urlscan.io logo urlscan.io
SecurityTrails logo

www.zlhq8.com Open in urlscan Pro
106.13.30.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ujeb.se/rSlnw
Effective URL: http://www.zlhq8.com/wp-content/themes/busify/page_privacy/ordering.php?fill=bp9y9srbpx9rq9q0
Submission: On June 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 106.13.30.86, located in China and belongs to BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN. The main domain is www.zlhq8.com.
This is the only time www.zlhq8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 106.13.30.86 38365 (BAIDU Bei...)
3 2
Apex Domain
Subdomains		 Transfer
2 zlhq8.com
www.zlhq8.com
2 KB
2 ujeb.se
ujeb.se
935 B
0 googleapis.com Failed
fonts.googleapis.com Failed
3 3
Domain Requested by
2 www.zlhq8.com www.zlhq8.com
2 ujeb.se 2 redirects
0 fonts.googleapis.com Failed www.zlhq8.com
3 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.zlhq8.com/wp-content/themes/busify/page_privacy/ordering.php?fill=bp9y9srbpx9rq9q0
Frame ID: 3C1439F20DF0FDA9B2B42EA789CEB5A2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ujeb.se/rSlnw HTTP 301
    https://ujeb.se/rSlnw HTTP 301
    http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr Page URL
  2. http://www.zlhq8.com/wp-content/themes/busify/page_privacy/ordering.php?fill=bp9y9srbpx9rq9q0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

3
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

2 kB
Transfer

12 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ujeb.se/rSlnw HTTP 301
    https://ujeb.se/rSlnw HTTP 301
    http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr Page URL
  2. http://www.zlhq8.com/wp-content/themes/busify/page_privacy/ordering.php?fill=bp9y9srbpx9rq9q0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ujeb.se/rSlnw HTTP 301
  • https://ujeb.se/rSlnw HTTP 301
  • http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr
Request Chain 1
  • http://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,600,700&subset=latin-ext HTTP 307
  • https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,600,700&subset=latin-ext

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ordering.php
www.zlhq8.com//wp-content/themes/busify/page_privacy/
Redirect Chain
  • http://ujeb.se/rSlnw
  • https://ujeb.se/rSlnw
  • http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr
Protocol
HTTP/1.1
Server
106.13.30.86 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/7.0.33
Resource Hash
826c6ea8a86f7ac9eb75f41579a5cf34a6da076980ee7c2a8bc56a1f5b4623ee

Request headers

Host
www.zlhq8.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.0.33
Date
Sun, 28 Jun 2020 03:27:15 GMT
Content-Length
1546

Redirect headers

status
301
date
Sun, 28 Jun 2020 03:27:12 GMT
content-type
text/html; charset=UTF-8
x-robots-tag
noindex,nofollow
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
location
http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr
vary
User-Agent
cf-cache-status
DYNAMIC
cf-request-id
039a9008470000980e81076200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5aa44f86deb2980e-FRA
Primary Request ordering.php
www.zlhq8.com/wp-content/themes/busify/page_privacy/ 		9 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.zlhq8.com/wp-content/themes/busify/page_privacy/ordering.php?fill=bp9y9srbpx9rq9q0
Requested by
Host: www.zlhq8.com
URL: http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr
Protocol
HTTP/1.1
Server
106.13.30.86 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/7.0.33
Resource Hash

Request headers

Host
www.zlhq8.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.zlhq8.com//wp-content/themes/busify/page_privacy/ordering.php?period=w1xyadx1p100twmr

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.0.33
Date
Sun, 28 Jun 2020 03:27:39 GMT
css
fonts.googleapis.com/
Redirect Chain
  • http://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,600,700&subset=latin-ext
  • https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,600,700&subset=latin-ext
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,600,700&subset=latin-ext

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
ujeb.se
www.zlhq8.com
fonts.googleapis.com
106.13.30.86
2606:4700:3031::ac43:861a
826c6ea8a86f7ac9eb75f41579a5cf34a6da076980ee7c2a8bc56a1f5b4623ee