a2.xin599.com Open in urlscan Pro
2600:9000:2511:de00:14:4d12:e940:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a1.xin599.com/
Effective URL:
https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
Submission: On March 21 via api (March 21st 2024, 10:20:51 am UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2600:9000:2511:de00:14:4d12:e940:93a1, located in United States and belongs to AMAZON-02, US. The main domain is a2.xin599.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 21st 2023. Valid for: a year.

This is the only time a2.xin599.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	130.211.39.162 130.211.39.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 13	2600:9000:251... 2600:9000:2511:de00:14:4d12:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.215.149.130 35.215.149.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:3b62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	4

4 130.211.39.162 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.39.211.130.bc.googleusercontent.com

a1.xin599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2511:de00:14:4d12:e940:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

a2.xin599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.215.149.130 (Hong Kong, Hong Kong)

ASN15169 (GOOGLE, US)
PTR: 130.149.215.35.bc.googleusercontent.com

a3.xin599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a4.xin599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3b62 (United States)

ASN13335 (CLOUDFLARENET, US)

a5.xin599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	xin599.com 3 redirects a1.xin599.com a2.xin599.com a3.xin599.com a4.xin599.com a5.xin599.com	246 KB
17	1

	Domain	Requested by
13	a2.xin599.com	1 redirects a1.xin599.com a2.xin599.com
4	a1.xin599.com	2 redirects a1.xin599.com
1	a5.xin599.com	a1.xin599.com
1	a4.xin599.com	a1.xin599.com
1	a3.xin599.com	a1.xin599.com
17	5

This site contains no links.

Subject Issuer	Validity	Valid
www.xin599.com GTS CA 1D4	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.xin599.com Amazon RSA 2048 M03	`2023-10-21` - `2024-11-18`	a year	crt.sh
xin599.com R3	`2024-03-17` - `2024-06-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
Frame ID: 5827EFE43A43A9D942D578CD38D0D2DF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

会员登录

Page URL History Show full URLs

https://a1.xin599.com/ HTTP 302
https://a1.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383 HTTP 302
https://a1.xin599.com/Dee/index_hy.php Page URL
https://a2.xin599.com/ HTTP 302
https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

5
Subdomains

4
IPs

2
Countries

245 kB
Transfer

316 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a1.xin599.com/ HTTP 302
https://a1.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383 HTTP 302
https://a1.xin599.com/Dee/index_hy.php Page URL
https://a2.xin599.com/ HTTP 302
https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://a1.xin599.com/ HTTP 302
https://a1.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383 HTTP 302
https://a1.xin599.com/Dee/index_hy.php

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

index_hy.php Show response
a1.xin599.com/Dee/
Redirect Chain

https://a1.xin599.com/
https://a1.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
https://a1.xin599.com/Dee/index_hy.php

4 KB
2 KB

229ms
228ms

Document
text/html

130.211.39.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.xin599.com/Dee/index_hy.php

Protocol

Security

QUIC, , AES_128_GCM

Server

130.211.39.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

162.39.211.130.bc.googleusercontent.com

Software

nginx /

Resource Hash

b10b3172861f1e79fc4c624d0095aab9d85cce769fd4ede12f50dd6c888ea799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 10:20:44 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 10:20:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /Dee/index_hy.php
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 google

GET
H3 200 _loginBottom.jpg
a1.xin599.com/images/ 29 KB
29 KB 831ms
828ms Image
image/jpeg 130.211.39.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.xin599.com/images/_loginBottom.jpg?1711016445102

Requested by

Host: a1.xin599.com
URL: https://a1.xin599.com/Dee/index_hy.php

Protocol

Security

QUIC, , AES_128_GCM

Server

130.211.39.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

162.39.211.130.bc.googleusercontent.com

Software

nginx /

Resource Hash

441325f18ee89a70d5afe068d1ea69465af5f398f1c69e86dfd5deff6f87d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a1.xin599.com/Dee/index_hy.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
last-modified: Fri, 15 Mar 2024 03:11:21 GMT
server: nginx
etag: "65f3bc59-72f9"
content-type: image/jpeg
cache-control: public,max-age=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29433

GET
H2 200 _loginBottom.jpg
a2.xin599.com/images/ 29 KB
29 KB 690ms
489ms Image
image/jpeg 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2.xin599.com/images/_loginBottom.jpg?1711016445102

Requested by

Host: a1.xin599.com
URL: https://a1.xin599.com/Dee/index_hy.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

441325f18ee89a70d5afe068d1ea69465af5f398f1c69e86dfd5deff6f87d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a1.xin599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:11:21 GMT
server: nginx
x-amz-cf-pop: JFK50-P6
etag: "65f3bc59-72f9"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29433
x-amz-cf-id: fMtScrjYQMM73IkGZXyBWorhcYpC9nA2R0Crhd8p183YxAbgtZdqAg==
expires: Sat, 20 Apr 2024 10:20:45 GMT

GET
H2 200 _loginBottom.jpg
a3.xin599.com/images/ 29 KB
29 KB 874ms
262ms Image
image/jpeg 35.215.149.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a3.xin599.com/images/_loginBottom.jpg?1711016445102

Requested by

Host: a1.xin599.com
URL: https://a1.xin599.com/Dee/index_hy.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.215.149.130 Hong Kong, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

130.149.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

441325f18ee89a70d5afe068d1ea69465af5f398f1c69e86dfd5deff6f87d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a1.xin599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
last-modified: Fri, 15 Mar 2024 03:11:21 GMT
server: nginx
etag: "65f3bc59-72f9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29433
expires: Sat, 20 Apr 2024 10:20:45 GMT

GET
H2 200 _loginBottom.jpg
a4.xin599.com/images/ 29 KB
29 KB 922ms
430ms Image
image/jpeg 35.215.149.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a4.xin599.com/images/_loginBottom.jpg?1711016445102

Requested by

Host: a1.xin599.com
URL: https://a1.xin599.com/Dee/index_hy.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.215.149.130 Hong Kong, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

130.149.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

441325f18ee89a70d5afe068d1ea69465af5f398f1c69e86dfd5deff6f87d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a1.xin599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
last-modified: Fri, 15 Mar 2024 03:11:21 GMT
server: nginx
etag: "65f3bc59-72f9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 29433
expires: Sat, 20 Apr 2024 10:20:45 GMT

GET
H2 200 _loginBottom.jpg
a5.xin599.com/images/ 29 KB
29 KB 1017ms
806ms Image
image/jpeg 2606:4700:3035::6815:3b62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a5.xin599.com/images/_loginBottom.jpg?1711016445102

Requested by

Host: a1.xin599.com
URL: https://a1.xin599.com/Dee/index_hy.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:3b62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

441325f18ee89a70d5afe068d1ea69465af5f398f1c69e86dfd5deff6f87d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a1.xin599.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:46 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29433
last-modified: Fri, 15 Mar 2024 03:11:21 GMT
server: cloudflare
etag: "65f3bc59-72f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=okxDN%2Bct33OM3oFzshu%2FeN3caD8guXRHJ4o038cX7Lb9tYGDkMkjkZA4hhifrhR%2BhfWsqZdEOTnIoMScM4Hqs27A8e5ZVbo6zpRZ0Kp8NyTOU1BpQJGS%2FOYM2lMajq%2Fgn%2FwB3amY4f88Wm9t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 867d360f58934bcf-BUF
expires: Sat, 20 Apr 2024 10:20:45 GMT

GET
H2

200

Primary Request / Show response
a2.xin599.com/
Redirect Chain

https://a2.xin599.com/
https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

6 KB
3 KB

510ms
493ms

Document
text/html

2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0f24879c5a2703c42dbc9c95c29d25699594fcb8d1326997df08dfbc435dda15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://a1.xin599.com
Referer: https://a1.xin599.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 10:20:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
x-amz-cf-id: 8Vu0FkJEaycfmHGuW9ajaHrv-O34ArA-wLnjjc6KcQIPy_UQ27onCA==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Thu, 21 Mar 2024 10:20:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
x-amz-cf-id: 5VEG7LgqNUDH8-4Tqg_dAMiCpKQ9v39eHKxGYwRgdGYzblcg4wDATw==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

GET
H2 200 jquery-3.5.1.min.js Show response
a2.xin599.com/js/ 87 KB
32 KB 439ms
437ms Script
application/javascript 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/js/jquery-3.5.1.min.js

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:11:23 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: JFK50-P6
etag: W/"65f3bc5b-15d84"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=43200
x-amz-cf-id: XwOUU08_Q-X1mbAuju374jVe4ttmY-BJYpqY6dT8AThLRzh_4GQImw==
expires: Thu, 21 Mar 2024 22:20:48 GMT

GET
H2 200 layer.js Show response
a2.xin599.com/static/layer/ 15 KB
6 KB 445ms
443ms Script
application/javascript 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/static/layer/layer.js

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

54056b893f3eeffb9487b40d3c602c20257de61a239f178949cfeb6a7856d80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:06 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: JFK50-P6
etag: W/"65f3bc86-3a5c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=43200
x-amz-cf-id: w2k0KjzOfEIJYBmeHJJzq302_ZXTqw2fPWeqXCyKF5B6YqRY3Gxzpw==
expires: Thu, 21 Mar 2024 22:20:48 GMT

GET
H2 200 iconfont.css
a2.xin599.com/static/css/ 4 KB
1 KB 238ms
237ms Stylesheet
text/css 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/static/css/iconfont.css

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ac8e9648a6a9b6a5244ba5b98738ae4f592cb4d6c4e8ff2ef6e4a84ff4f1c722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:05 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: JFK50-P6
etag: W/"65f3bc85-e90"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=43200
x-amz-cf-id: 9TKwrep1YQ1-rNHeWy8dO8uEmTNm4MGcFQc3BaBq3GQbZGMZRHGZQQ==
expires: Thu, 21 Mar 2024 22:20:48 GMT

GET
H2 200 new_login.css
a2.xin599.com/static/css/ 5 KB
2 KB 437ms
436ms Stylesheet
text/css 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/static/css/new_login.css?ver=2403050210

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6b30624b0e24c4f2723bf2ed553a2f71f212f079ffc5995382bce93824741523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:05 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: JFK50-P6
etag: W/"65f3bc85-1511"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=43200
x-amz-cf-id: 2uTDaJPLRT9qPU3BZjbSItSECpa6y5W90xaxZQbNewhEFaRjcW8Aaw==
expires: Thu, 21 Mar 2024 22:20:48 GMT

GET
H2 200 yzm.php
a2.xin599.com/ 2 KB
2 KB 452ms
451ms Image
image/jpg 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2.xin599.com/yzm.php?1711016447

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

51d955b1a72450e87951ba947f1661731241d606b6dc4b286d5660e96701369f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 10:20:48 GMT
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
server: nginx
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
content-type: image/jpg;
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: 01_9mgvr4PObfsUE6_4LdGc3FLXTBjKyiQCcrx7YWODsxHb5n8qONQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 layer.css
a2.xin599.com/static/layer/skin/ 11 KB
12 KB 241ms
241ms Stylesheet
text/css 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/static/layer/skin/layer.css

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/static/layer/layer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4a1d94784abad371a65df2ef722078333071de2677ce1428c83f08d16ba79b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/?__CBK=1181f2eac83363de18364bf56fafb9d801473656541_1642383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:06 GMT
server: nginx
x-amz-cf-pop: JFK50-P6
etag: "65f3bc86-2c48"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 11336
x-amz-cf-id: j1yMm-8K5OalmIVn93FAo6Wn4P4FWWYhPfdQhdaF4pCywWai8Qt4OQ==
expires: Thu, 21 Mar 2024 22:20:49 GMT

GET
H2 200 tou.png
a2.xin599.com/static/images/ 14 KB
14 KB 443ms
442ms Image
image/png 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2.xin599.com/static/images/tou.png

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/static/css/new_login.css?ver=2403050210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f9fd93c1fd6525fff54f07f6388a15db44b73dbc7059c397ae3402692319bb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/static/css/new_login.css?ver=2403050210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:05 GMT
server: nginx
x-amz-cf-pop: JFK50-P6
etag: "65f3bc85-3711"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14097
x-amz-cf-id: 5YC5YO5cE9umu8AppluYOaGUzcjuGaVozzDWDYaiqP9bIqDPmxFH4A==
expires: Sat, 20 Apr 2024 10:20:49 GMT

GET
H2 200 left_hand_icon.png
a2.xin599.com/static/images/ 2 KB
3 KB 436ms
435ms Image
image/png 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2.xin599.com/static/images/left_hand_icon.png

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/static/css/new_login.css?ver=2403050210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e3260ceb7a2ef62108dcd20b4874c48340898828fcf9c5c8faf87a0526a98a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/static/css/new_login.css?ver=2403050210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:05 GMT
server: nginx
x-amz-cf-pop: JFK50-P6
etag: "65f3bc85-9d0"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2512
x-amz-cf-id: d90fdRu0DRIFMXHmLu9qA8lKUymell1eY0YgL1mAwTpNqMIdrBLGUw==
expires: Sat, 20 Apr 2024 10:20:49 GMT

GET
H2 200 right_hand_icon.png
a2.xin599.com/static/images/ 2 KB
3 KB 434ms
434ms Image
image/png 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2.xin599.com/static/images/right_hand_icon.png

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/static/css/new_login.css?ver=2403050210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6104433208b3f219a702d139d6a61287cfb9336772ccdc9a855138bb06e36fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.xin599.com/static/css/new_login.css?ver=2403050210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:05 GMT
server: nginx
x-amz-cf-pop: JFK50-P6
etag: "65f3bc85-8db"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2267
x-amz-cf-id: yWfACovZkYBnKE_M6p1qNAr15cfGnA9xZ-29U709uLlYcxf-opS_Hg==
expires: Sat, 20 Apr 2024 10:20:49 GMT

GET
H2 200 iconfont.woff
a2.xin599.com/static/css/ 20 KB
20 KB 452ms
451ms Font
font/woff 2600:9000:2511:de00:14:4d12:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.xin599.com/static/css/iconfont.woff?t=1466081248

Requested by

Host: a2.xin599.com
URL: https://a2.xin599.com/static/css/iconfont.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:de00:14:4d12:e940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

70f69b31eba233b67053338d95c7e442fe97de23d543623c63124fa524b7020f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://a2.xin599.com/static/css/iconfont.css
Origin: https://a2.xin599.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 10:20:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 google, 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Mar 2024 03:12:05 GMT
server: nginx
x-amz-cf-pop: JFK50-P6
etag: "65f3bc85-4ff4"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 20468
x-amz-cf-id: fvnzFgz2YViyDCM61CyIPRPoTqxBHIq08A2TI61gchqy7RRs8oQmEw==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
a1.xin599.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: an70u6dje11p642j97ive7usj7
a1.xin599.com/	1970-01-20 19:17:18	Name: GCLB Value: "9e788743add9db21"
a2.xin599.com/	1970-01-20 19:17:18	Name: GCILB Value: "358062f1a7ed73b1"
a3.xin599.com/	1970-01-20 19:17:18	Name: GCILB Value: "49131c877d1324a4"
a4.xin599.com/	1970-01-20 19:17:18	Name: GCILB Value: "a549b8b79cdb5c9a"
a5.xin599.com/	1970-01-20 19:17:18	Name: GCILB Value: "d9ceea1963513785"
a2.xin599.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ia7uhia2qe5dg7fs7pisu11ar4

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://a1.xin599.com/Dee/index_hy.php Message: Mixed Content: The page at 'https://a1.xin599.com/Dee/index_hy.php' was loaded over HTTPS, but requested an insecure element 'http://a1.xin599.com/images/_loginBottom.jpg?1711016445102'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://a1.xin599.com/Dee/index_hy.php Message: Mixed Content: The page at 'https://a1.xin599.com/Dee/index_hy.php' was loaded over HTTPS, but requested an insecure element 'http://a2.xin599.com/images/_loginBottom.jpg?1711016445102'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://a1.xin599.com/Dee/index_hy.php Message: Mixed Content: The page at 'https://a1.xin599.com/Dee/index_hy.php' was loaded over HTTPS, but requested an insecure element 'http://a3.xin599.com/images/_loginBottom.jpg?1711016445102'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://a1.xin599.com/Dee/index_hy.php Message: Mixed Content: The page at 'https://a1.xin599.com/Dee/index_hy.php' was loaded over HTTPS, but requested an insecure element 'http://a4.xin599.com/images/_loginBottom.jpg?1711016445102'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://a1.xin599.com/Dee/index_hy.php Message: Mixed Content: The page at 'https://a1.xin599.com/Dee/index_hy.php' was loaded over HTTPS, but requested an insecure element 'http://a5.xin599.com/images/_loginBottom.jpg?1711016445102'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.xin599.com
a2.xin599.com
a3.xin599.com
a4.xin599.com
a5.xin599.com
130.211.39.162
2600:9000:2511:de00:14:4d12:e940:93a1
2606:4700:3035::6815:3b62
35.215.149.130
0f24879c5a2703c42dbc9c95c29d25699594fcb8d1326997df08dfbc435dda15
441325f18ee89a70d5afe068d1ea69465af5f398f1c69e86dfd5deff6f87d6c1
4a1d94784abad371a65df2ef722078333071de2677ce1428c83f08d16ba79b6c
4e3260ceb7a2ef62108dcd20b4874c48340898828fcf9c5c8faf87a0526a98a6
51d955b1a72450e87951ba947f1661731241d606b6dc4b286d5660e96701369f
54056b893f3eeffb9487b40d3c602c20257de61a239f178949cfeb6a7856d80c
6104433208b3f219a702d139d6a61287cfb9336772ccdc9a855138bb06e36fab
6b30624b0e24c4f2723bf2ed553a2f71f212f079ffc5995382bce93824741523
70f69b31eba233b67053338d95c7e442fe97de23d543623c63124fa524b7020f
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
ac8e9648a6a9b6a5244ba5b98738ae4f592cb4d6c4e8ff2ef6e4a84ff4f1c722
b10b3172861f1e79fc4c624d0095aab9d85cce769fd4ede12f50dd6c888ea799
f9fd93c1fd6525fff54f07f6388a15db44b73dbc7059c397ae3402692319bb54

a2.xin599.com Open in urlscan Pro 2600:9000:2511:de00:14:4d12:e940:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

50 %IPv6

1 Domains

5 Subdomains

4 IPs

2 Countries

245 kBTransfer

316 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

7 Cookies

5 Console Messages

Security Headers

Indicators

a2.xin599.com Open in urlscan Pro
2600:9000:2511:de00:14:4d12:e940:93a1 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

5
Subdomains

4
IPs

2
Countries

245 kB
Transfer

316 kB
Size

7
Cookies

17 HTTP transactions
0 data transactions