urlscan.io logo urlscan.io
SecurityTrails logo

img.xker.com Open in urlscan Pro
162.159.211.52  Public Scan

Go To Rescan Add Verdict Report
URL: http://img.xker.com/
Submission: On November 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 162.159.211.52, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is img.xker.com.
This is the only time img.xker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.159.211.52 13335 (CLOUDFLAR...)
1 162.159.222.13 13335 (CLOUDFLAR...)
1 118.123.241.230 38283 (CHINANET-...)
2 2a00:1450:400... 15169 (GOOGLE)
7 5
Domain Requested by
2 www.google-analytics.com
1 s11.cnzz.com edge.yunjiasu.com
1 edge.yunjiasu.com img.xker.com
1 img.xker.com
0 z13.cnzz.com Failed
0 c.cnzz.com Failed s11.cnzz.com
7 6

This site contains no links.

Subject Issuer Validity Valid
ssl457532.yunjiasussl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-08-11 -
2019-02-17		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://img.xker.com/
Frame ID: 5AA7CEBC34EDED22171D6028C46624FA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

7
Requests

43 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

34 kB
Transfer

67 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 5
  • http://www.google-analytics.com/r/collect?v=1&_v=j72&a=757883882&t=pageview&_s=1&dl=http%3A%2F%2Fimg.xker.com%2F&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1598817210&gjid=1795982725&cid=1801210129.1542162422&tid=UA-41763562-1&_gid=766340398.1542162422&_r=1&z=397951514 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=757883882&t=pageview&_s=1&dl=http%3A%2F%2Fimg.xker.com%2F&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1598817210&gjid=1795982725&cid=1801210129.1542162422&tid=UA-41763562-1&_gid=766340398.1542162422&_r=1&z=397951514

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
img.xker.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://img.xker.com/
Protocol
HTTP/1.1
Server
162.159.211.52 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
yunjiasu-nginx /
Resource Hash
97bc5d3660cea85c3ac04a23066f26e59889504a17ca84c2cc2d95fa5fada2a9

Request headers

Host
img.xker.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 14 Nov 2018 02:26:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d88d20dfce58a6e3b634692b34ebd91bd1542162417; expires=Thu, 14-Nov-19 02:26:57 GMT; path=/; domain=.xker.com; HttpOnly
Last-Modified
Sat, 04 Aug 2018 07:22:36 GMT
Vary
Accept-Encoding
Server
yunjiasu-nginx
CF-RAY
47960945c7e36379-FRA
Content-Encoding
gzip
rocket-loader.min.js
edge.yunjiasu.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.yunjiasu.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Requested by
Host: img.xker.com
URL: http://img.xker.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
162.159.222.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
yunjiasu-nginx /
Resource Hash
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://img.xker.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 14 Nov 2018 02:26:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 12 Nov 2018 16:20:09 GMT
server
yunjiasu-nginx
etag
W/"5be9a839-2ba8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
479609491dc9bed0-FRA
expires
Fri, 16 Nov 2018 02:26:58 GMT
stat.php
s11.cnzz.com/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s11.cnzz.com/stat.php?id=1261793058
Requested by
Host: edge.yunjiasu.com
URL: https://edge.yunjiasu.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
118.123.241.230 Chengdu, China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cddfcf8810ab044be5c44c61763432f841b1523a37ce568dd5b2ca5a3d7d19ef

Request headers

Referer
http://img.xker.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 14 Nov 2018 02:27:01 GMT
Via
cache17.l2et2-1[623,200-0,M], cache27.l2et2-1[624,0], kunlun6.cn1435[659,200-0,M], kunlun4.cn1435[675,0]
Last-Modified
Wed, 14 Nov 2018 02:27:01 GMT
Server
Tengine
X-Swift-CacheTime
5399
Transfer-Encoding
chunked
Ali-Swift-Global-Savetime
1542162422
Content-Type
application/javascript
Cache-Control
max-age=5400,s-maxage=5400
X-Cache
MISS TCP_REFRESH_MISS dirn:8:140891599
Connection
keep-alive
Timing-Allow-Origin
*
EagleId
767bf19815421624213402357e
X-Swift-SaveTime
Wed, 14 Nov 2018 02:27:02 GMT
core.php
c.cnzz.com/ 		0
0
stat.htm
z13.cnzz.com/ 		0
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://img.xker.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
1942
date
Wed, 14 Nov 2018 01:54:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Wed, 14 Nov 2018 03:54:40 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j72&a=757883882&t=pageview&_s=1&dl=http%3A%2F%2Fimg.xker.com%2F&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1...
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=757883882&t=pageview&_s=1&dl=http%3A%2F%2Fimg.xker.com%2F&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=...
35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=757883882&t=pageview&_s=1&dl=http%3A%2F%2Fimg.xker.com%2F&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1598817210&gjid=1795982725&cid=1801210129.1542162422&tid=UA-41763562-1&_gid=766340398.1542162422&_r=1&z=397951514
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://img.xker.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Nov 2018 02:27:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=757883882&t=pageview&_s=1&dl=http%3A%2F%2Fimg.xker.com%2F&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1598817210&gjid=1795982725&cid=1801210129.1542162422&tid=UA-41763562-1&_gid=766340398.1542162422&_r=1&z=397951514
Non-Authoritative-Reason
HSTS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.cnzz.com
URL
http://c.cnzz.com/core.php?web_id=1261793058&t=z
Domain
z13.cnzz.com
URL
http://z13.cnzz.com/stat.htm?id=1261793058&r=&lg=en-us&ntime=none&cnzz_eid=254412630-1542162421-&showp=1600x1200&t=404&umuuid=167100b1982179-0dc5e91c634481-17366952-1d4c00-167100b1983794&h=1&rnd=1336526328

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR string| cnzz_protocol object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1261793058 object| cnzz_image_1700080760 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

1 Cookies

Domain/Path Name / Value
.xker.com/ Name: __cfduid
Value: d88d20dfce58a6e3b634692b34ebd91bd1542162417