiyOkuK.js Show response
erhremodeling.com/public/js/ 1 KB
754 B 273ms
273ms Script
text/javascript 154.208.126.131
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://erhremodeling.com/public/js/SiyOkuK.js
Requested by: Host: erhremodeling.com
URL: https://erhremodeling.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.208.126.131 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fede2acd15a8c68d14fec2d3e4aa77e279588e23d8585061a4756797f38b5543

Request headers

:path: /public/js/SiyOkuK.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: erhremodeling.com
referer: https://erhremodeling.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:40 GMT
content-encoding: gzip
server: nginx/1.18.0
set-cookie: JSESSIONID=D3E856652F70EA8DE123B2B64C5575B4; Path=/; HttpOnly
s-name: 192.168.28.2
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1091ms
582ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4c12328e95cea139dda3c4a66cb6eff6

Requested by

Host: erhremodeling.com
URL: https://erhremodeling.com/public/js/SiyOkuK.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

09e93e47c87670561f1061f6684caf8cdf9c7c2c2ba6c6b1003a354020eeb331

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 14:47:41 GMT
Content-Encoding: gzip
Server: apache
Etag: dce2135dda89c93863474993fd913404
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14035

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
562 B 881ms
292ms Script
application/x-javascript 119.188.176.48
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: erhremodeling.com
URL: https://erhremodeling.com/public/js/SiyOkuK.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.188.176.48 Qingdao, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:41 GMT
ohc-cache-hit: jn2un130 [4], xzuncache85 [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Wed, 21 Apr 2021 00:15:15 GMT
server: JSP3/2.0.14
age: 50361
etag: W/"607f6e93-134"
content-type: application/x-javascript
cache-control: max-age=86400
tracecode: 29001731260421367562042508
accept-ranges: bytes
content-encoding: gzip
expires: Tue, 27 Apr 2021 00:48:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3LJBY7DD1F

Requested by

Host: erhremodeling.com
URL: https://erhremodeling.com/public/js/SiyOkuK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d53635964d82148c330d900a61cd264611a27b9b28b23f02d26dc95a321d556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46187
x-xss-protection: 0
expires: Mon, 26 Apr 2021 14:47:41 GMT

GET
H2 200 xh.js Show response
xhdy.cc/mulan/ 375 B
475 B 1040ms
265ms Script
application/javascript 122.10.42.16
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://xhdy.cc/mulan/xh.js
Requested by: Host: erhremodeling.com
URL: https://erhremodeling.com/public/js/SiyOkuK.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.42.16 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2fe73dc5521bb831a6370084dcd2e5b1527713aadfb5e1ddf351a13742983838

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 26 Apr 2021 14:47:41 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 08:28:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d7882028be14d71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 299

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 1002ms
490ms Image
text/plain 103.235.46.39
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://erhremodeling.com/
Requested by: Host: erhremodeling.com
URL: https://erhremodeling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 14:47:42 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2 200 / Show response
leyu1688.com/ Frame EF4C 4 KB
2 KB 808ms
267ms Document
text/html 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://leyu1688.com/
Requested by: Host: erhremodeling.com
URL: https://erhremodeling.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4350f293b561e2d6526ffb9d91e3a7b4ae8675ddebeb1a4600e0803fec35c8cf

Request headers

:method: GET
:authority: leyu1688.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://erhremodeling.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://erhremodeling.com/

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 04:16:24 GMT
accept-ranges: bytes
etag: "0dc4aeb523ad71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Mon, 26 Apr 2021 14:47:41 GMT
content-length: 1397

POST
H2 204 collect
www.google-analytics.com/g/ 0
73 B 12ms
12ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3LJBY7DD1F&gtm=2oe4e1&_p=4024948&sr=1600x1200&ul=en-us&cid=126258488.1619448462&_s=1&dl=https%3A%2F%2Ferhremodeling.com%2F&dt=&sid=1619448461&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LJBY7DD1F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 14:47:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://erhremodeling.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 329ms
329ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=883230730&si=4c12328e95cea139dda3c4a66cb6eff6&v=1.2.80&lv=1&sn=13077&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ferhremodeling.com%2F

Requested by

Host: erhremodeling.com
URL: https://erhremodeling.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://erhremodeling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 14:47:42 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 index.css
leyu1688.com/static/css/ Frame EF4C 7 KB
2 KB 263ms
263ms Stylesheet
text/css 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://leyu1688.com/static/css/index.css?v=2021web
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49924c89ddebdde0942c23c9f3c46ea1effea723ff1e1af00a55c9677b70a37c

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 08:57:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "804d79fab039d71:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1765

GET
H2 200 config.js Show response
leyu1688.com/ Frame EF4C 903 B
749 B 264ms
264ms Script
application/javascript 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://leyu1688.com/config.js?v=2021web
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 55533453295373f0714fde508a074e26067b00886161c4c6daa68a24693e282e

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 10:36:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "42aeacb883ad71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 652

GET
H2 200 service.cfb8ff2.png
leyu1688.com/static/img/ Frame EF4C 3 KB
3 KB 512ms
512ms Image
image/png 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leyu1688.com/static/img/service.cfb8ff2.png
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d4b800de90547b1946afa1a56e6e50e30c16f45c0a8b389b71b7ada0a8d5fbd

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
last-modified: Sun, 27 Dec 2020 15:45:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "c1e3e25367dcd61:0"
content-type: image/png
accept-ranges: bytes
content-length: 2789

GET
H2 200 service.956c87f.png
leyu1688.com/static/img/ Frame EF4C 8 KB
8 KB 515ms
514ms Image
image/png 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leyu1688.com/static/img/service.956c87f.png
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30518cb6b5b8a5576a7a988cd75249e39e22f9d1f9099c4daa87e47f0a68e1f3

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
last-modified: Sun, 27 Dec 2020 15:45:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "57cce25367dcd61:0"
content-type: image/png
accept-ranges: bytes
content-length: 7793

GET
H2 200 qq.a18b6c4.png
leyu1688.com/static/img/ Frame EF4C 6 KB
6 KB 517ms
516ms Image
image/png 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leyu1688.com/static/img/qq.a18b6c4.png
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7fe030fae4b01d8c8a9effe5d721f3286f449bb94e93c05cfae41aa90a7002f4

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
last-modified: Tue, 29 Sep 2020 06:31:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f512da362a96d61:0"
content-type: image/png
accept-ranges: bytes
content-length: 5790

GET
H2 200 jquery.min.js Show response
leyu1688.com/static/js/ Frame EF4C 87 KB
30 KB 268ms
268ms Script
application/javascript 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://leyu1688.com/static/js/jquery.min.js?v=2021web
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 05:38:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "807dfe1d5cedd61:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30976

GET
H2 200 clipboard.min.js Show response
leyu1688.com/static/js/ Frame EF4C 10 KB
3 KB 515ms
515ms Script
application/javascript 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://leyu1688.com/static/js/clipboard.min.js?v=2021web
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 06:26:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "089284b7f2d51:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3358

GET
H2 200 index.js Show response
leyu1688.com/static/js/ Frame EF4C 2 KB
1 KB 513ms
512ms Script
application/javascript 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://leyu1688.com/static/js/index.js?v=2021web
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 12853ae71b3b590289841e41d0b30c571d3304aab4d96c8c33c23fb770cc389f

Request headers

Referer: https://leyu1688.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 09:03:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80c31dd4b139d71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1045

GET
H2 200 pcBG.d16ea65.jpg
leyu1688.com/static/img/ Frame EF4C 1 MB
0 761ms
760ms Image
image/jpeg 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leyu1688.com/static/img/pcBG.d16ea65.jpg
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/static/css/index.css?v=2021web
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://leyu1688.com/static/css/index.css?v=2021web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
last-modified: Mon, 26 Apr 2021 04:42:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ffb7cf82563ad71:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1561534

GET
H2 200 btn_download.e8ebf77.png
leyu1688.com/static/img/ Frame EF4C 13 KB
13 KB 757ms
757ms Image
image/png 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leyu1688.com/static/img/btn_download.e8ebf77.png
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/static/css/index.css?v=2021web
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 020be926554348e4f7a194438c8036e77136ea869e0d2c9cde2dd70a2bc8f89e

Request headers

Referer: https://leyu1688.com/static/css/index.css?v=2021web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
last-modified: Mon, 26 Apr 2021 03:25:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d2969ec44b3ad71:0"
content-type: image/png
accept-ranges: bytes
content-length: 13643

GET
H2 200 btn_intr.f8a3a0b.png
leyu1688.com/static/img/ Frame EF4C 11 KB
12 KB 1013ms
1013ms Image
image/png 122.10.18.72
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leyu1688.com/static/img/btn_intr.f8a3a0b.png
Requested by: Host: leyu1688.com
URL: https://leyu1688.com/static/css/index.css?v=2021web
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.18.72 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7fb84fd1103baf5300e93ef34b31dd443fd37836a69a41bf758a4fcc0ff87d45

Request headers

Referer: https://leyu1688.com/static/css/index.css?v=2021web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 14:47:42 GMT
last-modified: Mon, 26 Apr 2021 03:25:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "2df0f4c44b3ad71:0"
content-type: image/png
accept-ranges: bytes
content-length: 11727

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

erhremodeling.com
erhremodeling.taigroupwindows.com
hm.baidu.com
leyu1688.com
sp0.baidu.com
www.google-analytics.com
www.googletagmanager.com
xhdy.cc
zz.bdstatic.com
103.235.46.191
103.235.46.39
119.188.176.48
122.10.18.72
122.10.42.16
154.208.126.131
185.53.209.100
2a00:1450:4001:813::2008
2a00:1450:4001:82f::200e
020be926554348e4f7a194438c8036e77136ea869e0d2c9cde2dd70a2bc8f89e
09e93e47c87670561f1061f6684caf8cdf9c7c2c2ba6c6b1003a354020eeb331
12853ae71b3b590289841e41d0b30c571d3304aab4d96c8c33c23fb770cc389f
2fe73dc5521bb831a6370084dcd2e5b1527713aadfb5e1ddf351a13742983838
30518cb6b5b8a5576a7a988cd75249e39e22f9d1f9099c4daa87e47f0a68e1f3
4350f293b561e2d6526ffb9d91e3a7b4ae8675ddebeb1a4600e0803fec35c8cf
49924c89ddebdde0942c23c9f3c46ea1effea723ff1e1af00a55c9677b70a37c
55533453295373f0714fde508a074e26067b00886161c4c6daa68a24693e282e
5b52987332c5d6a88f85896a17b93c818ac132ea65d53fcd7314d47a1d9842a7
5d53635964d82148c330d900a61cd264611a27b9b28b23f02d26dc95a321d556
7fb84fd1103baf5300e93ef34b31dd443fd37836a69a41bf758a4fcc0ff87d45
7fe030fae4b01d8c8a9effe5d721f3286f449bb94e93c05cfae41aa90a7002f4
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8d4b800de90547b1946afa1a56e6e50e30c16f45c0a8b389b71b7ada0a8d5fbd
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fede2acd15a8c68d14fec2d3e4aa77e279588e23d8585061a4756797f38b5543

erhremodeling.com Open in urlscan Pro 154.208.126.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

22 %IPv6

8 Domains

9 Subdomains

8 IPs

4 Countries

142 kBTransfer

1466 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

0 Cookies

Indicators

erhremodeling.com Open in urlscan Pro
154.208.126.131 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

142 kB
Transfer

1466 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions