urlscan.io logo urlscan.io
SecurityTrails logo

wp.xianyujc.com Open in urlscan Pro
106.52.183.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y
Effective URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Submission: On April 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 17 HTTP transactions. The main IP is 106.52.183.222, located in China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is wp.xianyujc.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on January 6th 2021. Valid for: a year.
This is the only time wp.xianyujc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 106.52.183.222 45090 (CNNIC-TEN...)
2 66.96.130.32 29873 (BIZLAND-SD)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 5
Domain Requested by
2 inspectmyhvac.com wp.xianyujc.com
2 wp.xianyujc.com wp.xianyujc.com
1 cdnjs.cloudflare.com wp.xianyujc.com
1 fonts.googleapis.com wp.xianyujc.com
17 4

This site contains no links.

Subject Issuer Validity Valid
wp.xianyujc.com
TrustAsia TLS RSA CA		 2021-01-06 -
2022-01-05		 a year crt.sh
www.inspectmyhvac.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-24 -
2021-12-24		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Frame ID: 9A3A7ADAC60D558BFDB90FF428C09EE7
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y Page URL
  2. https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

35 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

32 kB
Transfer

476 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y Page URL
  2. https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
empfehlen.php
wp.xianyujc.com/ogretmenevi/js/productimage/inputform/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
106.52.183.222 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
d1445755abbaae54376fcdbc11548c3c6dcab7a8efd8ae2078632234d7c3b582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
wp.xianyujc.com
:scheme
https
:path
/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

server
nginx
date
Mon, 12 Apr 2021 07:01:09 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip
Primary Request empfehlen.php
wp.xianyujc.com/ogretmenevi/js/productimage/inputform/ 		273 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Requested by
Host: wp.xianyujc.com
URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
106.52.183.222 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
wp.xianyujc.com
:scheme
https
:path
/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Referer
https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?bill=qm1thmgn1v1k30y

Response headers

server
nginx
date
Mon, 12 Apr 2021 07:01:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip
backday.js
inspectmyhvac.com/html/en/images/3/ 		450 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inspectmyhvac.com/html/en/images/3/backday.js
Requested by
Host: wp.xianyujc.com
URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.130.32 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
32.130.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash

Request headers

Referer
https://wp.xianyujc.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 07:01:30 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Apr 2020 19:47:47 GMT
Server
Apache/2
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=10368000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=30
Content-Length
258
Expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		8 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,600,700&subset=latin-ext
Requested by
Host: wp.xianyujc.com
URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 07:01:29 GMT
server
ESF
date
Mon, 12 Apr 2021 07:01:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Apr 2021 07:01:29 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: wp.xianyujc.com
URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wp.xianyujc.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 07:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2716446
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
cf-request-id
09667bb7960000dff3323a3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pkjWsbCP1DdbY8Nvqjb9ws5AbM4HnNiwvlfamQdnksoRu%2FZm1tpIW56iYO1UeoVnwY2gShkzTVofHl%2B0ib8r1pZD6x4o3FKPJQkJBJi7M8pxuQB0gA0RBhXxOv7DIjPz7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63ea956c2995dff3-FRA
expires
Sat, 02 Apr 2022 07:01:29 GMT
theme_hmtd1s.css
inspectmyhvac.com/html/en/images/3/ 		21 B
324 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inspectmyhvac.com/html/en/images/3/theme_hmtd1s.css
Requested by
Host: wp.xianyujc.com
URL: https://wp.xianyujc.com/ogretmenevi/js/productimage/inputform/empfehlen.php?led=y99ha9s90peef&modern=weather&smaller=add
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.96.130.32 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS
32.130.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash

Request headers

Referer
https://wp.xianyujc.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 07:01:30 GMT
Last-Modified
Sat, 25 Apr 2020 19:47:47 GMT
Server
Apache/2
Content-Type
text/css
Cache-Control
max-age=10368000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=30
Content-Length
21
Expires
max-age=A10368000, public
sharetab.png
inspectmyhvac.com/html/en/images/3/ 		0
0
sharedesk.png
inspectmyhvac.com/html/en/images/3/ 		0
0
Rich.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
ukplusjim.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
odA9sNLrE86.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
images16.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
images1.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
images14.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
images13.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
images11.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
images12.jpg
inspectmyhvac.com/html/en/images/3/ 		0
0
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		44 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

Content-Type
image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/sharetab.png
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/sharedesk.png
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/Rich.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/ukplusjim.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/odA9sNLrE86.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/images16.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/images1.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/images14.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/images13.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/images11.jpg
Domain
inspectmyhvac.com
URL
https://inspectmyhvac.com/html/en/images/3/images12.jpg

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
inspectmyhvac.com
wp.xianyujc.com
inspectmyhvac.com
106.52.183.222
2606:4700::6810:125e
2a00:1450:4001:801::200a
66.96.130.32
d1445755abbaae54376fcdbc11548c3c6dcab7a8efd8ae2078632234d7c3b582