eskrimokulu.com Open in urlscan Pro
104.140.65.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://eskrimokulu.com/wp-admin/js/dv.exe
Submission Tags: falconsandbox
Submission: On June 12 via api (June 12th 2022, 3:03:11 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.140.65.72, located in United States and belongs to AS62904, US. The main domain is eskrimokulu.com.

This is the only time eskrimokulu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	104.140.65.72 104.140.65.72	62904 (AS62904) (AS62904)
1	154.212.112.82 154.212.112.82	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
16	154.208.77.212 154.208.77.212	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
28	5

5 104.140.65.72 (United States) 2 redirects

ASN62904 (AS62904, US)
PTR: gavirtualschool.biz

eskrimokulu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.eskrimokulu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.212.112.82 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.bill8888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 154.208.77.212 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.bill2021.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bill2021.com www.bill2021.com	2 MB
5	eskrimokulu.com 2 redirects eskrimokulu.com www.eskrimokulu.com	4 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8077	24 KB
1	bill8888.com www.bill8888.com	2 KB
28	4

	Domain	Requested by
16	www.bill2021.com	www.bill8888.com www.bill2021.com
4	hm.baidu.com	eskrimokulu.com
3	eskrimokulu.com	2 redirects
2	www.eskrimokulu.com	eskrimokulu.com
1	www.bill8888.com	eskrimokulu.com
28	5

This site contains no links.

Subject Issuer	Validity	Valid
bill8888.com TrustAsia RSA DV TLS CA G2	`2022-03-04` - `2023-03-04`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh
bill2021.com TrustAsia RSA DV TLS CA G2	`2022-03-04` - `2023-03-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://eskrimokulu.com/wp-admin/js/dv.exe
Frame ID: 6987AB350D0AFA34D3F989D3C53FF299
Requests: 8 HTTP requests in this frame

Frame: https://www.bill2021.com/dan/indexman.html
Frame ID: 1D02DDFC8768BB8A50E8B854CAF6C754
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新万博体育赛事h|首頁欢迎您

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1968 kB
Transfer

2648 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://eskrimokulu.com/jquery.20.min.js HTTP 301
http://www.eskrimokulu.com/jquery.20.min.js

Request Chain 1

http://eskrimokulu.com/jquery.la.min.js HTTP 301
http://www.eskrimokulu.com/jquery.la.min.js

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request dv.exe Show response
eskrimokulu.com/wp-admin/js/ 769 B
790 B 593ms
127ms Document
text/html 104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx / PHP/5.4.41
Resource Hash: 46597bc24152ac7561798a4f13a4ea890fa65e1dc7035a70122c3b43c4927d90

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 12 Jun 2022 15:03:02 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41

GET
H/1.1

200
OK

jquery.20.min.js Show response
www.eskrimokulu.com/
Redirect Chain

http://eskrimokulu.com/jquery.20.min.js
http://www.eskrimokulu.com/jquery.20.min.js

3 KB
2 KB

826ms
114ms

Script
application/javascript

104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eskrimokulu.com/jquery.20.min.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx /
Resource Hash: 0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 05:39:40 GMT
Server: nginx
ETag: W/"623d559c-b6c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 12 Jun 2022 16:03:03 GMT

Redirect headers

Location: http://www.eskrimokulu.com/jquery.20.min.js
Date: Sun, 12 Jun 2022 15:03:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

jquery.la.min.js Show response
www.eskrimokulu.com/
Redirect Chain

http://eskrimokulu.com/jquery.la.min.js
http://www.eskrimokulu.com/jquery.la.min.js

518 B
831 B

741ms
115ms

Script
application/javascript

104.140.65.72
AS62904

General

Check archive.org

Show headers Download Go to

Full URL: http://www.eskrimokulu.com/jquery.la.min.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe
Protocol: HTTP/1.1
Server: 104.140.65.72 , United States, ASN62904 (AS62904, US),
Reverse DNS: gavirtualschool.biz
Software: nginx /
Resource Hash: 939ed64af3e6fb900d848c596fd14559c74bd3718aa10a0cb1334445af58b636

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:03 GMT
Last-Modified: Fri, 25 Mar 2022 05:39:40 GMT
Server: nginx
ETag: "623d559c-206"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 518
Expires: Sun, 12 Jun 2022 16:03:03 GMT

Redirect headers

Location: http://www.eskrimokulu.com/jquery.la.min.js
Date: Sun, 12 Jun 2022 15:03:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK pp.js Show response
www.bill8888.com/bb/ 6 KB
2 KB 2533ms
762ms Script
application/javascript 154.212.112.82
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill8888.com/bb/pp.js
Requested by: Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.20.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.212.112.82 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 020ddbd3d7d8d430fc0aa91f2ac999f1077e6f973a3db85c2b56539a5acd38c3

Request headers

Referer: http://eskrimokulu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 12 Jun 2022 15:03:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2022 03:06:19 GMT
Server: nginx
ETag: W/"624bb22b-1743"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 2621ms
335ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5ec82f25bf4bb9f0c3cc8249dce555ae

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.la.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d37945725159049e192629789ca8d0aa62b776ab76fc48d06d48dc3e90051668

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Content-Encoding: gzip
Server: apache
Etag: 5c2d5c74de1720718c14ef343b8e0277
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11293

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 2633ms
342ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?51411cde22356526d39dd27dba651ebe

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/jquery.la.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b307e5992e869178b5c852477f530f9fadf1761f3f8473ec6f50e0c1c82dd036

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Content-Encoding: gzip
Server: apache
Etag: f9c977d058206444da1842995284f60e
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11297

GET
H/1.1 200
OK indexman.html Show response
www.bill2021.com/dan/ Frame 1D02 3 KB
2 KB 1077ms
196ms Document
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/indexman.html
Requested by: Host: www.bill8888.com
URL: https://www.bill8888.com/bb/pp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 2825e6ecfada595020d730def75dbf7840501bc6f9e9275ba545e13ab233cf0d

Request headers

Referer: http://eskrimokulu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 12 Jun 2022 15:03:07 GMT
ETag: W/"61c6da25-dde"
Last-Modified: Sat, 25 Dec 2021 08:45:25 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 404
Not Found zhongguomeng.js.js
www.bill2021.com/js/ Frame 1D02 0
0 723ms
722ms Script
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/js/zhongguomeng.js.js
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 404
Not Found index.css
www.bill2021.com/css/ Frame 1D02 0
0 1198ms
810ms Stylesheet
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/css/index.css
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK zhongguomeng.js Show response
www.bill2021.com/dan/js/ Frame 1D02 840 B
1 KB 589ms
196ms Script
application/javascript 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/js/zhongguomeng.js
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 7c17e42d6ea85215e2cabba2cf13dde258edb702bd3e5fcf60a459d173d98ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Last-Modified: Sat, 11 Jun 2022 08:31:56 GMT
Server: nginx
ETag: "62a452fc-348"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 840

GET
H/1.1 200
OK index.css
www.bill2021.com/dan/ Frame 1D02 1 KB
787 B 589ms
196ms Stylesheet
text/css 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bill2021.com/dan/index.css
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 44c3c93ac377b7bd4c66758d704b8def64dd16bd38609eebae0dd034fb2aec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: W/"61c5a026-450"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ty-wanbo300.jpg
www.bill2021.com/dan/pkPhoto/ Frame 1D02 730 KB
730 KB 393ms
393ms Image
image/jpeg 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/ty-wanbo300.jpg
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 9c0656fc39abbfe66d35aa43d57f1b090005bcdfb9becb806c50fb1b8a6f67b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: "61c5a026-b679a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 747418

GET
H/1.1 200
OK tyc88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 239 KB
239 KB 389ms
389ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/tyc88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 948ddb11b3c6c28622e03bc58daeebe0d373236d43a3ced3265b3fe6eb9bc95c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:39 GMT
Server: nginx
ETag: "61c5a023-3bb16"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 244502

GET
H/1.1 200
OK 365bet88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 213 KB
213 KB 393ms
393ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/365bet88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 1406bfcbfd8ff8f6c72e60e58e06894fc13b2f814aa23a5d0a38eba99fedc6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:38 GMT
Server: nginx
ETag: "61c5a022-354f9"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 218361

GET
H/1.1 200
OK js88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 238 KB
239 KB 394ms
393ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/js88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0c8c4923f415217e1b2a3348bcc0eba16466a27fca78181f44c1066377de11eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:08 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:38 GMT
Server: nginx
ETag: "61c5a022-3b925"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 244005

GET
H/1.1 200
OK xpj88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 80 KB
0 2566ms
194ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/xpj88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:11 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:37 GMT
Server: nginx
ETag: "61c5a021-91960"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 596320

GET yl88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 0
0

GET
H/1.1 200
OK amdcpc.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 256 KB
0 1806ms
197ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/amdcpc.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:10 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:59 GMT
Server: nginx
ETag: "61c5a037-43f21"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 278305

GET
H/1.1 200
OK ledong100.png
www.bill2021.com/dan/pkPhoto/ Frame 1D02 160 KB
0 2229ms
197ms Image
image/png 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/ledong100.png
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:10 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Server: nginx
ETag: "61c5a026-36334"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 222004

GET
H/1.1 200
OK vns88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 144 KB
0 1799ms
388ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/vns88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:10 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:39 GMT
Server: nginx
ETag: "61c5a023-2b465"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 177253

GET
H/1.1 200
OK xintyc88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 417 KB
417 KB 1542ms
952ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/xintyc88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 3d5386cf765a54ee5ae26fdfa49cf8ed256308d7eadba34924e2687330c71028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:10 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:40 GMT
Server: nginx
ETag: "61c5a024-68265"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 426597

GET
H/1.1 200
OK xinyl88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 97 KB
97 KB 197ms
196ms Image
image/gif 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/pkPhoto/xinyl88888.gif
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/indexman.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: b9fa13f01af90bff347445e5a8e4e2af2e84d9f4c3ec1a88fbc9a653d00a1da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/indexman.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:11 GMT
Last-Modified: Fri, 24 Dec 2021 10:25:37 GMT
Server: nginx
ETag: "61c5a021-1845b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99419

GET by88888.gif
www.bill2021.com/dan/pkPhoto/ Frame 1D02 0
0

GET ty-yaobo.png
www.bill2021.com/dan/pkPhoto/ Frame 1D02 0
0

GET weibu.jpg
www.bill2021.com/dan/pkPhoto/ Frame 1D02 0
0

GET
H/1.1 404
Not Found bg1111.jpg
www.bill2021.com/dan/img/ Frame 1D02 564 B
564 B 589ms
196ms Image
text/html 154.208.77.212
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bill2021.com/dan/img/bg1111.jpg
Requested by: Host: www.bill2021.com
URL: https://www.bill2021.com/dan/index.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.208.77.212 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bill2021.com/dan/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 15:03:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 342ms
342ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=424381326&si=5ec82f25bf4bb9f0c3cc8249dce555ae&v=1.2.94&lv=1&sn=25300&r=0&ww=1600&ct=!!&u=http%3A%2F%2Feskrimokulu.com%2Fwp-admin%2Fjs%2Fdv.exe&tt=%E6%96%B0%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E8%B5%9B%E4%BA%8Bh%7C%E9%A6%96%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Jun 2022 15:03:09 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 347ms
347ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1101252662&si=51411cde22356526d39dd27dba651ebe&v=1.2.94&lv=1&sn=25300&r=0&ww=1600&ct=!!&u=http%3A%2F%2Feskrimokulu.com%2Fwp-admin%2Fjs%2Fdv.exe&tt=%E6%96%B0%E4%B8%87%E5%8D%9A%E4%BD%93%E8%82%B2%E8%B5%9B%E4%BA%8Bh%7C%E9%A6%96%E9%A0%81%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: eskrimokulu.com
URL: http://eskrimokulu.com/wp-admin/js/dv.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://eskrimokulu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Jun 2022 15:03:09 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/yl88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/by88888.gif

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/ty-yaobo.png

Domain: www.bill2021.com
URL: https://www.bill2021.com/dan/pkPhoto/weibu.jpg

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: A06916B98E6CA9C8
.eskrimokulu.com/	1970-01-20 12:29:42	Name: Hm_lvt_5ec82f25bf4bb9f0c3cc8249dce555ae Value: 1655046190
.eskrimokulu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_5ec82f25bf4bb9f0c3cc8249dce555ae Value: 1655046190
.eskrimokulu.com/	1970-01-20 12:29:42	Name: Hm_lvt_51411cde22356526d39dd27dba651ebe Value: 1655046190
.eskrimokulu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_51411cde22356526d39dd27dba651ebe Value: 1655046190

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://eskrimokulu.com/jquery.20.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bill8888.com/bb/pp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eskrimokulu.com/jquery.20.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bill8888.com/bb/pp.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.bill2021.com/js/zhongguomeng.js.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.bill2021.com/css/index.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.bill2021.com/dan/img/bg1111.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eskrimokulu.com
hm.baidu.com
www.bill2021.com
www.bill8888.com
www.eskrimokulu.com
www.bill2021.com
103.235.46.191
104.140.65.72
154.208.77.212
154.212.112.82
020ddbd3d7d8d430fc0aa91f2ac999f1077e6f973a3db85c2b56539a5acd38c3
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0c8c4923f415217e1b2a3348bcc0eba16466a27fca78181f44c1066377de11eb
0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb
1406bfcbfd8ff8f6c72e60e58e06894fc13b2f814aa23a5d0a38eba99fedc6e6
2825e6ecfada595020d730def75dbf7840501bc6f9e9275ba545e13ab233cf0d
3d5386cf765a54ee5ae26fdfa49cf8ed256308d7eadba34924e2687330c71028
44c3c93ac377b7bd4c66758d704b8def64dd16bd38609eebae0dd034fb2aec63
46597bc24152ac7561798a4f13a4ea890fa65e1dc7035a70122c3b43c4927d90
7c17e42d6ea85215e2cabba2cf13dde258edb702bd3e5fcf60a459d173d98ee5
939ed64af3e6fb900d848c596fd14559c74bd3718aa10a0cb1334445af58b636
948ddb11b3c6c28622e03bc58daeebe0d373236d43a3ced3265b3fe6eb9bc95c
9c0656fc39abbfe66d35aa43d57f1b090005bcdfb9becb806c50fb1b8a6f67b4
b307e5992e869178b5c852477f530f9fadf1761f3f8473ec6f50e0c1c82dd036
b9fa13f01af90bff347445e5a8e4e2af2e84d9f4c3ec1a88fbc9a653d00a1da8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d37945725159049e192629789ca8d0aa62b776ab76fc48d06d48dc3e90051668

eskrimokulu.com Open in urlscan Pro 104.140.65.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

75 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

1968 kBTransfer

2648 kBSize

5 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

5 Cookies

5 Console Messages

Indicators

eskrimokulu.com Open in urlscan Pro
104.140.65.72 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1968 kB
Transfer

2648 kB
Size

5
Cookies

28 HTTP transactions
0 data transactions