xepfx178564.xgse015.cyou Open in urlscan Pro
185.229.64.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://earrings.handlebarssales.com/
Effective URL:
https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Submission: On May 14 via api (May 14th 2024, 4:04:02 pm UTC) from US — Scanned from NL

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 185.229.64.151, located in Chisinau, Moldova and belongs to INFOTECH-GRUP, MD. The main domain is xepfx178564.xgse015.cyou.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time xepfx178564.xgse015.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 18	185.229.64.151 185.229.64.151	201670 (INFOTECH-...) (INFOTECH-GRUP)
16	1

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

earrings.handlebarssales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.229.64.151 (Chisinau, Moldova) 2 redirects

ASN201670 (INFOTECH-GRUP, MD)
PTR: 185-229-64-151.avenacloud.com

xepfx178564.xgse015.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xgse015.cyou 2 redirects xepfx178564.xgse015.cyou	123 KB
1	handlebarssales.com 1 redirects earrings.handlebarssales.com	610 B
16	2

	Domain	Requested by
18	xepfx178564.xgse015.cyou	2 redirects xepfx178564.xgse015.cyou
1	earrings.handlebarssales.com	1 redirects
16	2

This site contains no links.

Subject Issuer	Validity	Valid
earrings.handlebarssales.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Frame ID: EFB337C953C07190E94214EA1AC27AA1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://earrings.handlebarssales.com/ HTTP 301
https://xepfx178564.xgse015.cyou/ HTTP 302
https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

122 kB
Transfer

335 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://earrings.handlebarssales.com/ HTTP 301
https://xepfx178564.xgse015.cyou/ HTTP 302
https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://xepfx178564.xgse015.cyou/favicon.ico HTTP 302
https://xepfx178564.xgse015.cyou/favicon.ico?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2Ffavicon.ico

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xepfx178564.xgse015.cyou/
Redirect Chain

https://earrings.handlebarssales.com/
https://xepfx178564.xgse015.cyou/
https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

4 KB
1 KB

1054ms
1054ms

Document
text/html

185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

9e9a0991ff9d30a14d4b947e79463df960ec87ff2c4b550edd77b1eb861c948f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 16:03:57 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 16:03:56 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
x-redirect-by: WordPress

GET
H2 200 dashicons.min.css
xepfx178564.xgse015.cyou/wp-includes/css/ 58 KB
36 KB 119ms
115ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-includes/css/dashicons.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 03 Dec 2022 05:52:16 GMT
server: nginx
etag: W/"638ae410-e688"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 buttons.min.css
xepfx178564.xgse015.cyou/wp-includes/css/ 6 KB
2 KB 120ms
117ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-includes/css/buttons.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 07 May 2024 05:31:07 GMT
server: nginx
etag: W/"6639bc9b-17ad"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 forms.min.css
xepfx178564.xgse015.cyou/wp-admin/css/ 28 KB
8 KB 174ms
171ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-admin/css/forms.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

9de28c38d076abf85b7b6507b99114f8f4148c40cc7b3c2448e3ac9cdf844410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 07 May 2024 05:31:07 GMT
server: nginx
etag: W/"6639bc9b-6f38"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 l10n.min.css
xepfx178564.xgse015.cyou/wp-admin/css/ 2 KB
953 B 175ms
172ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-admin/css/l10n.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

86669f0412fff3ba05a09c21f077c7a9ec4d9054633216b6ce04eb3c6c57538b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 03 Dec 2022 05:52:16 GMT
server: nginx
etag: W/"638ae410-9ad"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 login.min.css
xepfx178564.xgse015.cyou/wp-admin/css/ 6 KB
3 KB 175ms
172ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-admin/css/login.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

a18a131e0248ad699cc85b5a24a5f68ae2ee5134119464f851caa226b30c125e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 07 May 2024 05:31:07 GMT
server: nginx
etag: W/"6639bc9b-193c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 jquery.sweet-modal.min.css
xepfx178564.xgse015.cyou/wp-content/plugins/selectpay-woocommrece/js/jquery.sweet-modal/ 31 KB
6 KB 175ms
172ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-content/plugins/selectpay-woocommrece/js/jquery.sweet-modal/jquery.sweet-modal.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

a71a2bfb7eb1dda0a186ba63a397b84b6e606e1eba384a79d810fa63e86c9ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 May 2024 08:21:04 GMT
server: nginx
etag: W/"663dd8f0-7b79"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 jquery.sweet-modal.min.css
xepfx178564.xgse015.cyou/wp-content/plugins/stripe-card-woocommrece/js/jquery.sweet-modal/ 31 KB
6 KB 175ms
173ms Stylesheet
text/css 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-content/plugins/stripe-card-woocommrece/js/jquery.sweet-modal/jquery.sweet-modal.min.css?ver=6.5.2

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

2ae80ceaaa6e40436bc4dfe8894e1fa042b4158e9bde246cc21d45e2ec258e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 May 2024 08:21:04 GMT
server: nginx
etag: W/"663dd8f0-7b77"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 jquery.min.js Show response
xepfx178564.xgse015.cyou/wp-includes/js/jquery/ 86 KB
34 KB 175ms
173ms Script
application/javascript 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 07 May 2024 05:31:07 GMT
server: nginx
etag: W/"6639bc9b-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 jquery-migrate.min.js Show response
xepfx178564.xgse015.cyou/wp-includes/js/jquery/ 13 KB
5 KB 175ms
173ms Script
application/javascript 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 07 May 2024 05:31:07 GMT
server: nginx
etag: W/"6639bc9b-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 jquery.sweet-modal.min.js Show response
xepfx178564.xgse015.cyou/wp-content/plugins/selectpay-woocommrece/js/jquery.sweet-modal/ 15 KB
5 KB 175ms
173ms Script
application/javascript 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-content/plugins/selectpay-woocommrece/js/jquery.sweet-modal/jquery.sweet-modal.min.js?ver=1.1715702636

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

9cd60cea569d7d1e5a0872436e8ad40d99a795adb288e6c9eab20b6a8cd6b658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 May 2024 08:21:04 GMT
server: nginx
etag: W/"663dd8f0-3c1a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 app.js Show response
xepfx178564.xgse015.cyou/wp-content/plugins/selectpay-woocommrece/js/ 20 KB
5 KB 175ms
173ms Script
application/javascript 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-content/plugins/selectpay-woocommrece/js/app.js?ver=1.1715702636

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

23cd072154ebffbc4fed3fb6ee527628fdb6bcd2b222d3e5452b8dedd67197c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 May 2024 08:21:04 GMT
server: nginx
etag: W/"663dd8f0-5159"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 jquery.sweet-modal.min.js Show response
xepfx178564.xgse015.cyou/wp-content/plugins/stripe-card-woocommrece/js/jquery.sweet-modal/ 15 KB
5 KB 175ms
174ms Script
application/javascript 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-content/plugins/stripe-card-woocommrece/js/jquery.sweet-modal/jquery.sweet-modal.min.js?ver=xxxx1715702636

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

9cd60cea569d7d1e5a0872436e8ad40d99a795adb288e6c9eab20b6a8cd6b658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 May 2024 08:21:04 GMT
server: nginx
etag: W/"663dd8f0-3c1a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 app.js Show response
xepfx178564.xgse015.cyou/wp-content/plugins/stripe-card-woocommrece/js/ 14 KB
4 KB 175ms
174ms Script
application/javascript 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/wp-content/plugins/stripe-card-woocommrece/js/app.js?ver=xxxx1715702636

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

22c511c79a1f072d7cf24c7c8475d8bc080c497af0b82aff995c4ef2f5f256c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 May 2024 08:21:04 GMT
server: nginx
etag: W/"663dd8f0-371c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 15 May 2024 04:03:57 GMT

GET
H2 200 wordpress-logo.svg
xepfx178564.xgse015.cyou/wp-admin/images/ 1 KB
2 KB 56ms
56ms Image
image/svg+xml 185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xepfx178564.xgse015.cyou/wp-admin/images/wordpress-logo.svg?ver=20131107

Requested by

Host: xepfx178564.xgse015.cyou
URL: https://xepfx178564.xgse015.cyou/wp-admin/css/login.min.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xepfx178564.xgse015.cyou/wp-admin/css/login.min.css?ver=6.5.2
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 16:03:57 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 03 Dec 2022 05:52:16 GMT
server: nginx
etag: "638ae410-5f1"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1521

GET
H2

200

favicon.ico
xepfx178564.xgse015.cyou/
Redirect Chain

https://xepfx178564.xgse015.cyou/favicon.ico
https://xepfx178564.xgse015.cyou/favicon.ico?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2Ffavicon.ico

4 KB
2 KB

1014ms
1014ms

Other
text/html

185.229.64.151
INFOTECH-GRUP

General

Check archive.org

Show headers Download Go to

Full URL

https://xepfx178564.xgse015.cyou/favicon.ico?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2Ffavicon.ico

Protocol

Server

185.229.64.151 Chisinau, Moldova, ASN201670 (INFOTECH-GRUP, MD),

Reverse DNS

185-229-64-151.avenacloud.com

Software

nginx /

Resource Hash

c51e605d25b37b75ec31e78a380b0755d4e55895f4e8836577e3d401b85ca714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 May 2024 16:03:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 May 2024 16:03:58 GMT
strict-transport-security: max-age=31536000
server: nginx
x-redirect-by: WordPress
content-type: text/html; charset=UTF-8
location: https://xepfx178564.xgse015.cyou/favicon.ico?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2Ffavicon.ico
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
earrings.handlebarssales.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: au4oahr88ig24bh13lhhsptvu1
xepfx178564.xgse015.cyou/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9ijhebsdoobgar61k8r19rpdo1
xepfx178564.xgse015.cyou/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://xepfx178564.xgse015.cyou/?password-protected=login&redirect_to=https%3A%2F%2Fxepfx178564.xgse015.cyou%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

earrings.handlebarssales.com
xepfx178564.xgse015.cyou
185.229.64.151
188.114.96.3
22c511c79a1f072d7cf24c7c8475d8bc080c497af0b82aff995c4ef2f5f256c7
23cd072154ebffbc4fed3fb6ee527628fdb6bcd2b222d3e5452b8dedd67197c5
2ae80ceaaa6e40436bc4dfe8894e1fa042b4158e9bde246cc21d45e2ec258e88
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
86669f0412fff3ba05a09c21f077c7a9ec4d9054633216b6ce04eb3c6c57538b
9cd60cea569d7d1e5a0872436e8ad40d99a795adb288e6c9eab20b6a8cd6b658
9de28c38d076abf85b7b6507b99114f8f4148c40cc7b3c2448e3ac9cdf844410
9e9a0991ff9d30a14d4b947e79463df960ec87ff2c4b550edd77b1eb861c948f
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b
a18a131e0248ad699cc85b5a24a5f68ae2ee5134119464f851caa226b30c125e
a71a2bfb7eb1dda0a186ba63a397b84b6e606e1eba384a79d810fa63e86c9ca1
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c51e605d25b37b75ec31e78a380b0755d4e55895f4e8836577e3d401b85ca714
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb

xepfx178564.xgse015.cyou Open in urlscan Pro 185.229.64.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

122 kBTransfer

335 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

xepfx178564.xgse015.cyou Open in urlscan Pro
185.229.64.151 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

122 kB
Transfer

335 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions