Submitted URL: https://content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6d...
Effective URL: https://siiaindustrial.com/wp-content/img/images/maint/
Submission: On October 06 via manual — Scanned from IT

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 192.185.131.139, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is siiaindustrial.com.
TLS certificate: Issued by R10 on October 4th 2024. Valid for: 3 months.
This is the only time siiaindustrial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Size: 5 MB (5622760 bytes, 67% done)
Downloaded from: https://noreply-gymnastics.top/Bin/support.ClientSetup.exe?e=Access&y=Guest&s=959da20a-5731-4843-b75b-2e4e8f1d5cf5&t=NEWSSA

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.31 209242 (CLOUDFLAR...)
2 2 170.10.162.173 32748 (STEADFAST)
1 3 192.185.131.139 19871 (NETWORK-S...)
1 142.250.74.193 15169 (GOOGLE)
1 194.59.31.199 399486 (VIRTUO)
5 4
Apex Domain
Subdomains
Transfer
3 siiaindustrial.com
siiaindustrial.com
9 KB
2 winmondhotel.com
winmondhotel.com
1 KB
2 pinehills.com
content.pinehills.com
4 KB
1 noreply-gymnastics.top
noreply-gymnastics.top
1 googleusercontent.com
ci3.googleusercontent.com — Cisco Umbrella Rank: 477
23 KB
5 5
Domain Requested by
3 siiaindustrial.com 1 redirects content.pinehills.com
2 winmondhotel.com 2 redirects
2 content.pinehills.com 1 redirects
1 noreply-gymnastics.top
1 ci3.googleusercontent.com siiaindustrial.com
5 5

This site contains no links.

Subject Issuer Validity Valid
content.pinehills.com
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
siiaindustrial.com
R10
2024-10-04 -
2025-01-02
3 months crt.sh
*.googleusercontent.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
noreply-gymnastics.top
ZeroSSL RSA Domain Secure Site CA
2024-09-22 -
2024-12-21
3 months crt.sh

This page contains 1 frames:

Frame: https://noreply-gymnastics.top/Bin/support.ClientSetup.exe?e=Access&y=Guest&s=959da20a-5731-4843-b75b-2e4e8f1d5cf5&t=NEWSSA
Frame ID: 8DB0EF46DFA0AF6138B8CBB2CACCBAD7
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1... Page URL
  2. https://content.pinehills.com/events/public/v1/encoded/track/tc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3h... HTTP 307
    https://winmondhotel.com/wp-includes/css/dist/.downloading?utm_medium=email&_hsenc=p2ANqtz-_fpivmhc_b... HTTP 301
    https://winmondhotel.com/wp-includes/css/dist/.downloading/?utm_medium=email&_hsenc=p2ANqtz-_fpivmhc_... HTTP 302
    https://siiaindustrial.com/wp-content/img/images/maint HTTP 301
    https://siiaindustrial.com/wp-content/img/images/maint/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

36 kB
Transfer

52 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG9L1jP_gSW1cG8598xRxWNW3jz2Fl1vhqnzN9b-05h_TVBRW3t3TCS7XmRrTW8rTWdH3XY-F8W7WVXp052284MW6shSZr4HP2gHW3mSnf91nSfrBW14LGqy94n6PmW2QjFhY8jX368W3cQ3nJ1RlwY3W21qWRG2zkrSLW4X62D98q4n9bW6Smnr_4xQz5xVVmhVn6rgRYCW7D8BZ8340TwqW3BXCdy8TT0XZf6LRlQq04 Page URL
  2. https://content.pinehills.com/events/public/v1/encoded/track/tc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG9L1jP_gSW1cG8598xRxWNW3jz2Fl1vhqnzN9b-05h_TVBRW3t3TCS7XmRrTW8rTWdH3XY-F8W7WVXp052284MW6shSZr4HP2gHW3mSnf91nSfrBW14LGqy94n6PmW2QjFhY8jX368W3cQ3nJ1RlwY3W21qWRG2zkrSLW4X62D98q4n9bW6Smnr_4xQz5xVVmhVn6rgRYCW7D8BZ8340TwqW3BXCdy8TT0XZf6LRlQq04?_ud=2c113e0f-de5d-4120-8ef9-a64de9a2ebaa&_jss=1&_fl=8&_pl=5&_hc=12&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1600,1200 HTTP 307
    https://winmondhotel.com/wp-includes/css/dist/.downloading?utm_medium=email&_hsenc=p2ANqtz-_fpivmhc_b0FSxTiCD30me5kbbeV9_pbEhbSUE--0zTngy-RotS5KplgS-QWLBgkXAMXiWoccD3fRxLMCiB13o2PAjcw&_hsmi=327850625&utm_content=327850625&utm_source=hs_email HTTP 301
    https://winmondhotel.com/wp-includes/css/dist/.downloading/?utm_medium=email&_hsenc=p2ANqtz-_fpivmhc_b0FSxTiCD30me5kbbeV9_pbEhbSUE--0zTngy-RotS5KplgS-QWLBgkXAMXiWoccD3fRxLMCiB13o2PAjcw&_hsmi=327850625&utm_content=327850625&utm_source=hs_email HTTP 302
    https://siiaindustrial.com/wp-content/img/images/maint HTTP 301
    https://siiaindustrial.com/wp-content/img/images/maint/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG9L1jP_gSW1cG8598xRxWNW3jz2Fl1vhqnzN9b-05h_TVBRW3t3TCS7XmRrTW8rTWdH3XY-F8W7WVXp0...
content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/
8 KB
3 KB
Document
General
Full URL
https://content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG9L1jP_gSW1cG8598xRxWNW3jz2Fl1vhqnzN9b-05h_TVBRW3t3TCS7XmRrTW8rTWdH3XY-F8W7WVXp052284MW6shSZr4HP2gHW3mSnf91nSfrBW14LGqy94n6PmW2QjFhY8jX368W3cQ3nJ1RlwY3W21qWRG2zkrSLW4X62D98q4n9bW6Smnr_4xQz5xVVmhVn6rgRYCW7D8BZ8340TwqW3BXCdy8TT0XZf6LRlQq04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
386b6d3f1e7d56a1f80ad2b492da34ae69701f141d9909fee3b34ce6d9d0aeb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
8ce732e60d990d55-MXP
content-encoding
br
content-type
text/html;charset=utf-8
date
Sun, 06 Oct 2024 16:58:53 GMT
last-modified
Sun, 06 Oct 2024 16:58:53 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPtNOpzG9mH77s%2FrhR28cvnNdv8I%2BsNFtn%2FwXUWatspf0V55hJzBXQ%2FN%2B71UiX0A8rb3SIU05ckvd46N9xpMJSUYgTVqUJ1C5UwML9WoHrdsq9NurpC0SqGZwfwVPcO5j0GCSzoatw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7559959cd-w9pls
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
d5e3155b-a2ce-44ca-98a0-83ffbebe636e
x-request-id
d5e3155b-a2ce-44ca-98a0-83ffbebe636e
x-robots-tag
none
Primary Request /
siiaindustrial.com/wp-content/img/images/maint/
Redirect Chain
  • https://content.pinehills.com/events/public/v1/encoded/track/tc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG...
  • https://winmondhotel.com/wp-includes/css/dist/.downloading?utm_medium=email&_hsenc=p2ANqtz-_fpivmhc_b0FSxTiCD30me5kbbeV9_pbEhbSUE--0zTngy-RotS5KplgS-QWLBgkXAMXiWoccD3fRxLMCiB13o2PAjcw&_hsmi=3278506...
  • https://winmondhotel.com/wp-includes/css/dist/.downloading/?utm_medium=email&_hsenc=p2ANqtz-_fpivmhc_b0FSxTiCD30me5kbbeV9_pbEhbSUE--0zTngy-RotS5KplgS-QWLBgkXAMXiWoccD3fRxLMCiB13o2PAjcw&_hsmi=327850...
  • https://siiaindustrial.com/wp-content/img/images/maint
  • https://siiaindustrial.com/wp-content/img/images/maint/
21 KB
9 KB
Document
General
Full URL
https://siiaindustrial.com/wp-content/img/images/maint/
Requested by
Host: content.pinehills.com
URL: https://content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG9L1jP_gSW1cG8598xRxWNW3jz2Fl1vhqnzN9b-05h_TVBRW3t3TCS7XmRrTW8rTWdH3XY-F8W7WVXp052284MW6shSZr4HP2gHW3mSnf91nSfrBW14LGqy94n6PmW2QjFhY8jX368W3cQ3nJ1RlwY3W21qWRG2zkrSLW4X62D98q4n9bW6Smnr_4xQz5xVVmhVn6rgRYCW7D8BZ8340TwqW3BXCdy8TT0XZf6LRlQq04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.131.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mx52.hostgator.mx
Software
Apache /
Resource Hash
5d7d79bad4b33bdc1960978604239fa50a74e9dffa1797bb181d2f75e42ce889

Request headers

Referer
https://content.pinehills.com/e3t/Ctc/2H*113/ccfQy04/VVt7C28K51PRN7hFxtz759ZsW3hB9jJ5lRTvfN2lhp1d3lYMRW6N1vHY6lZ3pXN4P8HW_wD6djW52HPbJ5yr4L6W7wPL6h6mKVN1W15r5JC3HGBrNW5lJG9L1jP_gSW1cG8598xRxWNW3jz2Fl1vhqnzN9b-05h_TVBRW3t3TCS7XmRrTW8rTWdH3XY-F8W7WVXp052284MW6shSZr4HP2gHW3mSnf91nSfrBW14LGqy94n6PmW2QjFhY8jX368W3cQ3nJ1RlwY3W21qWRG2zkrSLW4X62D98q4n9bW6Smnr_4xQz5xVVmhVn6rgRYCW7D8BZ8340TwqW3BXCdy8TT0XZf6LRlQq04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
9024
content-type
text/html; charset=UTF-8
date
Sun, 06 Oct 2024 16:58:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
263
content-type
text/html; charset=iso-8859-1
date
Sun, 06 Oct 2024 16:58:57 GMT
location
https://siiaindustrial.com/wp-content/img/images/maint/
server
Apache
ADKq_NZi8R4m6H8EJruwBzxCqPKVPzWCU6p8FRwtcx3ScqmC0alrzNrsKe32Pl2h3WKXSwL-bd3kecKFfZJddwmVxlPRLfISpCAutfNswBHKsELm687KIoqZs9-Ogbs9nNrClyddA1vzBISt721ohcFF82CuM-_6WGxNRw=s0-d-e1-ft
ci3.googleusercontent.com/meips/
23 KB
23 KB
Image
General
Full URL
https://ci3.googleusercontent.com/meips/ADKq_NZi8R4m6H8EJruwBzxCqPKVPzWCU6p8FRwtcx3ScqmC0alrzNrsKe32Pl2h3WKXSwL-bd3kecKFfZJddwmVxlPRLfISpCAutfNswBHKsELm687KIoqZs9-Ogbs9nNrClyddA1vzBISt721ohcFF82CuM-_6WGxNRw=s0-d-e1-ft
Requested by
Host: siiaindustrial.com
URL: https://siiaindustrial.com/wp-content/img/images/maint/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
fife /
Resource Hash
80b8d085e9ce86086b04e79ccb31232a4619edb3c37885affd82cbf40c004513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://siiaindustrial.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
private, max-age=86400, no-transform, must-revalidate
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23447
date
Sun, 06 Oct 2024 16:58:58 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
attachment;filename="unnamed.png"
support.ClientSetup.exe
noreply-gymnastics.top/Bin/
0
0
Document
General
Full URL
https://noreply-gymnastics.top/Bin/support.ClientSetup.exe?e=Access&y=Guest&s=959da20a-5731-4843-b75b-2e4e8f1d5cf5&t=NEWSSA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.59.31.199 , Bulgaria, ASN399486 (VIRTUO, CA),
Reverse DNS
Software
ScreenConnect/24.2.10.8991-2537422459 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://siiaindustrial.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private
content-length
5622760
content-type
application/octet-stream
date
Sun, 06 Oct 2024 16:58:59 GMT
server
ScreenConnect/24.2.10.8991-2537422459 Microsoft-HTTPAPI/2.0
favicon.ico
siiaindustrial.com/themes/custom/ssa_core/
0
43 B
Other
General
Full URL
https://siiaindustrial.com/themes/custom/ssa_core/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.131.139 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mx52.hostgator.mx
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://siiaindustrial.com/wp-content/img/images/maint/

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
pragma
no-cache
date
Sun, 06 Oct 2024 16:58:58 GMT
content-type
text/html; charset=UTF-8
server
Apache

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.content.pinehills.com/ Name: __cf_bm
Value: hgUyR2KnrNmmndffQNG0h1RsqeiUlzqPf5RWr4PSxK8-1728233933-1.0.1.1-o2sL0uvW3awcaY8F2e6010RwlrKIOmpdpxWr4ERmLs65tkj2UhB7osHwrYrsvL.tJ9PWxhBOYKytTD_dfgas7g
.content.pinehills.com/ Name: __cfruid
Value: a9299404b1e73b33bd3e7958b92d6752f126efb9-1728233933
siiaindustrial.com/ Name: PHPSESSID
Value: 835889137f5c14d3c1be42a586c94a0a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff