urlscan.io logo urlscan.io
SecurityTrails logo

hnxinyue1688.com Open in urlscan Pro
81.70.160.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://79488p.com/
Effective URL: https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 81.70.160.92, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is hnxinyue1688.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on October 24th 2024. Valid for: a year.
This is the only time hnxinyue1688.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.0.138.169 54600 (PEG-SV)
1 81.70.160.92 45090 (TENCENT-N...)
1 142.0.138.173 54600 (PEG-SV)
2 172.67.129.201 13335 (CLOUDFLAR...)
5 4
Apex Domain
Subdomains		 Transfer
2 picgo.net
img.picgo.net — Cisco Umbrella Rank: 992457
9 KB
1 hnxinyue1688.com
hnxinyue1688.com
5 KB
1 79488p.com
79488p.com
310 B
0 baidu.com Failed
www.baidu.com Failed
5 4
Domain Requested by
2 img.picgo.net
1 hnxinyue1688.com
1 79488p.com 1 redirects
0 www.baidu.com Failed 142.0.138.173
5 4

This site contains links to these domains. Also see Links.

Domain
www.google.cn
www.firefox.com.cn
www.opera.com
Subject Issuer Validity Valid
www.hnxinyue1688.com
Encryption Everywhere DV TLS CA - G2		 2024-10-24 -
2025-10-24		 a year crt.sh
142.0.138.173
Sectigo RSA Domain Validation Secure Server CA		 2024-12-03 -
2025-12-03		 a year crt.sh
picgo.net
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.baidu.com/
Frame ID: 484F88264DF0E660C3C6009B23591D4D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

天龙导航、为您指引不迷路!

Page URL History Show full URLs

  1. http://79488p.com/ HTTP 307
    https://79488p.com/ HTTP 301
    https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

14 kB
Transfer

19 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://79488p.com/ HTTP 307
    https://79488p.com/ HTTP 301
    https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request snapscreen.html
hnxinyue1688.com/Scripts/ueditor/dialogs/
Redirect Chain
  • http://79488p.com/
  • https://79488p.com/
  • https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.70.160.92 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f1d42d5c7a23690c942cadc0b4d33b78f95ad394469a6f0beab5726b5286d684

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4475
content-type
text/html
date
Tue, 03 Dec 2024 19:27:33 GMT
etag
"80dd99913adb1:0"
index.aspx
ASP.NET
last-modified
Tue, 19 Nov 2024 14:44:55 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

content-length
162
content-type
text/html
date
Tue, 03 Dec 2024 19:27:32 GMT
location
https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html
server
nginx
strict-transport-security
max-age=31536000
url.js
142.0.138.173/js/ 		2 KB
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://142.0.138.173:22324/js/url.js?v=1733254054129
Requested by
Host: hnxinyue1688.com
URL: https://hnxinyue1688.com/Scripts/ueditor/dialogs/snapscreen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.0.138.173 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
00eb2735ec04402eaa16b64ce0ee291559259bb78a6155b586f57c5f9f05b7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hnxinyue1688.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"674eab8d-67d"
expires
Wed, 04 Dec 2024 07:27:34 GMT
date
Tue, 03 Dec 2024 19:27:34 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 06:56:13 GMT
server
nginx
vary
Accept-Encoding
/
www.baidu.com/ 		0
0
line6d5dd735ed4ed0e7.png
img.picgo.net/2024/12/03/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picgo.net/2024/12/03/line6d5dd735ed4ed0e7.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PicGo(https://www.picgo.net)
Resource Hash
a1dd60064c87143e0dc64a15161e72c670d62f80d23e70f88add875c7813702e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hnxinyue1688.com/

Response headers

cf-cache-status
HIT
etag
unverified:274c64f487e914b628d33eb69467ae87af687ada
age
17939
cf-bgj
imgq:100,h2pri
x-author
support@picgo.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNd4gJ0TWnMH0TELYXoKG0zorKW04Thp9Z27PmlFkMHv4%2BLNCjgdksKs2cJOFfUABe8p361mJbvybSNLpVvF5fRhuGtdlZXoetu1Y6GeIfsnWqQFyUX%2BN%2BqnJ0h%2F9TsK"}],"group":"cf-nel","max_age":604800}
x-worker-cache
true
cf-polished
origSize=8138
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43257&min_rtt=43014&rtt_var=9236&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4127&recv_bytes=4779&delivery_rate=13519&cwnd=12000&unsent_bytes=0&cid=d454c5161056f12e&ts=107&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 19:27:34 GMT
content-type
image/png
last-modified
Tue, 03 Dec 2024 14:28:35 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-server-side-encryption
AES256
cf-ray
8ec5f4717a0f4c20-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4506
x-powered-by
PicGo(https://www.picgo.net)
server
cloudflare
Enter4a11796c0dbf2676.png
img.picgo.net/2024/12/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.picgo.net/2024/12/03/Enter4a11796c0dbf2676.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PicGo(https://www.picgo.net)
Resource Hash
cd6381845a7e444ab6892305927cd7455d5a9a5d63def51b0ff4493ee1e487fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hnxinyue1688.com/

Response headers

cf-cache-status
HIT
etag
unverified:4b338385a7e43946f169a27504e704931837f7e6
age
17939
cf-bgj
imgq:100,h2pri
x-author
support@picgo.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tc3SNiKkFvVqCQDCOXzm2vFVgjfUSrW4jIN1NzsLpwnt1ME75uSV3IgOm3R91HECDSHTgbUrvdPvuxBJVKLbXtQIeJA%2Bpr3d5OWlEI1XcwYVaUcr0VeNKlW6X6qCAjGF"}],"group":"cf-nel","max_age":604800}
x-worker-cache
true
cf-polished
origSize=6623
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43257&min_rtt=43014&rtt_var=9236&sent=16&recv=10&lost=0&retrans=0&sent_bytes=9625&recv_bytes=4779&delivery_rate=13519&cwnd=12000&unsent_bytes=0&cid=d454c5161056f12e&ts=112&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 19:27:34 GMT
content-type
image/png
last-modified
Tue, 03 Dec 2024 14:28:35 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=63072000
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-server-side-encryption
AES256
cf-ray
8ec5f4717a0e4c20-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2744
x-powered-by
PicGo(https://www.picgo.net)
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.baidu.com
URL
https://www.baidu.com/

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| timestamp string| scriptSrc object| scriptTag object| links function| getRandomLink object| main_div string| main_str string| new_main_str

0 Cookies