www.surplusandparts.com Open in urlscan Pro
104.200.170.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://surplusandparts.com/hbt.php
Effective URL:
http://www.surplusandparts.com/hbt.php
Submission Tags: falconsandbox
Submission: On December 17 via api (December 17th 2020, 8:23:53 am UTC) from US

Summary HTTP 13 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 13 HTTP transactions. The main IP is 104.200.170.220, located in Los Angeles, United States and belongs to ESITED, US. The main domain is www.surplusandparts.com.

This is the only time www.surplusandparts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.200.170.220 104.200.170.220	22552 (ESITED) (ESITED)
3	122.228.91.87 122.228.91.87	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
3	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1 2	122.10.42.25 122.10.42.25	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	27.124.8.209 27.124.8.209	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
13	6

4 104.200.170.220 (Los Angeles, United States) 1 redirects

ASN22552 (ESITED, US)

surplusandparts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.surplusandparts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 122.10.42.25 (Hong Kong) 1 redirects

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

2019ayaya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.2019ayaya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.124.8.209 (Geumcheon-gu, Korea, Republic Of)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

www.2021facai.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	51.la js.users.51.la ia.51.la	11 KB
4	surplusandparts.com 1 redirects surplusandparts.com www.surplusandparts.com	3 KB
2	baidu.com hm.baidu.com	15 KB
2	2019ayaya.com 1 redirects 2019ayaya.com www.2019ayaya.com	1 KB
1	2021facai.top www.2021facai.top
13	5

	Domain	Requested by
3	ia.51.la	www.surplusandparts.com
3	js.users.51.la	www.surplusandparts.com
3	www.surplusandparts.com	www.surplusandparts.com
2	hm.baidu.com	www.surplusandparts.com
1	www.2021facai.top	2019ayaya.com
1	www.2019ayaya.com	www.surplusandparts.com
1	2019ayaya.com	1 redirects
1	surplusandparts.com	1 redirects
13	8

This site contains links to these domains. Also see Links.

Domain
www.51.la

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
2019ayaya.com Let's Encrypt Authority X3	`2020-10-21` - `2021-01-19`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
2021facai.top R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.surplusandparts.com/hbt.php
Frame ID: 5345DD3248D221CFC3B098452635B73F
Requests: 12 HTTP requests in this frame

Frame: https://www.2021facai.top/xinpj/index.html
Frame ID: 6CFE87B38848D79B58145B774CF29F18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://surplusandparts.com/hbt.php HTTP 301
http://www.surplusandparts.com/hbt.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

54 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

6
IPs

4
Countries

29 kB
Transfer

60 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.51.la/?comId=20615893
Title: 51La

Search URL Search Domain Scan URL

URL: https://www.51.la/?comId=20315725
Title: 51La

Search URL Search Domain Scan URL

URL: https://www.51.la/?comId=20315715
Title: 51La

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://surplusandparts.com/hbt.php HTTP 301
http://www.surplusandparts.com/hbt.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://2019ayaya.com/3/jquery.minjs.js HTTP 301
https://www.2019ayaya.com/3/jquery.minjs.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request hbt.php Show response
www.surplusandparts.com/
Redirect Chain

http://surplusandparts.com/hbt.php
http://www.surplusandparts.com/hbt.php

481 B
552 B

596ms
315ms

Document
text/html

104.200.170.220
ESITED

General

Check archive.org

Show headers Download Go to

Full URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Server: 104.200.170.220 Los Angeles, United States, ASN22552 (ESITED, US),
Reverse DNS
Software: nginx / PHP/5.4.41
Resource Hash: fa2c2faeacacb17b99c683d8e3a94e33b47ad9322d340b995d76621b01c54cfc

Request headers

Host: www.surplusandparts.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 17 Dec 2020 08:23:27 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 17 Dec 2020 08:23:26 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.surplusandparts.com/hbt.php

GET
H/1.1 200
OK tj.js Show response
www.surplusandparts.com/ 255 B
567 B 161ms
160ms Script
application/javascript 104.200.170.220
ESITED

General

Check archive.org

Show headers Download Go to

Full URL: http://www.surplusandparts.com/tj.js
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Server: 104.200.170.220 Los Angeles, United States, ASN22552 (ESITED, US),
Reverse DNS
Software: nginx /
Resource Hash: 6439ee401853d9a6621ba59988d62d22bb6b092e0bf7a761cf55675bce26724a

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:27 GMT
Last-Modified: Thu, 05 Mar 2020 07:15:23 GMT
Server: nginx
ETag: "5e60a70b-ff"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 255
Expires: Thu, 17 Dec 2020 09:23:27 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.surplusandparts.com/ 3 KB
1 KB 317ms
311ms Script
application/javascript 104.200.170.220
ESITED

General

Check archive.org

Show headers Download Go to

Full URL: http://www.surplusandparts.com/jquery.min.js
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Server: 104.200.170.220 Los Angeles, United States, ASN22552 (ESITED, US),
Reverse DNS
Software: nginx /
Resource Hash: f139517b8093e2f517ae5ad6569f5ed420a03da3bf1e1bf0b3e23040abdb3513

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 16:17:37 GMT
Server: nginx
ETag: W/"5fb00321-afa"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Dec 2020 09:23:27 GMT

GET
H/1.1 200
OK 20615893.js Show response
js.users.51.la/ 5 KB
3 KB 2103ms
1599ms Script
application/javascript 122.228.91.87
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20615893.js
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: a3b102826edb35815b55299ef3bff9eba59751ce941b969b298cf2e93e42cbb4

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20615893
Date: Thu, 17 Dec 2020 08:23:29 GMT
Content-Encoding: gzip
X-Ws-Request-Id: 5fdb1581_dx166_24761-35907
Age: 39220
Transfer-Encoding: chunked
X-Via: 1.1 PSjshasx4am60:5 (Cdn Cache Server V2.0)[28 200 0], 1.1 PSfjqzdxla155:6 (Cdn Cache Server V2.0)[73 200 2], 1.1 xin169:2 (Cdn Cache Server V2.0)[1 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 0000017569C15CDA9410DF161494448C
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSoPKefD9yBpbehHhwGVzXtPhkNLrSUN
Last-Modified: Sat Feb 01 10:41:37 CST 2020
Server: nginx/1.14.0
ETag: "1f680e122f82aad4d255017ab96ab026"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G001116FFEA00613FFFF94123B46767E

GET
H/1.1 200
OK 20315725.js Show response
js.users.51.la/ 5 KB
3 KB 751ms
240ms Script
application/javascript 122.228.91.87
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20315725.js
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: bec4f220376e61943c040575d6107dd1de4dc43f42f6ad05f611e9e2931358f4

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20315725
Date: Thu, 17 Dec 2020 08:23:28 GMT
Content-Encoding: gzip
X-Ws-Request-Id: 5fdb1580_zhdx111_35409-49297
Age: 72563
Transfer-Encoding: chunked
X-Via: 1.1 PSjshasx4pj50:8 (Cdn Cache Server V2.0)[1 200 0], 1.1 PSzjjxdx9vi111:5 (Cdn Cache Server V2.0)[34 200 2], 1.1 zhoudianxin115:1 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 00000175AB07ACE5901940E370161F19
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSXKITfYGOANWG98xokw/tH6o6YxQr/9
Last-Modified: Wed Sep 04 11:39:29 CST 2019
Server: nginx/1.14.0
ETag: "08684ce114564b92dbb26b532d50039f"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G001116CFA5B187EFFFF904E1D292C15

GET
H/1.1 200
OK 20315715.js Show response
js.users.51.la/ 5 KB
3 KB 1790ms
1271ms Script
application/javascript 122.228.91.87
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20315715.js
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 4ca004731524c70ad181af8e8a368713aeafbe5c0cbb5887656ea41298e6ba6e

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20315715
Date: Thu, 17 Dec 2020 08:23:29 GMT
Content-Encoding: gzip
X-Ws-Request-Id: 5fdb1581_zhdx111_35070-19462
Age: 72564
Transfer-Encoding: chunked
X-Via: 1.1 PSjshasx4sg59:7 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSjsyzdx6jk53:8 (Cdn Cache Server V2.0)[23 200 2], 1.1 ianxin170:2 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 000001765B8B57D69017F0AC7F51A58C
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSOguwBl1NorTXraWBJr1XLsNHz89wGu
Last-Modified: Wed Sep 04 11:38:38 CST 2019
Server: nginx/1.14.0
ETag: "2390be3ac07a5cf3e236a00b57863f49"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G001116CFA5A4E80FFFF904B1D98BD79

GET
H/1.1 200 go1
ia.51.la/ 0
255 B 3604ms
3597ms Image
application/octet-stream 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=20615893&rt=1608193409634&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1608193409634&tt=%25E6%25BE%25B3%25E9%2597%25A8%25E8%2591%25A1%25E4%25BA%25ACag_%25E6%25BE%25B3%25E9%2597%25A8%25E6%2596%25B0%25E8%2591%25A1%25E8%2590%2584%25E4%25BA%25AC%25E5%25A8%25B1%25E4%25B9%2590-%25E6%2596%25B0%25E8%2590%2584%25E4%25BA%25AC%25E5%25A8%25B1%25E4%25B9%2590%25E5%259C%25BA%25E6%2589%258B%25E6%259C%25BA%25E7%2589%2588&kw=&cu=http%253A%252F%252Fwww.surplusandparts.com%252Fhbt.php&pu=
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:33 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200 go1
ia.51.la/ 0
255 B 1464ms
1458ms Image
application/octet-stream 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=20315725&rt=1608193409648&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1608193409648&tt=%25E6%25BE%25B3%25E9%2597%25A8%25E8%2591%25A1%25E4%25BA%25ACag_%25E6%25BE%25B3%25E9%2597%25A8%25E6%2596%25B0%25E8%2591%25A1%25E8%2590%2584%25E4%25BA%25AC%25E5%25A8%25B1%25E4%25B9%2590-%25E6%2596%25B0%25E8%2590%2584%25E4%25BA%25AC%25E5%25A8%25B1%25E4%25B9%2590%25E5%259C%25BA%25E6%2589%258B%25E6%259C%25BA%25E7%2589%2588&kw=&cu=http%253A%252F%252Fwww.surplusandparts.com%252Fhbt.php&pu=
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:31 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200 go1
ia.51.la/ 0
255 B 1613ms
1608ms Image
application/octet-stream 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=20315715&rt=1608193409651&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=3&ekc=&sid=1608193409651&tt=%25E6%25BE%25B3%25E9%2597%25A8%25E8%2591%25A1%25E4%25BA%25ACag_%25E6%25BE%25B3%25E9%2597%25A8%25E6%2596%25B0%25E8%2591%25A1%25E8%2590%2584%25E4%25BA%25AC%25E5%25A8%25B1%25E4%25B9%2590-%25E6%2596%25B0%25E8%2590%2584%25E4%25BA%25AC%25E5%25A8%25B1%25E4%25B9%2590%25E5%259C%25BA%25E6%2589%258B%25E6%259C%25BA%25E7%2589%2588&kw=&cu=http%253A%252F%252Fwww.surplusandparts.com%252Fhbt.php&pu=
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:31 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1

200
OK

jquery.minjs.js Show response
www.2019ayaya.com/3/
Redirect Chain

https://2019ayaya.com/3/jquery.minjs.js
https://www.2019ayaya.com/3/jquery.minjs.js

3 KB
1 KB

1334ms
256ms

Script
application/javascript

122.10.42.25
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.2019ayaya.com/3/jquery.minjs.js
Requested by: Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 122.10.42.25 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: d346947c5903ed305e7ada022be110bf194a9beb24045bd5d15f6b4a45f9b3a0

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Dec 2020 19:34:42 GMT
Server: nginx
ETag: W/"5fcd3252-a12"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Location: https://www.2019ayaya.com/3/jquery.minjs.js
Date: Thu, 17 Dec 2020 08:23:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1141ms
563ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?57d1b23dc10f80a577949e8a71266f25

Requested by

Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

fcc6724c1336ca13dd9876be4692ed289c719f0c6886291cfa9d7ee46513fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 08:23:30 GMT
Content-Encoding: gzip
Server: apache
Etag: 0c3c0189fae5cbd99219808705515318
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14044

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 372ms
372ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=58382069&si=57d1b23dc10f80a577949e8a71266f25&v=1.2.80&lv=1&sn=30046&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.surplusandparts.com%2Fhbt.php&tt=%E6%BE%B3%E9%97%A8%E8%91%A1%E4%BA%ACag_%E6%BE%B3%E9%97%A8%E6%96%B0%E8%91%A1%E8%90%84%E4%BA%AC%E5%A8%B1%E4%B9%90-%E6%96%B0%E8%90%84%E4%BA%AC%E5%A8%B1%E4%B9%90%E5%9C%BA%E6%89%8B%E6%9C%BA%E7%89%88

Requested by

Host: www.surplusandparts.com
URL: http://www.surplusandparts.com/hbt.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.surplusandparts.com/hbt.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Dec 2020 08:23:31 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK index.html
www.2021facai.top/xinpj/ Frame 6CFE 0
0 1607ms
326ms Document
text/html 27.124.8.209
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.2021facai.top/xinpj/index.html
Requested by: Host: 2019ayaya.com
URL: https://2019ayaya.com/3/jquery.minjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 27.124.8.209 Geumcheon-gu, Korea, Republic Of, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: www.2021facai.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.surplusandparts.com/hbt.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.surplusandparts.com/hbt.php

Response headers

Server: nginx
Date: Thu, 17 Dec 2020 08:23:33 GMT
Content-Type: text/html
Last-Modified: Sun, 06 Dec 2020 19:45:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fcd34ce-7467"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Encoding: gzip

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2019ayaya.com
hm.baidu.com
ia.51.la
js.users.51.la
surplusandparts.com
www.2019ayaya.com
www.2021facai.top
www.surplusandparts.com
103.235.46.191
104.200.170.220
122.10.42.25
122.228.91.87
183.131.207.66
27.124.8.209
4ca004731524c70ad181af8e8a368713aeafbe5c0cbb5887656ea41298e6ba6e
6439ee401853d9a6621ba59988d62d22bb6b092e0bf7a761cf55675bce26724a
a3b102826edb35815b55299ef3bff9eba59751ce941b969b298cf2e93e42cbb4
bec4f220376e61943c040575d6107dd1de4dc43f42f6ad05f611e9e2931358f4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d346947c5903ed305e7ada022be110bf194a9beb24045bd5d15f6b4a45f9b3a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f139517b8093e2f517ae5ad6569f5ed420a03da3bf1e1bf0b3e23040abdb3513
fa2c2faeacacb17b99c683d8e3a94e33b47ad9322d340b995d76621b01c54cfc
fcc6724c1336ca13dd9876be4692ed289c719f0c6886291cfa9d7ee46513fe2f

www.surplusandparts.com Open in urlscan Pro 104.200.170.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

54 %HTTPS

0 %IPv6

5 Domains

8 Subdomains

6 IPs

4 Countries

29 kBTransfer

60 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

www.surplusandparts.com Open in urlscan Pro
104.200.170.220 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

54 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

6
IPs

4
Countries

29 kB
Transfer

60 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions