urlscan.io logo urlscan.io
SecurityTrails logo

m.xiyue.shop Open in urlscan Pro
119.3.100.91  Public Scan

Go To Rescan Add Verdict Report
URL: https://m.xiyue.shop/
Submission: On August 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 119.3.100.91, located in China and belongs to HWCSNET Huawei Cloud Service data center, CN. The main domain is m.xiyue.shop.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on August 29th 2024. Valid for: a year.
This is the only time m.xiyue.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 119.3.100.91 55990 (HWCSNET H...)
1 43.175.151.207 139341 (ACE-AS-AP...)
2 111.45.3.198 56040 (CMNET-GUA...)
1 101.33.11.219 139341 (ACE-AS-AP...)
1 122.112.208.78 55990 (HWCSNET H...)
19 6
13    119.3.100.91 (China)

ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
PTR: ecs-119-3-100-91.compute.hwclouds-dns.com
m.xiyue.shop
mobff.jslink.com
magics.jslink.com
1    43.175.151.207 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
res.wx.qq.com
2    111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
hm.baidu.com
1    101.33.11.219 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
mmbiz.qpic.cn
1    122.112.208.78 (China)

ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
PTR: ecs-122-112-208-78.compute.hwclouds-dns.com
smbsrv.obs.cn-east-2.myhuaweicloud.com
Apex Domain
Subdomains		 Transfer
8 xiyue.shop
m.xiyue.shop
279 KB
5 jslink.com
mobff.jslink.com
magics.jslink.com
perseuss.jslink.com Failed
2 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8226
12 KB
1 myhuaweicloud.com
smbsrv.obs.cn-east-2.myhuaweicloud.com
7 KB
1 qpic.cn
mmbiz.qpic.cn — Cisco Umbrella Rank: 4804
2 KB
1 qq.com
res.wx.qq.com — Cisco Umbrella Rank: 9019
13 KB
19 6
Domain Requested by
8 m.xiyue.shop m.xiyue.shop
4 mobff.jslink.com m.xiyue.shop
2 hm.baidu.com m.xiyue.shop
1 smbsrv.obs.cn-east-2.myhuaweicloud.com
1 magics.jslink.com m.xiyue.shop
1 mmbiz.qpic.cn m.xiyue.shop
1 res.wx.qq.com m.xiyue.shop
0 perseuss.jslink.com Failed m.xiyue.shop
19 8

This site contains no links.

Subject Issuer Validity Valid
m.xiyue.shop
Encryption Everywhere DV TLS CA - G2		 2024-08-29 -
2025-08-29		 a year crt.sh
res.wx.qq.com
DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1		 2024-08-22 -
2025-09-06		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
*.jslink.com
GeoTrust CN RSA CA G1		 2024-04-15 -
2025-04-14		 a year crt.sh
mmbiz.qpic.cn
DigiCert Secure Site CN CA G3		 2024-01-23 -
2025-02-05		 a year crt.sh
obs.cn-east-2.myhuaweicloud.com
GlobalSign RSA OV SSL CA 2018		 2024-04-01 -
2025-05-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://m.xiyue.shop/
Frame ID: E7ADF3BEA794F762D254A05EBFDC7069
Requests: 21 HTTP requests in this frame

Frame: https://magics.jslink.com/mini/index/123464490?token=&customerId=undefined&t=0&saas-auth=MTIzNDY0NDkw&blackWhiteTheme=false
Frame ID: AEE7E4CB3F1B4401F854887EB8B5F80B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

首页

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

315 kB
Transfer

1499 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m.xiyue.shop/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
59d562dacdebe722d7b14c2a1899b74d02ae7b41ea4b9954b076c6908ead7f70
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Aug 2024 02:17:08 GMT
ETag
W/"6697ae52-74b"
Keep-Alive
timeout=120
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
jweixin-1.3.2.js
res.wx.qq.com/open/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/open/js/jweixin-1.3.2.js
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.175.151.207 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
8970d87dc5fb273b406c465a1e68e46b577dc447ee9f80b9f13f062d72badd9b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 06:03:31 GMT
Strict-Transport-Security
max-age=3600
X-Cache-Lookup
Cache Hit
Connection
keep-alive
X-Verify-Code
554155dc847409e44a8a50b037d6241d
Content-Length
12308
Last-Modified
Mon, 15 Jul 2024 06:00:00 GMT
Server
nginx/1.8.1
Vary
Origin
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, max-age=31536000
X-Daa-Tunnel
hop_count=1
X-NWS-LOG-UUID
9632658424140738024
Accept-Ranges
bytes
Expires
Tue, 15 Jul 2025 06:03:31 GMT
app.css
m.xiyue.shop/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/css/app.css
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
e01d0cd34ace57645ee5b3440672e40002f4e27c7fbd4f9613e6e633996ba7dc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:08 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-d8c3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=120
app.js
m.xiyue.shop/js/ 		1 MB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/js/app.js
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
0c139bfbc284b8b47b57a15dfbd4064e9d7c0972dbb25e1fad84a101830e46aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:08 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-137ac8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=120
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a37bcf73d4d26c60b9e1a306dbfec64f
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
ed7d39a857743b4b491c5589d017d40b60586ac025e8351507a5110636d64ae3
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:09 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
bff1c4c193d254c7a0a63d36dab3d8ad
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11293
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=4F6724C1BC9E969F&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=7816682&si=a37bcf73d4d26c60b9e1a306dbfec64f&v=1.3.2&lv=1&sn=37494&r=0&ww=1600&u=https%3A%2F%2Fm.xiyue.shop%2F&tt=%E9%A6%96%E9%A1%B5
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Aug 2024 02:17:09 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
baseConfig
mobff.jslink.com/system/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mobff.jslink.com/system/baseConfig
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,distribute-channel
Access-Control-Request-Method
GET
Origin
https://m.xiyue.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,x-requested-with,distribute-channel,saas-auth
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Allow
Allow:GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Aug 2024 02:17:11 GMT
Keep-Alive
timeout=120
Server
nginx
Vary
Origin
X-Application-Context
application:8088
baseConfig
mobff.jslink.com/system/ 		801 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mobff.jslink.com/system/baseConfig
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
66572d3bf947d9d25b9661fbb741d7878e344dbcc129cbd1705713f85e96fc7d

Request headers

Referer
https://m.xiyue.shop/
distribute-channel
{"channelType":1,"inviteeId":null}
Authorization
Bearer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Fri, 30 Aug 2024 02:17:11 GMT
Server
nginx
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://m.xiyue.shop
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=120
Content-Length
801
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab46970f293a8ef4626e57c05d6e31a8f96730f277c99573d8305ccd7ccff0c7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ea59ef9d3ada971c2ff523d4398f9b90a985c7572fa518056bc2f23f6cab23f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e52c901bdfa35456ad5fa7c9099503165fdbb12ee6d7c9e6f008a431ee6415e7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f81229654aec64861a5cf3d619ede605811cd8b09bec7503e306325afbf26bd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
1.js
m.xiyue.shop/chunk/ 		43 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/chunk/1.js
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
8259a8a962065b4ffc9243221de3661d1899ff4003a3b256d54e0e08bd6b9674
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:10 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-ad4e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=120
303.js
m.xiyue.shop/chunk/ 		66 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/chunk/303.js
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
25d18b286194b2364996eb76393b5a6c9589a6e9ae86eb5d80b1ef548aa9ef17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:10 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-10848"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=120
store-main_index.css
m.xiyue.shop/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/css/store-main_index.css
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
f2647d2e348273d93b1ab6949eca23549f0571f66fa792b38e8d311df03fe98d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:10 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-fab"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=120
store-main_index.js
m.xiyue.shop/chunk/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/chunk/store-main_index.js
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
40282acbeb56a0c8ea511de143cfccf6109cd8f18cff4f95802d10d2b01c66e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:10 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-5ef4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=120
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c936293fb2a2835fd0ad8d86920c548d17e194b19eff443d124c34ae05c93079

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
domain-store
mobff.jslink.com/domain/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mobff.jslink.com/domain/domain-store
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,distribute-channel
Access-Control-Request-Method
GET
Origin
https://m.xiyue.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,x-requested-with,distribute-channel,saas-auth
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Allow
Allow:GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Fri, 30 Aug 2024 02:17:11 GMT
Keep-Alive
timeout=120
Server
nginx
Vary
Origin
X-Application-Context
application:8088
domain-store
mobff.jslink.com/domain/ 		452 B
817 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mobff.jslink.com/domain/domain-store
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
77a8e270c9b21fdbdd9af3968a8d7635472411da938735956b6b2730972dbbac

Request headers

Referer
https://m.xiyue.shop/
distribute-channel
{"channelType":1,"inviteeId":null}
Authorization
Bearer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Fri, 30 Aug 2024 02:17:11 GMT
Server
nginx
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://m.xiyue.shop
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=120
Content-Length
452
640
mmbiz.qpic.cn/mmbiz_jpg/1YFjgBfBMu9uVRMKKrL4vsIBsxMBQnw0CrCvrOvskQMzv4QTMoibKBkp5cxKajzUU8gptdzdyzqwVjvnLLZFm5w/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mmbiz.qpic.cn/mmbiz_jpg/1YFjgBfBMu9uVRMKKrL4vsIBsxMBQnw0CrCvrOvskQMzv4QTMoibKBkp5cxKajzUU8gptdzdyzqwVjvnLLZFm5w/640?wx_fmt=jpeg&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/css/store-main_index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.219 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
NWSs /
Resource Hash
e24d1abdb4f0d7cd7c359dcd439c3ade4030701c19a2acb21f8a2acf6292d38d

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-DataSrc
1
Date
Sun, 25 Aug 2024 19:51:55 GMT
X-Cache-Lookup
Cache Hit
Size
1776
Connection
keep-alive
Content-Length
1776
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Thu, 01 Dec 2022 01:37:09 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Origin,Accept
Content-Type
image/jpeg
X-Delay
21679 us
X-Errinfo
banned
chid
0
Cache-Control
no-cache
X-BCheck
0_1
X-NWS-LOG-UUID
4498898973200973553
Accept-Ranges
bytes
favicon.ico
m.xiyue.shop/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m.xiyue.shop/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
59d562dacdebe722d7b14c2a1899b74d02ae7b41ea4b9954b076c6908ead7f70
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:10 GMT
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 11:43:14 GMT
Server
nginx
ETag
W/"6697ae52-74b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=120
123464490
magics.jslink.com/mini/index/ Frame AEE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://magics.jslink.com/mini/index/123464490?token=&customerId=undefined&t=0&saas-auth=MTIzNDY0NDkw&blackWhiteTheme=false
Requested by
Host: m.xiyue.shop
URL: https://m.xiyue.shop/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.3.100.91 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-100-91.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://m.xiyue.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Date
Fri, 30 Aug 2024 02:17:13 GMT
ETag
W/"666aba04-5dc"
Keep-Alive
timeout=120
Last-Modified
Thu, 13 Jun 2024 09:21:08 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
202408011421406331.ico
smbsrv.obs.cn-east-2.myhuaweicloud.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://smbsrv.obs.cn-east-2.myhuaweicloud.com/202408011421406331.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.112.208.78 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-122-112-208-78.compute.hwclouds-dns.com
Software
OBS /
Resource Hash
ef8db83750228693b585a8721e32350c3f31b2ec35c02ffc0ab6c6b529d1289a

Request headers

Referer
https://m.xiyue.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 30 Aug 2024 02:17:13 GMT
Last-Modified
Thu, 01 Aug 2024 06:21:40 GMT
Server
OBS
x-amz-request-id
00000191A1128C3F55080F6459F1F717
ETag
"7d0fcbe3c9b5845d1f5caea03643a5a7"
Content-Type
application/x-ico
x-reserved-indicator
372
Accept-Ranges
bytes
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length
6782
x-amz-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSSQZlAPWPP9DyJR0PMdOoACKXrChCNe
wm.gif
perseuss.jslink.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
perseuss.jslink.com
URL
https://perseuss.jslink.com/wm.gif?id=74113e8e-00a6-4504-a81c-fa3491e15e55&url=/pages/store-main/index&clientType=H5&skuId=&shopId=43911

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _hmt boolean| _bdhm_loaded_a37bcf73d4d26c60b9e1a306dbfec64f object| webpackJsonp object| regeneratorRuntime object| __core-js_shared__ object| jWeixin object| wx

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 4F6724C1BC9E969F
.m.xiyue.shop/ Name: Hm_lvt_a37bcf73d4d26c60b9e1a306dbfec64f
Value: 1724984229
.m.xiyue.shop/ Name: Hm_lpvt_a37bcf73d4d26c60b9e1a306dbfec64f
Value: 1724984229
.m.xiyue.shop/ Name: HMACCOUNT
Value: 4F6724C1BC9E969F
m.xiyue.shop/ Name: WM_UUID
Value: 74113e8e-00a6-4504-a81c-fa3491e15e55

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
m.xiyue.shop
magics.jslink.com
mmbiz.qpic.cn
mobff.jslink.com
perseuss.jslink.com
res.wx.qq.com
smbsrv.obs.cn-east-2.myhuaweicloud.com
perseuss.jslink.com
101.33.11.219
111.45.3.198
119.3.100.91
122.112.208.78
43.175.151.207
0c139bfbc284b8b47b57a15dfbd4064e9d7c0972dbb25e1fad84a101830e46aa
25d18b286194b2364996eb76393b5a6c9589a6e9ae86eb5d80b1ef548aa9ef17
40282acbeb56a0c8ea511de143cfccf6109cd8f18cff4f95802d10d2b01c66e0
59d562dacdebe722d7b14c2a1899b74d02ae7b41ea4b9954b076c6908ead7f70
5ea59ef9d3ada971c2ff523d4398f9b90a985c7572fa518056bc2f23f6cab23f
66572d3bf947d9d25b9661fbb741d7878e344dbcc129cbd1705713f85e96fc7d
6f81229654aec64861a5cf3d619ede605811cd8b09bec7503e306325afbf26bd
77a8e270c9b21fdbdd9af3968a8d7635472411da938735956b6b2730972dbbac
8259a8a962065b4ffc9243221de3661d1899ff4003a3b256d54e0e08bd6b9674
8970d87dc5fb273b406c465a1e68e46b577dc447ee9f80b9f13f062d72badd9b
ab46970f293a8ef4626e57c05d6e31a8f96730f277c99573d8305ccd7ccff0c7
c936293fb2a2835fd0ad8d86920c548d17e194b19eff443d124c34ae05c93079
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e01d0cd34ace57645ee5b3440672e40002f4e27c7fbd4f9613e6e633996ba7dc
e24d1abdb4f0d7cd7c359dcd439c3ade4030701c19a2acb21f8a2acf6292d38d
e52c901bdfa35456ad5fa7c9099503165fdbb12ee6d7c9e6f008a431ee6415e7
ed7d39a857743b4b491c5589d017d40b60586ac025e8351507a5110636d64ae3
ef8db83750228693b585a8721e32350c3f31b2ec35c02ffc0ab6c6b529d1289a
f2647d2e348273d93b1ab6949eca23549f0571f66fa792b38e8d311df03fe98d