devglobal.xinxuanzhenpin.com Open in urlscan Pro
8.133.194.41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://devglobal.xinxuanzhenpin.com/
Submission: On July 05 via api (July 5th 2024, 11:24:32 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 8.133.194.41, located in Shanghai, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is devglobal.xinxuanzhenpin.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on June 29th 2024. Valid for: 3 months.

This is the only time devglobal.xinxuanzhenpin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	8.133.194.41 8.133.194.41		37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
16	2

3 8.133.194.41 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

devglobal.xinxuanzhenpin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	xinxuanzhenpin.com devglobal.xinxuanzhenpin.com	28 KB
16	1

	Domain	Requested by
3	devglobal.xinxuanzhenpin.com	devglobal.xinxuanzhenpin.com
16	1

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
gitlab.xinxuanzhenpin.com Encryption Everywhere DV TLS CA - G2	`2024-06-29` - `2024-09-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://devglobal.xinxuanzhenpin.com/
Frame ID: 50E966A962AB54405B42A2BA25E569EA
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home page

Detected technologies

Magento (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<script type="text/x-magento-init">

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

28 kB
Transfer

92 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
devglobal.xinxuanzhenpin.com/ 86 KB
22 KB 1613ms
740ms Document
text/html 8.133.194.41
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL

https://devglobal.xinxuanzhenpin.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.133.194.41 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

3066b8db690a2fa5084e7077263c385e2079b1989f161211dc1a8c39e50cc663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy-Report-Only: font-src data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Jul 2024 11:24:27 GMT
Expires: Wed, 05 Jul 2023 06:47:57 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.svg
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/ 3 KB
3 KB 211ms
210ms Image
image/svg+xml 8.133.194.41
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logo.svg

Requested by

Host: devglobal.xinxuanzhenpin.com
URL: https://devglobal.xinxuanzhenpin.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.133.194.41 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

475802917de9688bc9da07ef627ffd1b26ba2571e12688bbc72f963c328995c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://devglobal.xinxuanzhenpin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Jul 2024 11:24:27 GMT
Last-Modified: Wed, 03 Jul 2024 06:27:56 GMT
Server: nginx
ETag: "6684ef6c-b3f"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2879
Expires: Sat, 05 Jul 2025 11:24:27 GMT

GET
H/1.1 200
OK logow.svg
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/ 3 KB
3 KB 422ms
209ms Image
image/svg+xml 8.133.194.41
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logow.svg

Requested by

Host: devglobal.xinxuanzhenpin.com
URL: https://devglobal.xinxuanzhenpin.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.133.194.41 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

d62d00935353a107920d9c49da21611b459b72ee135ccc091db7e5c4e9edf0a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://devglobal.xinxuanzhenpin.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Jul 2024 11:24:28 GMT
Last-Modified: Wed, 03 Jul 2024 06:27:56 GMT
Server: nginx
ETag: "6684ef6c-bc9"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3017
Expires: Sat, 05 Jul 2025 11:24:28 GMT

GET common.css
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/ 0
0

GET styles.css
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/ 0
0

GET footer.css
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/ 0
0

GET index.css
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/ 0
0

GET require.js
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs/ 0
0

GET mixins.js
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/mage/requirejs/ 0
0

GET requirejs-config.js
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/ 0
0

GET icomoon.woff2
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/ 0
0

GET SpartanMB-SemiBold.woff2
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/ 0
0

GET Moderat-Light.woff2
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/ 0
0

GET DomaineDisp-Regular.woff2
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/ 0
0

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8b6a41e6d0b857de0152e13c2a65410c66d372717a7d09918c37c63365615f3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET favicon.ico
devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/common.css

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/styles.css

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/footer.css

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/index.css

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs/require.js

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/mage/requirejs/mixins.js

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs-config.js

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/icomoon.woff2

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/SpartanMB-SemiBold.woff2

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/Moderat-Light.woff2

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/DomaineDisp-Regular.woff2

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico

Domain: devglobal.xinxuanzhenpin.com
URL: http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.devglobal.xinxuanzhenpin.com/	1970-01-20 21:49:38	Name: PHPSESSID Value: inle6p62j19f1fg1im3k4l3luo

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure element 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure element 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logow.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 15) Message: [Report Only] Refused to load the stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/common.css' because it violates the following Content Security Policy directive: "style-src *.adobe.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 15) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/common.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 16) Message: [Report Only] Refused to load the stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/styles.css' because it violates the following Content Security Policy directive: "style-src *.adobe.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 16) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/styles.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 17) Message: [Report Only] Refused to load the stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/footer.css' because it violates the following Content Security Policy directive: "style-src *.adobe.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 17) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/footer.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 18) Message: [Report Only] Refused to load the stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/index.css' because it violates the following Content Security Policy directive: "style-src *.adobe.com unsafe-inline assets.braintreegateway.com 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 18) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/css/index.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 19) Message: [Report Only] Refused to load the image 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico' because it violates the following Content Security Policy directive: "img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .paypal.com data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 20) Message: [Report Only] Refused to load the image 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico' because it violates the following Content Security Policy directive: "img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .paypal.com data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: [Report Only] Refused to load the script 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs/require.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com .adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .newrelic.com .nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com .paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure script 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs/require.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: [Report Only] Refused to load the script 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/mage/requirejs/mixins.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com .adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .newrelic.com .nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com .paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure script 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/mage/requirejs/mixins.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: [Report Only] Refused to load the script 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs-config.js' because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com .adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .newrelic.com .nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com .paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure script 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/requirejs-config.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 24) Message: [Report Only] Refused to load the font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/icomoon.woff2' because it violates the following Content Security Policy directive: "font-src data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 24) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/icomoon.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 25) Message: [Report Only] Refused to load the font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/SpartanMB-SemiBold.woff2' because it violates the following Content Security Policy directive: "font-src data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 25) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/SpartanMB-SemiBold.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 26) Message: [Report Only] Refused to load the font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/Moderat-Light.woff2' because it violates the following Content Security Policy directive: "font-src data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 26) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/Moderat-Light.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 27) Message: [Report Only] Refused to load the font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/DomaineDisp-Regular.woff2' because it violates the following Content Security Policy directive: "font-src data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 27) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure font 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/fonts/DomaineDisp-Regular.woff2'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://devglobal.xinxuanzhenpin.com/(Line 814) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://devglobal.xinxuanzhenpin.com/catalogsearch/result/'. This endpoint should be made available over a secure connection.
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 1062) Message: [Report Only] Refused to load the image 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logo.svg' because it violates the following Content Security Policy directive: "img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .paypal.com data: 'self' 'unsafe-inline'".
security	warning	URL: https://devglobal.xinxuanzhenpin.com/(Line 1062) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure element 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://devglobal.xinxuanzhenpin.com/(Line 1421) Message: [Report Only] Refused to load the image 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logow.svg' because it violates the following Content Security Policy directive: "img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .paypal.com data: 'self' 'unsafe-inline'".
security	warning	URL: https://devglobal.xinxuanzhenpin.com/(Line 1421) Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure element 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/images/logow.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://devglobal.xinxuanzhenpin.com/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://devglobal.xinxuanzhenpin.com/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://devglobal.xinxuanzhenpin.com/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: [Report Only] Refused to load the image 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico' because it violates the following Content Security Policy directive: "img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .paypal.com data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure favicon 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: [Report Only] Refused to load the image 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico' because it violates the following Content Security Policy directive: "img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com validator.swagger.io www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .paypal.com data: 'self' 'unsafe-inline'".
security	error	URL: https://devglobal.xinxuanzhenpin.com/ Message: Mixed Content: The page at 'https://devglobal.xinxuanzhenpin.com/' was loaded over HTTPS, but requested an insecure favicon 'http://devglobal.xinxuanzhenpin.com/static/version1719974029/frontend/Yks/tree/en_US/Magento_Theme/favicon.ico'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

devglobal.xinxuanzhenpin.com
devglobal.xinxuanzhenpin.com
8.133.194.41
3066b8db690a2fa5084e7077263c385e2079b1989f161211dc1a8c39e50cc663
475802917de9688bc9da07ef627ffd1b26ba2571e12688bbc72f963c328995c0
d62d00935353a107920d9c49da21611b459b72ee135ccc091db7e5c4e9edf0a2
f8b6a41e6d0b857de0152e13c2a65410c66d372717a7d09918c37c63365615f3

devglobal.xinxuanzhenpin.com Open in urlscan Pro 8.133.194.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

28 kBTransfer

92 kBSize

1 Cookies

2 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

38 Console Messages

Security Headers

Indicators

devglobal.xinxuanzhenpin.com Open in urlscan Pro
8.133.194.41 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

28 kB
Transfer

92 kB
Size

1
Cookies

16 HTTP transactions
1 data transactions