urlscan.io logo urlscan.io
SecurityTrails logo

pay.xiaokang.me Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.xiaokang.me/
Submission: On February 02 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 76.76.21.21, located in Charlotte, United States and belongs to AMAZON-02, US. The main domain is pay.xiaokang.me.
TLS certificate: Issued by R3 on February 2nd 2021. Valid for: 3 months.
This is the only time pay.xiaokang.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 76.76.21.21 16509 (AMAZON-02)
2 2a04:4e42:1b:... 54113 (FASTLY)
1 47.246.43.229 24429 (TAOBAO Zh...)
4 3
Apex Domain
Subdomains		 Transfer
2 jsdelivr.net
cdn.jsdelivr.net
48 KB
1 sinaimg.cn
tva1.sinaimg.cn
46 KB
1 xiaokang.me
pay.xiaokang.me
2 KB
4 3
Domain Requested by
2 cdn.jsdelivr.net pay.xiaokang.me
1 tva1.sinaimg.cn pay.xiaokang.me
1 pay.xiaokang.me
4 3

This site contains no links.

Subject Issuer Validity Valid
pay.xiaokang.me
R3		 2021-02-02 -
2021-05-03		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
sina.cn
GeoTrust CN RSA CA G1		 2020-11-30 -
2021-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pay.xiaokang.me/
Frame ID: 524F8A54EAD32B756BD4F96E04B1F799
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

96 kB
Transfer

187 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.xiaokang.me/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.xiaokang.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
700fceef6e8fb94a10f705557a44bf9c76ee9e4eff395409aa82034d23cd9b69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
pay.xiaokang.me
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 11:23:40 GMT
content-type
text/html; charset=utf-8
content-disposition
inline; filename="index.html"
cache-control
public, max-age=0, must-revalidate
access-control-allow-origin
*
etag
W/"700fceef6e8fb94a10f705557a44bf9c76ee9e4eff395409aa82034d23cd9b69"
x-vercel-cache
MISS
age
0
server
Vercel
x-vercel-id
lhr1::pmk8q-1612265019013-e6a32c4330f0
strict-transport-security
max-age=63072000
content-encoding
br
style.min.css
cdn.jsdelivr.net/combine/gh/hifocus/merger@0.20/assets/styles/spectre.css/spectre-modified.min.css,gh/hifocus/merger@0.20/assets/styles/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/gh/hifocus/merger@0.20/assets/styles/spectre.css/spectre-modified.min.css,gh/hifocus/merger@0.20/assets/styles/style.min.css
Requested by
Host: pay.xiaokang.me
URL: https://pay.xiaokang.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd60404cc32462bf10ac0460fc10eb5518c30c9bd4af226ad8015638212cc257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.xiaokang.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
56466
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
content-length
4634
etag
W/"4010-wJut88ruoFOyUZfXm1DjYmHOq34"
x-served-by
cache-fra19128-FRA, cache-hhn4054-HHN
date
Tue, 02 Feb 2021 11:23:40 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
font_974919_xgtacm93vxp.min.js
cdn.jsdelivr.net/combine/gh/hifocus/merger@0.20/assets/js/jQuery/jquery.min.js,gh/hifocus/merger@0.20/assets/js/jquery-qrcode/jquery-qrcode.min.js,gh/hifocus/merger@0.20/assets/js/function.min.js,g... 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/gh/hifocus/merger@0.20/assets/js/jQuery/jquery.min.js,gh/hifocus/merger@0.20/assets/js/jquery-qrcode/jquery-qrcode.min.js,gh/hifocus/merger@0.20/assets/js/function.min.js,gh/hifocus/merger@0.20/assets/js/font_974919_xgtacm93vxp.min.js
Requested by
Host: pay.xiaokang.me
URL: https://pay.xiaokang.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d65985b4549830be5ab615d64b30fb554c4e007cd6a632a6451ad5c97c545d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.xiaokang.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
801055
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
44013
etag
W/"1e9e7-NfvZRM2ed5zNi/WGzq92HGWclhE"
x-served-by
cache-fra19170-FRA, cache-hhn4054-HHN
date
Tue, 02 Feb 2021 11:23:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
832afe33ly1g42y8tmoc2j20hs0hsq3w.jpg
tva1.sinaimg.cn/mw690/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tva1.sinaimg.cn/mw690/832afe33ly1g42y8tmoc2j20hs0hsq3w.jpg
Requested by
Host: pay.xiaokang.me
URL: https://pay.xiaokang.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.229 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
306ff280dc244bcede5e77b3667a8df9a5140fb2f443844477bfc9ac9ca70c1f

Request headers

Referer
https://pay.xiaokang.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:04:48 GMT
via
https/1.1 cnc.guangzhou.union.55 (ApacheTrafficServer/6.2.1 [cMsSfW]), cache31.l2ot7-1[0,200-0,H], cache21.l2ot7-1[0,0], cache6.de2[161,200-0,M], cache3.de2[165,0]
age
202732
x-via-edge
16120622883573371fe2ff0065a7036fb06a2
lb_header
ssl.52.wbg2.shx.lb.sinanode.com
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-cachetime
864000, 661268
x-swift-savetime
Sun, 31 Jan 2021 03:04:48 GMT, Tue, 02 Feb 2021 11:23:40 GMT
x-uidblock-version
5532
x-via-cdn
f=alicdn,s=cache3.de2,c=185.212.171.75;f=alicdn,s=cache21.l2ot7-1,c=47.246.43.154;f=edge,s=cnc.guangzhou.union.56.nb.sinaedge.com,c=47.254.113.51;f=Edge,s=cnc.guangzhou.union.55,c=112.90.6.73
x-request-id
g3.151-1592268252.606000-423219082
pragma
public
edge-copy-time
1592360584561
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
ali-swift-global-savetime
1592360584
content-type
image/jpeg
cache-control
max-age=864000
access-control-allow-credentials
true
x-debug-hit
sto(45823,0.010)
x-ban
miss,5532, MISS,5503
content-length
45823
timing-allow-origin
*
eagleid
2ff62b9716122650201977709e
expires
Wed, 10 Feb 2021 03:04:48 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| usage string| wechat string| alipay string| tenpay string| myname string| profile boolean| branding boolean| multilingual string| myname_hans string| myname_hant string| myname_eng string| title string| subtitle string| qrcodeapi undefined| client undefined| selected number| scale string| userLang string| firstchar string| lastchar object| english string| finalname string| finalsub boolean| spacing string| finalname_eng string| aftertitle string| finaltitle string| wechatscan string| tenpayscan string| alipayscan string| payto string| presshold string| notavail string| method string| trans_wx string| trans_ali string| trans_tp string| scan string| method_t string| method_lc string| trans_pm string| trans_dn string| scanhint number| error_num undefined| notenpay undefined| nowechat undefined| noalipay function| openwechat function| openalipay function| opentenpay function| removal function| urlencode function| showqrcode undefined| openbox function| $ function| jQuery

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.jsdelivr.net/combine/gh/hifocus/merger@0.20/assets/js/jQuery/jquery.min.js,gh/hifocus/merger@0.20/assets/js/jquery-qrcode/jquery-qrcode.min.js,gh/hifocus/merger@0.20/assets/js/function.min.js,gh/hifocus/merger@0.20/assets/js/font_974919_xgtacm93vxp.min.js(Line 12)
Message:
%c merger.html %c https://github.com/hifocus/merger color: #fadfa3; background: #030307; padding:5px 0; background: #fadfa3; padding:5px 0;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000