eskrimokulu.com Open in urlscan Pro
104.140.65.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://eskrimokulu.com/wp-admin/js/dv.exe
Submission Tags: falconsandbox
Submission: On May 02 via api (May 2nd 2022, 8:33:04 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.140.65.72, located in United States and belongs to AS62904, US. The main domain is eskrimokulu.com.

This is the only time eskrimokulu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	104.140.65.72 104.140.65.72	62904 (AS62904) (AS62904)
1	154.212.112.82 154.212.112.82	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
15	154.208.77.212 154.208.77.212	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
28	5

5 104.140.65.72 (United States) 2 redirects

ASN62904 (AS62904, US)
PTR: gavirtualschool.biz

eskrimokulu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.eskrimokulu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.212.112.82 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.bill8888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 154.208.77.212 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.bill2021.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	bill2021.com www.bill2021.com	902 KB
5	eskrimokulu.com 2 redirects eskrimokulu.com www.eskrimokulu.com	4 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8060	23 KB
1	bill8888.com www.bill8888.com	2 KB
28	4

	Domain	Requested by
15	www.bill2021.com	www.bill8888.com www.bill2021.com
4	hm.baidu.com	eskrimokulu.com
3	eskrimokulu.com	2 redirects
2	www.eskrimokulu.com	eskrimokulu.com
1	www.bill8888.com	eskrimokulu.com
28	5

This site contains no links.

Subject Issuer	Validity	Valid
bill8888.com TrustAsia RSA DV TLS CA G2	`2022-03-04` - `2023-03-04`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh
bill2021.com TrustAsia RSA DV TLS CA G2	`2022-03-04` - `2023-03-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://eskrimokulu.com/wp-admin/js/dv.exe
Frame ID: BF2815AC62D654E49B55D0F2BD705559
Requests: 8 HTTP requests in this frame

Frame: https://www.bill2021.com/dan/indexman.html
Frame ID: ABADB0ADA132652F90E059C4ACC4F50E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新万博体育赛事h|首頁欢迎您

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

71 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

930 kB
Transfer

2217 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://eskrimokulu.com/jquery.20.min.js HTTP 301
http://www.eskrimokulu.com/jquery.20.min.js

Request Chain 1

http://eskrimokulu.com/jquery.la.min.js HTTP 301
http://www.eskrimokulu.com/jquery.la.min.js

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request dv.exe Show response
eskrimokulu.com/wp-admin/js/ 769 B
788 B 562ms
134ms Document
text/html 104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx / PHP/5.4.41
Resource Hash: 502efd56d82c24512f817dc765d74fbbcdc067e4839b6cd61cd9cc00e9d7d0f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 02 May 2022 20:32:55 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41

GET
H/1.1

200
OK

jquery.20.min.js Show response
www.eskrimokulu.com/
Redirect Chain

http://eskrimokulu.com/jquery.20.min.js
http://www.eskrimokulu.com/jquery.20.min.js

3 KB
2 KB

651ms
90ms

Script
application/javascript

104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eskrimokulu.com/jquery.20.min.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx /
Resource Hash: 0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:32:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 05:39:40 GMT
Server: nginx
ETag: W/"623d559c-b6c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 May 2022 21:32:56 GMT

Redirect headers

Location: http://www.eskrimokulu.com/jquery.20.min.js
Date: Mon, 02 May 2022 20:32:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

jquery.la.min.js Show response
www.eskrimokulu.com/
Redirect Chain

http://eskrimokulu.com/jquery.la.min.js
http://www.eskrimokulu.com/jquery.la.min.js

518 B
831 B

563ms
94ms

Script
application/javascript

104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eskrimokulu.com/jquery.la.min.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx /
Resource Hash: 939ed64af3e6fb900d848c596fd14559c74bd3718aa10a0cb1334445af58b636

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:32:56 GMT
Last-Modified: Fri, 25 Mar 2022 05:39:40 GMT
Server: nginx
ETag: "623d559c-206"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 518
Expires: Mon, 02 May 2022 21:32:56 GMT

Redirect headers

Location: http://www.eskrimokulu.com/jquery.la.min.js
Date: Mon, 02 May 2022 20:32:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK pp.js Show response
www.bill8888.com/bb/ 6 KB
2 KB 2395ms
190ms Script
application/javascript 154.212.112.82
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill8888.com/bb/pp.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.20.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.212.112.82 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 020ddbd3d7d8d430fc0aa91f2ac999f1077e6f973a3db85c2b56539a5acd38c3

Request headers

Referer: http://eskrimokulu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 02 May 2022 20:32:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2022 03:06:19 GMT
Server: nginx
ETag: W/"624bb22b-1743"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1397ms
427ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5ec82f25bf4bb9f0c3cc8249dce555ae

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.la.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

849d7e6036d9298837cfc1a37cc436b3df9821e3f5ab69b98a29ca0ae11883fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:00 GMT
Content-Encoding: gzip
Server: apache
Etag: bbb831678d8a3a42a75f4ef4bdd53839
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11007

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1395ms
420ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?51411cde22356526d39dd27dba651ebe

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.la.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

823e0a924da2fa5a3fbddedd259377ba2b000cc6508ef0b152b8b1782fe37cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 6b3457dc684ccc74c182310f812bb0ff
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11011

GET
H/1.1 200
OK indexman.html Show response
www.bill2021.com/dan/ Frame ABAD 3 KB
2 KB 2840ms
188ms Document
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/indexman.html
Requested by: Host: www.bill8888.com
URL: https://www.bill8888.com/bb/pp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 2825e6ecfada595020d730def75dbf7840501bc6f9e9275ba545e13ab233cf0d

Request headers

Referer: http://eskrimokulu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 02 May 2022 20:33:01 GMT
ETag: W/"61c6da25-dde"
Last-Modified: Sat, 25 Dec 2021 08:45:25 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 426ms
426ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1821433068&si=51411cde22356526d39dd27dba651ebe&v=1.2.92&lv=1&sn=41581&r=0&ww=1600&ct=!!&u=http%3A%2F%2Feskrimokulu.com%2Fwp-admin%2Fjs%2Fdv.exe&tt=%E6%96%B0%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E8%B5%9B%E4%BA%8Bh%7C%E9%A6%96%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 20:33:00 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 409ms
409ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1811177868&si=5ec82f25bf4bb9f0c3cc8249dce555ae&v=1.2.92&lv=1&sn=41581&r=0&ww=1600&ct=!!&u=http%3A%2F%2Feskrimokulu.com%2Fwp-admin%2Fjs%2Fdv.exe&tt=%E6%96%B0%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E8%B5%9B%E4%BA%8Bh%7C%E9%A6%96%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 20:33:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 404
Not Found zhongguomeng.js.js
www.bill2021.com/js/ Frame ABAD 0
0 192ms
191ms Script
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/js/zhongguomeng.js.js
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 404
Not Found index.css
www.bill2021.com/css/ Frame ABAD 0
0 194ms
192ms Stylesheet
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/css/index.css
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK zhongguomeng.js Show response
www.bill2021.com/dan/js/ Frame ABAD 815 B
1 KB 379ms
185ms Script
application/javascript 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/js/zhongguomeng.js
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 09d927e0259c1fd455d4a5fe8483d4788204e85650cd3328989fc256781d41c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Mon, 02 May 2022 07:13:43 GMT
Server: nginx
ETag: "626f84a7-32f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 815

GET
H/1.1 200
OK index.css
www.bill2021.com/dan/ Frame ABAD 1 KB
787 B 379ms
187ms Stylesheet
text/css 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/index.css
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 44c3c93ac377b7bd4c66758d704b8def64dd16bd38609eebae0dd034fb2aec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: W/"61c5a026-450"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ty-wanbo300.jpg
www.bill2021.com/dan/pkPhoto/ Frame ABAD 400 KB
0 374ms
374ms Image
image/jpeg 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/ty-wanbo300.jpg
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: "61c5a026-b679a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 747418

GET
H/1.1 200
OK tyc88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 239 KB
239 KB 373ms
373ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/tyc88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 948ddb11b3c6c28622e03bc58daeebe0d373236d43a3ced3265b3fe6eb9bc95c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:39 GMT
Server: nginx
ETag: "61c5a023-3bb16"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 244502

GET
H/1.1 200
OK 365bet88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 213 KB
213 KB 373ms
373ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/365bet88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 1406bfcbfd8ff8f6c72e60e58e06894fc13b2f814aa23a5d0a38eba99fedc6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:38 GMT
Server: nginx
ETag: "61c5a022-354f9"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 218361

GET js88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 0
0

GET
H/1.1 200
OK xpj88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 416 KB
0 1305ms
191ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/xpj88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:03 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:37 GMT
Server: nginx
ETag: "61c5a021-91960"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 596320

GET
H/1.1 200
OK yl88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 16 KB
0 1310ms
192ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/yl88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:03 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:37 GMT
Server: nginx
ETag: "61c5a021-415ca"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 267722

GET
H/1.1 200
OK amdcpc.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 272 KB
272 KB 386ms
384ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/amdcpc.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 94cf5d84e80dc1006762bb51fe0a2ae9cd9a9a608eb4d60f25bbfb4e9959dbf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:59 GMT
Server: nginx
ETag: "61c5a037-43f21"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 278305

GET
H/1.1 200
OK ledong100.png
www.bill2021.com/dan/pkPhoto/ Frame ABAD 192 KB
0 761ms
380ms Image
image/png 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/ledong100.png
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: "61c5a026-36334"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 222004

GET
H/1.1 200
OK vns88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 173 KB
173 KB 1111ms
186ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/vns88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: e3461a38cba8e8b063619522d87e8886ac75bec436bc12e0d2f9ca69bb987ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:03 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:39 GMT
Server: nginx
ETag: "61c5a023-2b465"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177253

GET
H/1.1 200
OK xintyc88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 224 KB
0 759ms
381ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/xintyc88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:02 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:40 GMT
Server: nginx
ETag: "61c5a024-68265"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 426597

GET xinyl88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 0
0

GET by88888.gif
www.bill2021.com/dan/pkPhoto/ Frame ABAD 0
0

GET ty-yaobo.png
www.bill2021.com/dan/pkPhoto/ Frame ABAD 0
0

GET weibu.jpg
www.bill2021.com/dan/pkPhoto/ Frame ABAD 0
0

GET
H/1.1 404
Not Found bg1111.jpg
www.bill2021.com/dan/img/ Frame ABAD 564 B
564 B 1110ms
185ms Image
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/img/bg1111.jpg
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 20:33:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/js88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/xinyl88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/by88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/ty-yaobo.png

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/weibu.jpg

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 3778ADD562C627E3
.eskrimokulu.com/	1970-01-20 11:30:59	Name: Hm_lvt_51411cde22356526d39dd27dba651ebe Value: 1651523581
.eskrimokulu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_51411cde22356526d39dd27dba651ebe Value: 1651523581
.eskrimokulu.com/	1970-01-20 11:30:59	Name: Hm_lvt_5ec82f25bf4bb9f0c3cc8249dce555ae Value: 1651523581
.eskrimokulu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_5ec82f25bf4bb9f0c3cc8249dce555ae Value: 1651523581

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://eskrimokulu.com/jquery.20.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bill8888.com/bb/pp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eskrimokulu.com/jquery.20.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bill8888.com/bb/pp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.bill2021.com/js/zhongguomeng.js.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.bill2021.com/css/index.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.bill2021.com/dan/img/bg1111.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eskrimokulu.com
hm.baidu.com
www.bill2021.com
www.bill8888.com
www.eskrimokulu.com
www.bill2021.com
103.235.46.191
104.140.65.72
154.208.77.212
154.212.112.82
020ddbd3d7d8d430fc0aa91f2ac999f1077e6f973a3db85c2b56539a5acd38c3
09d927e0259c1fd455d4a5fe8483d4788204e85650cd3328989fc256781d41c9
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb
1406bfcbfd8ff8f6c72e60e58e06894fc13b2f814aa23a5d0a38eba99fedc6e6
2825e6ecfada595020d730def75dbf7840501bc6f9e9275ba545e13ab233cf0d
44c3c93ac377b7bd4c66758d704b8def64dd16bd38609eebae0dd034fb2aec63
502efd56d82c24512f817dc765d74fbbcdc067e4839b6cd61cd9cc00e9d7d0f6
823e0a924da2fa5a3fbddedd259377ba2b000cc6508ef0b152b8b1782fe37cb3
849d7e6036d9298837cfc1a37cc436b3df9821e3f5ab69b98a29ca0ae11883fe
939ed64af3e6fb900d848c596fd14559c74bd3718aa10a0cb1334445af58b636
948ddb11b3c6c28622e03bc58daeebe0d373236d43a3ced3265b3fe6eb9bc95c
94cf5d84e80dc1006762bb51fe0a2ae9cd9a9a608eb4d60f25bbfb4e9959dbf8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3461a38cba8e8b063619522d87e8886ac75bec436bc12e0d2f9ca69bb987ff3

eskrimokulu.com Open in urlscan Pro 104.140.65.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

71 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

930 kBTransfer

2217 kBSize

5 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

5 Cookies

5 Console Messages

Indicators

eskrimokulu.com Open in urlscan Pro
104.140.65.72 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

71 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

930 kB
Transfer

2217 kB
Size

5
Cookies

28 HTTP transactions
0 data transactions