eskrimokulu.com Open in urlscan Pro
104.140.65.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://eskrimokulu.com/wp-admin/js/dv.exe
Submission Tags: falconsandbox
Submission: On September 27 via api (September 27th 2022, 12:17:36 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.140.65.72, located in United States and belongs to AS62904, US. The main domain is eskrimokulu.com.

This is the only time eskrimokulu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	104.140.65.72 104.140.65.72	62904 (AS62904) (AS62904)
1	154.212.112.82 154.212.112.82	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
9	154.208.77.212 154.208.77.212	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
28	5

5 104.140.65.72 (United States) 2 redirects

ASN62904 (AS62904, US)
PTR: gavirtualschool.biz

eskrimokulu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.eskrimokulu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.212.112.82 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.bill8888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 154.208.77.212 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.bill2021.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	bill2021.com www.bill2021.com	4 KB
5	eskrimokulu.com 2 redirects eskrimokulu.com www.eskrimokulu.com	4 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8539	24 KB
1	bill8888.com www.bill8888.com	2 KB
28	4

	Domain	Requested by
9	www.bill2021.com	www.bill8888.com www.bill2021.com
4	hm.baidu.com	eskrimokulu.com
3	eskrimokulu.com	2 redirects
2	www.eskrimokulu.com	eskrimokulu.com
1	www.bill8888.com	eskrimokulu.com
28	5

This site contains no links.

Subject Issuer	Validity	Valid
bill8888.com TrustAsia RSA DV TLS CA G2	`2022-03-04` - `2023-03-04`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
bill2021.com TrustAsia RSA DV TLS CA G2	`2022-03-04` - `2023-03-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://eskrimokulu.com/wp-admin/js/dv.exe
Frame ID: B4A3F97A3DB925340D2519A9B966045F
Requests: 8 HTTP requests in this frame

Frame: https://www.bill2021.com/dan/indexman.html
Frame ID: 62CBE6662688CD1A8B8BE6A2FB9E2DBA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新万博体育赛事h|首頁欢迎您

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

33 kB
Transfer

139 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://eskrimokulu.com/jquery.20.min.js HTTP 301
http://www.eskrimokulu.com/jquery.20.min.js

Request Chain 1

http://eskrimokulu.com/jquery.la.min.js HTTP 301
http://www.eskrimokulu.com/jquery.la.min.js

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request dv.exe Show response
eskrimokulu.com/wp-admin/js/ 767 B
786 B 850ms
127ms Document
text/html 104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx / PHP/5.4.41
Resource Hash: db206abc28c52b2b44833d5a454b68f6eee4d0a3e78e4b4e3102b0b9905bea59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Tue, 27 Sep 2022 00:17:28 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41

GET
H/1.1

200
OK

jquery.20.min.js Show response
www.eskrimokulu.com/
Redirect Chain

http://eskrimokulu.com/jquery.20.min.js
http://www.eskrimokulu.com/jquery.20.min.js

3 KB
2 KB

446ms
93ms

Script
application/javascript

104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eskrimokulu.com/jquery.20.min.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx /
Resource Hash: 0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 05:39:40 GMT
Server: nginx
ETag: W/"623d559c-b6c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 27 Sep 2022 01:17:28 GMT

Redirect headers

Location: http://www.eskrimokulu.com/jquery.20.min.js
Date: Tue, 27 Sep 2022 00:17:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

jquery.la.min.js Show response
www.eskrimokulu.com/
Redirect Chain

http://eskrimokulu.com/jquery.la.min.js
http://www.eskrimokulu.com/jquery.la.min.js

518 B
831 B

355ms
96ms

Script
application/javascript

104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eskrimokulu.com/jquery.la.min.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx /
Resource Hash: 939ed64af3e6fb900d848c596fd14559c74bd3718aa10a0cb1334445af58b636

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:28 GMT
Last-Modified: Fri, 25 Mar 2022 05:39:40 GMT
Server: nginx
ETag: "623d559c-206"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 518
Expires: Tue, 27 Sep 2022 01:17:28 GMT

Redirect headers

Location: http://www.eskrimokulu.com/jquery.la.min.js
Date: Tue, 27 Sep 2022 00:17:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK pp.js Show response
www.bill8888.com/bb/ 6 KB
2 KB 3202ms
893ms Script
application/javascript 154.212.112.82
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill8888.com/bb/pp.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.20.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.212.112.82 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 50a97bf92db97f0fc51ccb77ccbfd3134cc71eec7e9357532fdeef70685c7528

Request headers

Referer: http://eskrimokulu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 27 Sep 2022 00:17:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Sep 2022 07:23:43 GMT
Server: nginx
ETag: W/"6331537f-1740"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1298ms
390ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5ec82f25bf4bb9f0c3cc8249dce555ae

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.la.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c631696e6a0c3770d19b6365edea75178cdcf42441b1bd0269ada4217c5a8642

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Content-Encoding: gzip
Server: apache
Etag: f93b52bdd259d526cc4145001bbf42ae
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11339

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1348ms
409ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?51411cde22356526d39dd27dba651ebe

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.la.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

dbbd33701e921d669f78cb3db87e2f3c98c5b5b926b6004164ea1cc90940c571

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Content-Encoding: gzip
Server: apache
Etag: 9713d4e991a3755f79fa762d513ae2e1
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11343

GET
H/1.1 200
OK indexman.html Show response
www.bill2021.com/dan/ Frame 62CB 4 KB
2 KB 1325ms
198ms Document
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/indexman.html
Requested by: Host: www.bill8888.com
URL: https://www.bill8888.com/bb/pp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0777ec42aa2c1f72ac14fae787a4c7ffb95fc7b7e077ea8941331808c7b991f9

Request headers

Referer: http://eskrimokulu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 27 Sep 2022 00:17:33 GMT
ETag: W/"633144a0-e00"
Last-Modified: Mon, 26 Sep 2022 06:20:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 404
Not Found zhongguomeng.js.js
www.bill2021.com/js/ Frame 62CB 0
0 198ms
198ms Script
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/js/zhongguomeng.js.js
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 404
Not Found index.css
www.bill2021.com/css/ Frame 62CB 0
0 397ms
198ms Stylesheet
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/css/index.css
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK zhongguomeng.js Show response
www.bill2021.com/dan/js/ Frame 62CB 860 B
1 KB 555ms
185ms Script
application/javascript 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/js/zhongguomeng.js
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 99830cff5b9b099ecd2ee78da47b2803f55d1c89dbdaacf743403b35d0e5cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Last-Modified: Thu, 22 Sep 2022 06:12:12 GMT
Server: nginx
ETag: "632bfcbc-35c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 860

GET
H/1.1 200
OK index.css
www.bill2021.com/dan/ Frame 62CB 1 KB
787 B 555ms
185ms Stylesheet
text/css 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/index.css
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 44c3c93ac377b7bd4c66758d704b8def64dd16bd38609eebae0dd034fb2aec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: W/"61c5a026-450"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ty-wanbo300.jpg
www.bill2021.com/dan/pkPhoto/ Frame 62CB 32 KB
0 1661ms
1660ms Image
image/jpeg 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/ty-wanbo300.jpg
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Last-Modified: Thu, 08 Sep 2022 07:53:28 GMT
Server: nginx
ETag: "63199f78-b679a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 747418

GET ty1000x100_jpg.jpg
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET bet1000x100_jpg.jpg
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET
H/1.1 200
OK js88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 16 KB
0 2377ms
2376ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/js88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:33 GMT
Last-Modified: Thu, 08 Sep 2022 07:53:25 GMT
Server: nginx
ETag: "63199f75-3b925"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 244005

GET 500pj1000-200.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET 5247cc1000-200%20.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET
H/1.1 200
OK vns88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 16 KB
0 2786ms
1384ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/vns88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:35 GMT
Last-Modified: Thu, 08 Sep 2022 07:53:26 GMT
Server: nginx
ETag: "63199f76-2b465"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177253

GET xintyc88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET xinyl88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET by1000x100.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET ty-yaobo.png
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET ledong100.png
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET amdcpc.gif
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET weibu.jpg
www.bill2021.com/dan/pkPhoto/ Frame 62CB 0
0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 380ms
380ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=755760809&si=5ec82f25bf4bb9f0c3cc8249dce555ae&v=1.2.97&lv=1&sn=42064&r=0&ww=1600&ct=!!&u=http%3A%2F%2Feskrimokulu.com%2Fwp-admin%2Fjs%2Fdv.exe&tt=%E6%96%B0%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E8%B5%9B%E4%BA%8Bh%7C%E9%A6%96%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 00:17:34 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 404
Not Found bg1111.jpg
www.bill2021.com/dan/img/ Frame 62CB 564 B
564 B 1561ms
185ms Image
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/img/bg1111.jpg
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 00:17:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 411ms
411ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1857468556&si=51411cde22356526d39dd27dba651ebe&v=1.2.97&lv=1&sn=42064&r=0&ww=1600&ct=!!&u=http%3A%2F%2Feskrimokulu.com%2Fwp-admin%2Fjs%2Fdv.exe&tt=%E6%96%B0%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E8%B5%9B%E4%BA%8Bh%7C%E9%A6%96%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 00:17:34 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/ty1000x100_jpg.jpg

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/bet1000x100_jpg.jpg

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/500pj1000-200.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/5247cc1000-200%20.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/xintyc88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/xinyl88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/by1000x100.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/ty-yaobo.png

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/ledong100.png

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/amdcpc.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/weibu.jpg

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-20 15:53:17	Name: HMACCOUNT_BFESS Value: 3AF3E7F8F68F0ADF
.eskrimokulu.com/	1970-01-20 15:02:53	Name: Hm_lvt_5ec82f25bf4bb9f0c3cc8249dce555ae Value: 1664237854
.eskrimokulu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_5ec82f25bf4bb9f0c3cc8249dce555ae Value: 1664237854
.eskrimokulu.com/	1970-01-20 15:02:53	Name: Hm_lvt_51411cde22356526d39dd27dba651ebe Value: 1664237854
.eskrimokulu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_51411cde22356526d39dd27dba651ebe Value: 1664237854

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://eskrimokulu.com/jquery.20.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bill8888.com/bb/pp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eskrimokulu.com/jquery.20.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bill8888.com/bb/pp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.bill2021.com/js/zhongguomeng.js.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.bill2021.com/css/index.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.bill2021.com/dan/img/bg1111.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eskrimokulu.com
hm.baidu.com
www.bill2021.com
www.bill8888.com
www.eskrimokulu.com
www.bill2021.com
103.235.46.191
104.140.65.72
154.208.77.212
154.212.112.82
0777ec42aa2c1f72ac14fae787a4c7ffb95fc7b7e077ea8941331808c7b991f9
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb
44c3c93ac377b7bd4c66758d704b8def64dd16bd38609eebae0dd034fb2aec63
50a97bf92db97f0fc51ccb77ccbfd3134cc71eec7e9357532fdeef70685c7528
939ed64af3e6fb900d848c596fd14559c74bd3718aa10a0cb1334445af58b636
99830cff5b9b099ecd2ee78da47b2803f55d1c89dbdaacf743403b35d0e5cea6
c631696e6a0c3770d19b6365edea75178cdcf42441b1bd0269ada4217c5a8642
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db206abc28c52b2b44833d5a454b68f6eee4d0a3e78e4b4e3102b0b9905bea59
dbbd33701e921d669f78cb3db87e2f3c98c5b5b926b6004164ea1cc90940c571

eskrimokulu.com Open in urlscan Pro 104.140.65.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

50 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

33 kBTransfer

139 kBSize

5 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

5 Cookies

5 Console Messages

Indicators

eskrimokulu.com Open in urlscan Pro
104.140.65.72 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

33 kB
Transfer

139 kB
Size

5
Cookies

28 HTTP transactions
0 data transactions