urlscan.io logo urlscan.io
SecurityTrails logo

c.xiumi.us Open in urlscan Pro
79.133.177.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv...
Effective URL: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium...
Submission: On May 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 3 domains to perform 12 HTTP transactions. The main IP is 79.133.177.226, located in Russian Federation and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is c.xiumi.us.
TLS certificate: Issued by DNSPod RSA DV on October 19th 2022. Valid for: a year.
This is the only time c.xiumi.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
2 79.133.177.226 24429 (TAOBAO Zh...)
6 43.152.28.37 139341 (ACE-AS-AP...)
1 43.152.28.33 139341 (ACE-AS-AP...)
2 3.75.160.134 16509 (AMAZON-02)
12 6
2    2606:2c40::c73c:671e (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.auvesy.com
2    79.133.177.226 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
c.xiumi.us
6    43.152.28.37 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
stc.xiumi.us
sd.xiumi.us
1    43.152.28.33 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
res.wx.qq.com
2    3.75.160.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-160-134.eu-central-1.compute.amazonaws.com
img.xiumi.us
Apex Domain
Subdomains		 Transfer
10 xiumi.us
c.xiumi.us
stc.xiumi.us
sd.xiumi.us
img.xiumi.us
942 KB
2 auvesy.com
info.auvesy.com
4 KB
1 qq.com
res.wx.qq.com — Cisco Umbrella Rank: 16446
5 KB
12 3
Domain Requested by
5 stc.xiumi.us c.xiumi.us
stc.xiumi.us
2 img.xiumi.us
2 c.xiumi.us info.auvesy.com
stc.xiumi.us
2 info.auvesy.com 1 redirects
1 sd.xiumi.us stc.xiumi.us
1 res.wx.qq.com c.xiumi.us
12 6

This site contains links to these domains. Also see Links.

Domain
xiumi.us
Subject Issuer Validity Valid
info.auvesy.com
GTS CA 1P5		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.xiumi.us
DNSPod RSA DV		 2022-10-19 -
2023-10-19		 a year crt.sh
weixin.qq.com
DigiCert Secure Site CN CA G3		 2022-07-05 -
2023-08-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Frame ID: D7A3CCA240B332E7724DE73FD2979003
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AUVESY Kontaktformular

Page URL History Show full URLs

  1. https://info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-... Page URL
  2. https://info.auvesy.com/events/public/v1/encoded/track/tc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2... HTTP 307
    https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20... Page URL

Page Statistics

12
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

6
Subdomains

6
IPs

4
Countries

950 kB
Transfer

3217 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK81W4lDkxR4rxzMKW3bHKgM6DvH0YW5j9sYD3pDSfrW48TqhK6hzRj4W6mnGwJ2tGqMJN1RG1Dp4B2JFW40Pps52qvz8SW70czfr2Vx0MnW7pw3V75DyzDgW7yfQ4m1sVlY_W3XzMbD8yfKw0W8YTt9_25mQhZW3-CCyN89KK-MW65wHmn7Ph2b6W7mPG-q21R4V_W1cm0Sv6zS6xQVzpPyR5GLQFnW2S0-XV6QrtXkW2GxPgY2nbl2LW3BjBKt8fw30zW61D2Vn7Yq-CN3ph51 Page URL
  2. https://info.auvesy.com/events/public/v1/encoded/track/tc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK81W4lDkxR4rxzMKW3bHKgM6DvH0YW5j9sYD3pDSfrW48TqhK6hzRj4W6mnGwJ2tGqMJN1RG1Dp4B2JFW40Pps52qvz8SW70czfr2Vx0MnW7pw3V75DyzDgW7yfQ4m1sVlY_W3XzMbD8yfKw0W8YTt9_25mQhZW3-CCyN89KK-MW65wHmn7Ph2b6W7mPG-q21R4V_W1cm0Sv6zS6xQVzpPyR5GLQFnW2S0-XV6QrtXkW2GxPgY2nbl2LW3BjBKt8fw30zW61D2Vn7Yq-CN3ph51?_ud=4733e41f-52f1-4314-9294-ff8f6f5cfb62&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK81W4lDkxR4rxzMKW3bHKgM6DvH0YW5j9sYD3pDSfrW48TqhK6hzRj4W6mnGwJ2tGqMJN1RG1Dp4...
info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK81W4lDkxR4rxzMKW3bHKgM6DvH0YW5j9sYD3pDSfrW48TqhK6hzRj4W6mnGwJ2tGqMJN1RG1Dp4B2JFW40Pps52qvz8SW70czfr2Vx0MnW7pw3V75DyzDgW7yfQ4m1sVlY_W3XzMbD8yfKw0W8YTt9_25mQhZW3-CCyN89KK-MW65wHmn7Ph2b6W7mPG-q21R4V_W1cm0Sv6zS6xQVzpPyR5GLQFnW2S0-XV6QrtXkW2GxPgY2nbl2LW3BjBKt8fw30zW61D2Vn7Yq-CN3ph51
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7c1837082fdc3a9d-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Wed, 03 May 2023 11:37:57 GMT
last-modified
Wed, 03 May 2023 11:37:57 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQHcDVhnsdRK%2BlUtF6SFU193w9Mqk0vTmh3Me6OzP2z%2F87IQzDadMvEXNlRMtLjVCKR%2BLR4KSCiM39G%2FdKyNnrENID18rmEbgaRI2E4Vu4bbqpZEYCDc%2Fhrbm5m6CoBtkdekHEu0ncSckEqMug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
6
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-bfbdbbbf5-slx9b
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
8d4a84ce-a10e-4b2f-80d6-5323fdcfe355
x-request-id
38922e8a-4a23-4d1d-a4cd-b8b406c63722
x-robots-tag
none
Primary Request 220329452
c.xiumi.us/stage/v5/2GAyh/
Redirect Chain
  • https://info.auvesy.com/events/public/v1/encoded/track/tc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK8...
  • https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbaru...
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Requested by
Host: info.auvesy.com
URL: https://info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK81W4lDkxR4rxzMKW3bHKgM6DvH0YW5j9sYD3pDSfrW48TqhK6hzRj4W6mnGwJ2tGqMJN1RG1Dp4B2JFW40Pps52qvz8SW70czfr2Vx0MnW7pw3V75DyzDgW7yfQ4m1sVlY_W3XzMbD8yfKw0W8YTt9_25mQhZW3-CCyN89KK-MW65wHmn7Ph2b6W7mPG-q21R4V_W1cm0Sv6zS6xQVzpPyR5GLQFnW2S0-XV6QrtXkW2GxPgY2nbl2LW3BjBKt8fw30zW61D2Vn7Yq-CN3ph51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4489a534f8333d47476e7e1f3300d44ff8a9e0d9cfb94b145de800bce77dcbca

Request headers

Referer
https://info.auvesy.com/e3t/Ctc/OR+113/d2nHNn04/MW_jB9QhFx0W2ps-hr3-HBl2W2QY3Nh4-5lvjN70Sktw3q3n_V1-WJV7CgL59W5yTLd734tv48W11X9hN3L-2xkN5Nc02yHkdlSN1SD_xrvHltBW3rCwpT4zPK81W4lDkxR4rxzMKW3bHKgM6DvH0YW5j9sYD3pDSfrW48TqhK6hzRj4W6mnGwJ2tGqMJN1RG1Dp4B2JFW40Pps52qvz8SW70czfr2Vx0MnW7pw3V75DyzDgW7yfQ4m1sVlY_W3XzMbD8yfKw0W8YTt9_25mQhZW3-CCyN89KK-MW65wHmn7Ph2b6W7mPG-q21R4V_W1cm0Sv6zS6xQVzpPyR5GLQFnW2S0-XV6QrtXkW2GxPgY2nbl2LW3BjBKt8fw30zW61D2Vn7Yq-CN3ph51
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 03 May 2023 11:37:59 GMT
eagleid
4f85b1a116831138783613429e
etag
W/"2d77-oaZlpfxmLvwi1gMn+N58FUw/90o"
server
Tengine
timing-allow-origin
*
vary
Accept-Encoding
via
cache26.l2et15-7[29,0], cache6.l2de2[717,0], cache13.de3[718,0]
x-da-apt
adapt cache-able, header match: etag=W/"2d77-oaZlpfxmLvwi1gMn+N58FUw/90o"

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7c18370999cd3a9d-FRA
content-security-policy
upgrade-insecure-requests
date
Wed, 03 May 2023 11:37:58 GMT
link
<https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email#/>; rel="canonical"
location
https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email#/
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqVyVahAixAfzlucoXwyCWpn813l%2FqFuQ40lEnO1MkM0f455i7JYKhs9bgCXWBOfvzyL0r%2BSccSWlh0oA09BeHIGRnyKc%2B%2BlxMrLcp%2FJ2hiJBbXiNb7p1%2FuFh7giVuvYnL5gL5FG0LDQF1kRAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
24
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-bfbdbbbf5-sdcgf
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
20501703-6e64-496f-97f1-c338d4a9c658
x-request-id
374fe2d7-0ea2-4241-8011-d01122540046
x-robots-tag
none
08f11d.booklet.min.css
stc.xiumi.us/styles/app/reader/ 		1 MB
301 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stc.xiumi.us/styles/app/reader/08f11d.booklet.min.css
Requested by
Host: c.xiumi.us
URL: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.37 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
a95c4d51b1cad5a2b181afd7c14f690fae8827962582a0131dc54bcac1e84b57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.xiumi.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 09:45:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
content-length
307878
last-modified
Wed, 26 Apr 2023 09:24:26 GMT
server
nginx
etag
W/"6448edca-169206"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
12219071513062949699
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 26 May 2023 09:45:48 GMT
arrow.svg
stc.xiumi.us/images/app/reader/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.xiumi.us/images/app/reader/arrow.svg
Requested by
Host: c.xiumi.us
URL: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.37 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
2c3d8634328cde4b74273d6f8334d29661566241a311bd35c8c3697208011fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.xiumi.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 09:00:19 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 04 Apr 2023 09:49:08 GMT
server
nginx
etag
"642bf294-993"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
15900567020760070593
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
2451
expires
Fri, 26 May 2023 09:00:19 GMT
jweixin-1.3.2.js
res.wx.qq.com/open/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/open/js/jweixin-1.3.2.js
Requested by
Host: c.xiumi.us
URL: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.33 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
50c0e3c2702ae6d5d244dcb88993a7191043fd19d428e09979eb336feb20b8bc
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.xiumi.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 15 Apr 2023 06:56:14 GMT
Strict-Transport-Security
max-age=3600
Content-Encoding
gzip
X-Cache-Lookup
Cache Hit, Hit From Inner Cluster
Connection
keep-alive
X-Verify-Code
7d1d1dc209ee37d05ae3329fdbbf5ca5
Content-Length
4082
Last-Modified
Sat, 15 Apr 2023 06:50:00 GMT
Server
nginx/1.8.1
Vary
Origin
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://open.weixin.qq.com
Cache-Control
must-revalidate, max-age=31536000
X-Daa-Tunnel
hop_count=1
X-NWS-LOG-UUID
13447207465254660752
Accept-Ranges
bytes
Expires
Sun, 14 Apr 2024 06:56:14 GMT
1355ec.ng-tpl.min.js
stc.xiumi.us/views/app/reader/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.xiumi.us/views/app/reader/1355ec.ng-tpl.min.js
Requested by
Host: c.xiumi.us
URL: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.37 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
886ef7be78c5030244d380ca8a4dc75180dacfd09020e52a0664aa159d51c6ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.xiumi.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 18:12:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
content-length
4000
last-modified
Wed, 26 Apr 2023 09:24:26 GMT
server
nginx
etag
W/"6448edca-4ee6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
11894562174220797583
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 28 May 2023 18:12:59 GMT
c8ea78.main.min.js
stc.xiumi.us/scripts/app/reader/entries/booklet/ 		1 MB
418 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.xiumi.us/scripts/app/reader/entries/booklet/c8ea78.main.min.js
Requested by
Host: c.xiumi.us
URL: https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.37 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
4fee9d3d07c690af3d8983d4ac3516430f4ce3c76c1dec2ac486924ff72a0bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.xiumi.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 09:45:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
content-length
427045
last-modified
Wed, 26 Apr 2023 09:24:26 GMT
server
nginx
etag
W/"6448edca-171a4f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
10544294179285634003
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 26 May 2023 09:45:48 GMT
glyphicons-halflings-regular.woff2
stc.xiumi.us/styles/app/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.xiumi.us/styles/app/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: stc.xiumi.us
URL: https://stc.xiumi.us/styles/app/reader/08f11d.booklet.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.37 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://stc.xiumi.us/styles/app/reader/08f11d.booklet.min.css
Origin
https://c.xiumi.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 21:10:16 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 04 Apr 2023 09:49:08 GMT
server
nginx
etag
"642bf294-466c"
access-control-allow-methods
GET, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
x-nws-log-uuid
18380606029351940665
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
18028
expires
Tue, 23 May 2023 21:10:16 GMT
344cb3845ac92e96143742610499c6cc.json
sd.xiumi.us/xmi/td/Jfd6/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sd.xiumi.us/xmi/td/Jfd6/344cb3845ac92e96143742610499c6cc.json?_ver=1661157003000&origin_tag=c_xiumi_us_443
Requested by
Host: stc.xiumi.us
URL: https://stc.xiumi.us/scripts/app/reader/entries/booklet/c8ea78.main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.28.37 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
520239bf5cc0a4d2cbc5c8e1821eff831f5a3123ec6d7f0a72c3acfe7795797a

Request headers

Accept
application/json, text/plain, */*
Referer
https://c.xiumi.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 11:38:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Hit From Inner Cluster
x-cos-request-id
NjQ1MjQ3OTlfODkxNGJlMDlfZjU4Ml9jNjQ3Nzdj
content-length
4455
x-cos-hash-crc64ecma
3048072466541066231
last-modified
Mon, 22 Aug 2022 16:30:10 GMT
server
tencent-cos
etag
"5c17339eb94b4f453cbdf9db60003c30"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-nws-log-uuid
13878425612260593148
accept-ranges
bytes
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f26e5a30121cc16786803d3a5a85d8f953d49aceb1e01a7fa2264182ce0304f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
f5d774758d04d78e138116c785e3bb03-sz_190302.gif
img.xiumi.us/xmi/ua/fvHB/i/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xiumi.us/xmi/ua/fvHB/i/f5d774758d04d78e138116c785e3bb03-sz_190302.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.160.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-160-134.eu-central-1.compute.amazonaws.com
Software
NWS_Oversea_AP /
Resource Hash
32eeb44e4d712982fd7d67e344909d5fa9acdbbb78e8fb5f16890ee9106a5a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.xiumi.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 11:38:03 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Tue, 16 Mar 2021 15:01:37 GMT
server
NWS_Oversea_AP
x-cos-hash-crc64ecma
1424838117599718410
etag
"f5d774758d04d78e138116c785e3bb03"
content-type
image/gif
access-control-allow-origin
*
x-cos-request-id
NjQ0ZjE4YWFfOTc1NWI1MDlfZjJmOV81NWM1NDg0
cache-control
max-age=31536000
x-nws-log-uuid
4762f192-d45d-4ff8-9845-0158b68bd0ce
accept-ranges
bytes
content-length
190302
1df53a1f477902e392429bca885d0c27464efc51.woff
img.xiumi.us/xmi/ua/Jfd6/ff/yzk/0355c724/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img.xiumi.us/xmi/ua/Jfd6/ff/yzk/0355c724/1df53a1f477902e392429bca885d0c27464efc51.woff?origin_tag=c_xiumi_us_443
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.160.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-160-134.eu-central-1.compute.amazonaws.com
Software
tencent-cos /
Resource Hash
bfbaafc21701e86cef0c6154a0628c7e49bbb7a884599188a24821973ed5a867

Request headers

Referer
https://c.xiumi.us/
Origin
https://c.xiumi.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 11:38:03 GMT
x-cache-lookup
Cache Miss, Hit From Inner Cluster, Cache Miss, Hit From Upstream
x-cos-request-id
NjQ1MjQ3OWJfZGUzNjY4MDlfZWUyNl83MWIzMGY3
content-length
1776
x-cos-hash-crc64ecma
7419051243948259524
last-modified
Wed, 26 Apr 2023 20:24:55 GMT
server
tencent-cos
etag
"8347cb7bcd2762942521e3a1432b940d"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-daa-tunnel
hop_count=1
x-nws-log-uuid
796b979f-17ef-4f02-bbe2-a7e911d7a4a5
accept-ranges
bytes
hit
c.xiumi.us/api/statistics/shows/220329452/ 		983 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.xiumi.us/api/statistics/shows/220329452/hit
Requested by
Host: stc.xiumi.us
URL: https://stc.xiumi.us/scripts/app/reader/entries/booklet/c8ea78.main.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
df82b47c340d38655bd5ce40256b283639efd15d511275db5f5a4bcb1bdea95f

Request headers

Accept
application/json, text/plain, */*
Referer
https://c.xiumi.us/stage/v5/2GAyh/220329452?utm_campaign=Webcast%20Sleep%20Well%20at%20Night%20April2023&utm_medium=email&_hsmi=256691549&_hsenc=p2ANqtz-8l6vI7RhVRO9b4EzrCduyWvmpIJjaarbGEjh-NSXbarus7ZDy3YS-piS6yf0S0aGgSDEZ05EneObFybR_Yetr12el8Dlkz8IOTP1s3l4qkVSr3J4A&utm_content=256636356&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 03 May 2023 11:38:04 GMT
content-encoding
gzip
via
cache52.l2et15-7[28,0], cache5.l2de2[706,0], cache13.de3[708,0]
server
Tengine
etag
W/"3d7-ggxjKBVavRcYr7Jmkd6aupzVs6o"
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
timing-allow-origin
*
eagleid
4f85b1a116831138837771307e

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| injectedData object| __pre_data object| __pre_connect object| __delete_pre_data object| jWeixin object| wx object| tn_ng_tpl_box function| requirejs function| require function| define object| LZString function| $ function| jQuery object| angular function| Hammer function| TagCanvas object| __tnGlobalId undefined| tnData undefined| tnShow

2 Cookies

Domain/Path Name / Value
.info.auvesy.com/ Name: __cf_bm
Value: FdpewYJend_0Kk95DzIPprUIHnjK.JB5_qcl2DVWVUs-1683113877-0-AfCmoqKYoKArZxVGYnxn67aZgkJ7+6YZe+pnrJACHMlPVc1PxzXx4L/MeKevG/xYwmV8CSr2/jbtpQTCeDYztE8=
.info.auvesy.com/ Name: __cfruid
Value: d9bb91832638f3b7aeca3eb336211210d0f221cd-1683113877

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000