urlscan.io logo urlscan.io
SecurityTrails logo

hrsaas.billjc.com Open in urlscan Pro
27.17.34.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://weixin.billjc.com/
Effective URL: http://hrsaas.billjc.com/login
Submission: On June 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 27.17.34.234, located in Wujiashan, China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is hrsaas.billjc.com.
This is the only time hrsaas.billjc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 220.249.72.235 4837 (CHINA169-...)
7 27.17.34.234 4134 (CHINANET-...)
7 1
Apex Domain
Subdomains		 Transfer
8 billjc.com
weixin.billjc.com
hrsaas.billjc.com
154 KB
7 1
Domain Requested by
7 hrsaas.billjc.com hrsaas.billjc.com
1 weixin.billjc.com 1 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://hrsaas.billjc.com/login
Frame ID: 22AB04B53B63B88FCE0B3E970D5E827F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://weixin.billjc.com/ HTTP 302
    http://hrsaas.billjc.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

154 kB
Transfer

151 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://weixin.billjc.com/ HTTP 302
    http://hrsaas.billjc.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
hrsaas.billjc.com/
Redirect Chain
  • https://weixin.billjc.com/
  • http://hrsaas.billjc.com/login
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
41300e8e4ddcc15e05c28256e1f996819ba4cbe80e8f4e4df3c2e458d2137414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
hrsaas.billjc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Jun 2021 07:13:43 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Server
openresty/1.15.8.1
Vary
Accept-Encoding
Set-Cookie
JSESSIONID=DE9FB99BAA20C359A291C93A34C4573C; Path=/; HttpOnly
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache no-cache
Expires
0
Content-Language
en-US

Redirect headers

Server
nginx/1.18.0
Date
Wed, 16 Jun 2021 07:13:42 GMT
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=120
Set-Cookie
JSESSIONID=40ACC17237E15020E537DBF7FF55121A; Path=/; HttpOnly
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Location
http://hrsaas.billjc.com/login
jsencrypt.min.js
hrsaas.billjc.com/src/js/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hrsaas.billjc.com/src/js/jsencrypt.min.js
Requested by
Host: hrsaas.billjc.com
URL: http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
3677978874c105ef875b12bc95aef81b896454117fc4cb2a77fc61ae4567b09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hrsaas.billjc.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://hrsaas.billjc.com/login
Cookie
JSESSIONID=DE9FB99BAA20C359A291C93A34C4573C
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hrsaas.billjc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 07:13:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Apr 2021 03:32:36 GMT
Server
openresty/1.15.8.1
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
57946
X-XSS-Protection
1; mode=block
jquery-3.4.1.min.js
hrsaas.billjc.com/src/js/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hrsaas.billjc.com/src/js/jquery-3.4.1.min.js
Requested by
Host: hrsaas.billjc.com
URL: http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hrsaas.billjc.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://hrsaas.billjc.com/login
Cookie
JSESSIONID=DE9FB99BAA20C359A291C93A34C4573C
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hrsaas.billjc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 07:13:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Apr 2021 03:32:36 GMT
Server
openresty/1.15.8.1
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
88145
X-XSS-Protection
1; mode=block
Cookie set checkcode.jpg
hrsaas.billjc.com/login/ 		298 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hrsaas.billjc.com/login/checkcode.jpg
Requested by
Host: hrsaas.billjc.com
URL: http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
7d504f9d838b0bf4a0c26a542f3e93f928405fb3946998edff2f9308217417d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hrsaas.billjc.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://hrsaas.billjc.com/login
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hrsaas.billjc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 07:13:44 GMT
X-Content-Type-Options
nosniff
Server
openresty/1.15.8.1
Content-Type
image/png
Set-Cookie
JSESSIONID=88E33ADD71D8312DB977DF6F7DAA052B; Path=/; HttpOnly
Cache-Control
max-age=0
Connection
keep-alive
Keep-Alive
timeout=120
Content-Length
298
X-XSS-Protection
1; mode=block
Cookie set bg-1.png
hrsaas.billjc.com/src/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hrsaas.billjc.com/src/images/bg-1.png
Requested by
Host: hrsaas.billjc.com
URL: http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
21b4b7909f6bce8c365374d3549b93ce882c6ed3caa60db4a6e2b5ba6c723d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hrsaas.billjc.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://hrsaas.billjc.com/login
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hrsaas.billjc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 07:13:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Apr 2021 03:32:36 GMT
Server
openresty/1.15.8.1
Content-Type
image/png
Set-Cookie
JSESSIONID=C3C34E6663DCDC26F92173B4C0937F4E; Path=/; HttpOnly
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
1248
X-XSS-Protection
1; mode=block
Cookie set bg-2.png
hrsaas.billjc.com/src/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hrsaas.billjc.com/src/images/bg-2.png
Requested by
Host: hrsaas.billjc.com
URL: http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
9ebe160b34f2ca3570ea6a0e55799debd65b0d28a29b556de86789679273e511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hrsaas.billjc.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://hrsaas.billjc.com/login
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hrsaas.billjc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 07:13:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Apr 2021 03:32:36 GMT
Server
openresty/1.15.8.1
Content-Type
image/png
Set-Cookie
JSESSIONID=540BE19F3C0E1FCD8083296D39C55AC6; Path=/; HttpOnly
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
1318
X-XSS-Protection
1; mode=block
Cookie set bg-3.png
hrsaas.billjc.com/src/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hrsaas.billjc.com/src/images/bg-3.png
Requested by
Host: hrsaas.billjc.com
URL: http://hrsaas.billjc.com/login
Protocol
HTTP/1.1
Server
27.17.34.234 Wujiashan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
bill-jc.com
Software
openresty/1.15.8.1 /
Resource Hash
c2708e2e971ef6af9b03eed08af2e3a9b2f9e24c1c0da839370d4c57263983ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hrsaas.billjc.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://hrsaas.billjc.com/login
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hrsaas.billjc.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Jun 2021 07:13:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Apr 2021 03:32:36 GMT
Server
openresty/1.15.8.1
Content-Type
image/png
Set-Cookie
JSESSIONID=7F65AC97E335BD837FA101B358515977; Path=/; HttpOnly
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
1509
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| JSEncryptExports function| JSEncrypt string| publicKey object| KJUR object| Hex object| Base64 function| ASN1 function| $ function| jQuery function| changePwd function| encrypt

1 Cookies

Domain/Path Name / Value
hrsaas.billjc.com/ Name: JSESSIONID
Value: 540BE19F3C0E1FCD8083296D39C55AC6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block