URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Submission: On August 28 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 107.165.133.6, located in United States and belongs to EGIHOSTING, US. The main domain is violetleads.com.
TLS certificate: Issued by R3 on March 20th 2022. Valid for: 3 months.
This is the only time violetleads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 107.165.133.6 18779 (EGIHOSTING)
2 218.12.76.172 4837 (CHINA169-...)
1 85.208.116.58 18978 (ENZUINC-)
1 45.158.148.237 18978 (ENZUINC-)
2 103.235.46.191 55967 (BAIDU Bei...)
1 58.254.150.48 136958 (UNICOM-GU...)
1 104.193.88.77 ()
11 8
Apex Domain
Subdomains
Transfer
3 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10083
sp0.baidu.com
12 KB
2 websaas.cn
custompages.websaas.cn
10 KB
2 violetleads.com
violetleads.com
45 KB
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 35081
562 B
1 fuwanjia888.com
fuwanjia888.com
402 B
1 3152018.com
www.3152018.com
3 KB
11 6
Domain Requested by
2 hm.baidu.com www.3152018.com
violetleads.com
2 custompages.websaas.cn violetleads.com
2 violetleads.com violetleads.com
1 sp0.baidu.com violetleads.com
1 zz.bdstatic.com violetleads.com
1 fuwanjia888.com www.3152018.com
1 www.3152018.com violetleads.com
11 7

This site contains no links.

Subject Issuer Validity Valid
jzfupin.com
R3
2022-03-20 -
2022-06-18
3 months crt.sh
*.websaas.cn
GlobalSign RSA OV SSL CA 2018
2023-04-03 -
2024-05-04
a year crt.sh
3152018.com
R3
2023-07-06 -
2023-10-04
3 months crt.sh
fuwanjia888.com
TrustAsia RSA DV TLS CA G2
2023-04-26 -
2024-04-25
a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Frame ID: 4949DAA2C7E3BAEDC6F505285F1F33CB
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

大阳城集团网站-首页

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

73 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

70 kB
Transfer

149 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request HdfCoz.php
violetleads.com/cez/dhl-good/clients/
66 KB
44 KB
Document
General
Full URL
https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.165.133.6 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PHP/5.4.41
Resource Hash
b18b9160d9cc09ad9778978160ce97f14aedb45f21c549ae8d058aa57193c8b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 28 Aug 2023 14:43:43 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.41
jquery.min.js
violetleads.com/
682 B
995 B
Script
General
Full URL
https://violetleads.com/jquery.min.js
Requested by
Host: violetleads.com
URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.165.133.6 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
1713e799c9435736abca79d4f9d343221c9937ab991acc647ad48f75ca61d019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 14:43:43 GMT
Last-Modified
Wed, 30 Jun 2021 07:50:44 GMT
Server
nginx
ETag
"60dc2254-2aa"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
682
Expires
Mon, 28 Aug 2023 15:43:43 GMT
sha1.min.js
custompages.websaas.cn/
9 KB
10 KB
Script
General
Full URL
https://custompages.websaas.cn/sha1.min.js
Requested by
Host: violetleads.com
URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.12.76.172 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
411dc0c73b3f0612e25d8c673f226d1e52f104eefa32d47b441e11eac576fdd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 14:43:48 GMT
via
CHN-HEshijiazhuang-AREACUCC1-CACHE47[178],CHN-HEshijiazhuang-AREACUCC1-CACHE31[173,TCP_MISS,177],CHN-TJ-GLOBAL1-CACHE47[164],CHN-TJ-GLOBAL1-CACHE31[157,TCP_MISS,161]
x-ccdn-cachettl
0
last-modified
Thu, 16 Sep 2021 12:01:45 GMT
server
openresty
age
1
etag
"61433229-24de"
content-type
application/javascript
x-ccdn-origin-time
157
accept-ranges
bytes
content-length
9438
x-hcs-proxy-type
0
sj.js
www.3152018.com/anne/
7 KB
3 KB
Script
General
Full URL
https://www.3152018.com:8259/anne/sj.js
Requested by
Host: violetleads.com
URL: https://violetleads.com/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.208.116.58 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS
58.116-208-85.rdns.scalabledns.com
Software
nginx /
Resource Hash
37e38d1c65928098d34de4878eaebe909317a437f5ded061c6da91e2768d7e5f

Request headers

Referer
https://violetleads.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 28 Aug 2023 14:43:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 08:23:41 GMT
Server
nginx
ETag
W/"64ddd90d-1ace"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Mon, 28 Aug 2023 15:43:44 GMT
fcl.php
fuwanjia888.com/
129 B
402 B
XHR
General
Full URL
https://fuwanjia888.com:33888/fcl.php?keyword=%E5%A4%A7%E9%98%B3%E5%9F%8E%E9%9B%86%E5%9B%A2%E7%BD%91%E7%AB%99-%E9%A6%96%E9%A1%B5&from=pc&originUrl=https%3A%2F%2Fvioletleads.com%2Fcez%2Fdhl-good%2Fclients%2FHdfCoz.php%3Fverification&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&v=9993
Requested by
Host: www.3152018.com
URL: https://www.3152018.com:8259/anne/sj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.158.148.237 Los Angeles, United States, ASN18978 (ENZUINC-, US),
Reverse DNS
237.148-158-45.rdns.scalabledns.com
Software
nginx / PHP/5.4.41
Resource Hash
e7e799c50b46cc4e500d7e939bc8c4ab8332d8d1d63f8fd5aab35c7346c8c07d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 14:43:45 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.4.41
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?6a18ba57357be31cd4e3b79072d78dba
Requested by
Host: www.3152018.com
URL: https://www.3152018.com:8259/anne/sj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
f9e724601f7c0b862d801716c820be8138cf499ff74dfb8689044ea83942f31d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 14:43:45 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
1338f94243c8b1400961d21c92976461
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
truncated
/
37 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dae5122e3ecf3805638c829cc92937f1d77f2b9e31bb3ef840ea52ce6d85ece1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=171354399&si=6a18ba57357be31cd4e3b79072d78dba&v=1.3.0&lv=1&sn=6031&r=0&ww=1600&u=https%3A%2F%2Fvioletleads.com%2Fcez%2Fdhl-good%2Fclients%2FHdfCoz.php%3Fverification&tt=%E5%A4%A7%E9%98%B3%E5%9F%8E%E9%9B%86%E5%9B%A2%E7%BD%91%E7%AB%99-%E9%A6%96%E9%A1%B5
Requested by
Host: violetleads.com
URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 14:43:46 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
7bef9456-a3a9-4306-a9ca-5cadc03f6879.js
custompages.websaas.cn/
0
0
Preflight
General
Full URL
https://custompages.websaas.cn/7bef9456-a3a9-4306-a9ca-5cadc03f6879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.12.76.172 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
xwd-token
Access-Control-Request-Method
GET
Origin
https://violetleads.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-length
41390
content-type
text/html
date
Mon, 28 Aug 2023 14:43:50 GMT
etag
"60ff7761-a1ae"
server
openresty
via
CHN-HEshijiazhuang-AREACUCC1-CACHE23[260],CHN-HEshijiazhuang-AREACUCC1-CACHE21[257,TCP_MISS,258],CHN-TJ-GLOBAL1-CACHE41[239],CHN-TJ-GLOBAL1-CACHE109[236,TCP_MISS,238]
x-ccdn-cachettl
0
x-ccdn-origin-time
236
x-hcs-proxy-type
0
7bef9456-a3a9-4306-a9ca-5cadc03f6879.js
custompages.websaas.cn/
0
0

push.js
zz.bdstatic.com/linksubmit/
308 B
562 B
Script
General
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: violetleads.com
URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 14:43:50 GMT
content-encoding
br
tracecode
29781726510667914250082815
ohc-response-time
1 0 0 0 0 0
last-modified
Fri, 30 Dec 2022 21:48:54 GMT
server
JSP3/2.0.14
age
19266
etag
"63af5cc6-134"
ohc-cache-hit
gz3un56 [2], zhuzuncache62 [2]
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
ohc-global-saved-time
Mon, 28 Aug 2023 07:49:38 GMT
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/
0
116 B
Image
General
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Requested by
Host: violetleads.com
URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.193.88.77 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://violetleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 14:43:52 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
custompages.websaas.cn
URL
https://custompages.websaas.cn/7bef9456-a3a9-4306-a9ca-5cadc03f6879.js

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _0xda90 object| _$ object| O0 object| _0x734d function| isIe8 function| ajax object| browser string| from string| title string| url string| originUrl string| referer string| userAgent undefined| requestData object| _hmt boolean| _bdhm_loaded_6a18ba57357be31cd4e3b79072d78dba object| mini_tangram_log_jcb3vw function| sha1 boolean| demoFlag boolean| imgFlag number| timeOut function| requestConfig function| CheckStatus function| showDefault function| timeOutFn string| uDeskAh object| callBack function| getParams function| getNonce function| openWin

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F82AAED11BA4FC8B
.violetleads.com/ Name: Hm_lvt_6a18ba57357be31cd4e3b79072d78dba
Value: 1693233826
.violetleads.com/ Name: Hm_lpvt_6a18ba57357be31cd4e3b79072d78dba
Value: 1693233826

5 Console Messages

Source Level URL
Text
javascript warning URL: https://violetleads.com/jquery.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.3152018.com:8259/anne/sj.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://violetleads.com/jquery.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.3152018.com:8259/anne/sj.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://fuwanjia888.com:33888/fcl.php?keyword=%E5%A4%A7%E9%98%B3%E5%9F%8E%E9%9B%86%E5%9B%A2%E7%BD%91%E7%AB%99-%E9%A6%96%E9%A1%B5&from=pc&originUrl=https%3A%2F%2Fvioletleads.com%2Fcez%2Fdhl-good%2Fclients%2FHdfCoz.php%3Fverification&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&v=9993
Message:
Failed to load resource: the server responded with a status of 403 (OK)
javascript error URL: https://violetleads.com/cez/dhl-good/clients/HdfCoz.php?verification
Message:
Access to XMLHttpRequest at 'https://custompages.websaas.cn/7bef9456-a3a9-4306-a9ca-5cadc03f6879.js' from origin 'https://violetleads.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://custompages.websaas.cn/7bef9456-a3a9-4306-a9ca-5cadc03f6879.js
Message:
Failed to load resource: net::ERR_FAILED