urlscan.io logo urlscan.io
SecurityTrails logo

s.zhitoudsp.com Open in urlscan Pro
221.229.204.28  Public Scan

Go To Rescan Add Verdict Report
URL: http://s.zhitoudsp.com:808/news.html
Submission: On December 05 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 221.229.204.28, located in Nanjing, China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is s.zhitoudsp.com.
This is the only time s.zhitoudsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 221.229.204.28 4134 (CHINANET-...)
1 42.123.113.44 58519 (CHINATELE...)
1 124.236.20.233 4134 (CHINANET-...)
1 1 123.206.175.64 45090 (CNNIC-TEN...)
1 1 114.215.127.33 37963 (CNNIC-ALI...)
1 118.144.83.240 4847 (CNIX-AP C...)
1 58.215.145.188 23650 (CHINANET-...)
1 203.119.206.93 37963 (CNNIC-ALI...)
1 47.88.68.21 45102 (CNNIC-ALI...)
7 7
1    221.229.204.28 (Nanjing, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
s.zhitoudsp.com
1    42.123.113.44 (China)

ASN58519 (CHINATELECOM-CTCLOUD Cloud Computing Corporation, CN)
img.news18a.com
1    124.236.20.233 (Hebei, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 233.20.236.124.broad.sj.he.dynamic.163data.com.cn
s96.cnzz.com
1    123.206.175.64 (Beijing, China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
news.jyqhs.com
1    114.215.127.33 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
click.wuzhaiba.com
1    118.144.83.240 (Beijing, China)

ASN4847 (CNIX-AP China Networks Inter-Exchange, CN)
www.news18a.com
1    58.215.145.188 (Nanjing, China)

ASN23650 (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN)
c.cnzz.com
1    203.119.206.93 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z2.cnzz.com
1    47.88.68.21 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN)
cnzz.mmstat.com
Domain Requested by
1 cnzz.mmstat.com s.zhitoudsp.com
1 z2.cnzz.com s.zhitoudsp.com
1 c.cnzz.com s96.cnzz.com
1 www.news18a.com s.zhitoudsp.com
1 click.wuzhaiba.com 1 redirects
1 news.jyqhs.com 1 redirects
1 s96.cnzz.com s.zhitoudsp.com
1 img.news18a.com s.zhitoudsp.com
1 s.zhitoudsp.com
7 9

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
Subject Issuer Validity Valid
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-04-13 -
2019-04-14		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-09-05 -
2019-09-06		 a year crt.sh

This page contains 2 frames:

Primary Page: http://s.zhitoudsp.com:808/news.html
Frame ID: DABC4885C5FF5833DCADEF8012C9087B
Requests: 6 HTTP requests in this frame

Frame: http://www.news18a.com/
Frame ID: DB43D8BF726B2BEDA8324A907534A5D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

7
IPs

2
Countries

39 kB
Transfer

37 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://news.jyqhs.com/ HTTP 301
  • http://click.wuzhaiba.com/init.php HTTP 302
  • http://www.news18a.com/

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request news.html
s.zhitoudsp.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://s.zhitoudsp.com:808/news.html
Protocol
HTTP/1.1
Server
221.229.204.28 Nanjing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
577d586b34041e3f1f5a3a37ae245106a0368b4c46444d34220e263fae0993e7

Request headers

Host
s.zhitoudsp.com:808
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Mon, 26 Nov 2018 02:00:06 GMT
Accept-Ranges
bytes
ETag
"5cad83c02b85d41:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Wed, 05 Dec 2018 06:36:17 GMT
Content-Length
766
logo.png
img.news18a.com/top/image/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.news18a.com/top/image/logo.png
Requested by
Host: s.zhitoudsp.com
URL: http://s.zhitoudsp.com:808/news.html
Protocol
HTTP/1.1
Server
42.123.113.44 , China, ASN58519 (CHINATELECOM-CTCLOUD Cloud Computing Corporation, CN),
Reverse DNS
Software
marco/2.7 /
Resource Hash
ed7aa7f368dd25543b4c95ff55300c36700fc68ef9409cb02792e4c7f5ab621e

Request headers

Referer
http://s.zhitoudsp.com:808/news.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 06:34:57 GMT
Via
S.mix-gd-can-006, T.3.M, V.mix-gd-can-012, T.36.H, M.ctn-gz-kwe-044
X-Cache-Lookup
MISS from 0000011-cache.news18a.com:80
Last-Modified
Fri, 22 Sep 2017 01:52:14 GMT
Server
marco/2.7
Age
1231659
Connection
keep-alive
Content-Type
image/png
Cache-Control
max-age=5184000
X-Source
C/200
Accept-Ranges
bytes
Content-Length
24464
X-Request-Id
5cbc45a3e998040b3effa9d92534ae39; e68ceaa38941ad86ce0fa95482ef2c3f
Expires
Sun, 20 Jan 2019 00:27:18 GMT
z_stat.php
s96.cnzz.com/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s96.cnzz.com/z_stat.php?id=1275462181&web_id=1275462181
Requested by
Host: s.zhitoudsp.com
URL: http://s.zhitoudsp.com:808/news.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.236.20.233 Hebei, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
233.20.236.124.broad.sj.he.dynamic.163data.com.cn
Software
Tengine /
Resource Hash
b64aae00e281a328c123f8da7eb5aaa464ef2e344d761bd6fd464f66a7bbdb40

Request headers

Referer
http://s.zhitoudsp.com:808/news.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 05 Dec 2018 05:16:03 GMT
via
cache21.l2cn739[0,200-0,H], cache27.l2cn739[1,0], kunlun5.cn1550[0,200-0,H], kunlun5.cn1550[0,0]
last-modified
Wed, 05 Dec 2018 05:16:03 GMT
server
Tengine
age
4734
ali-swift-global-savetime
1543986963
content-type
application/javascript
status
200
cache-control
max-age=5400,s-maxage=5400
x-swift-cachetime
5400
x-cache
HIT TCP_MEM_HIT dirn:10:866969898
x-swift-savetime
Wed, 05 Dec 2018 05:16:03 GMT
timing-allow-origin
*
content-length
11734
eagleid
7cec149915439916978766329e
/
www.news18a.com/ Frame DB43
Redirect Chain
  • http://news.jyqhs.com/
  • http://click.wuzhaiba.com/init.php
  • http://www.news18a.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.news18a.com/
Requested by
Host: s.zhitoudsp.com
URL: http://s.zhitoudsp.com:808/news.html
Protocol
HTTP/1.1
Server
118.144.83.240 Beijing, China, ASN4847 (CNIX-AP China Networks Inter-Exchange, CN),
Reverse DNS
Software
Web /
Resource Hash

Request headers

Host
www.news18a.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
Web
Date
Wed, 05 Dec 2018 06:34:59 GMT
Content-Type
text/html;charset=utf-8
Content-Length
73037
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=600
Server-Name
A.szj.web
Content-Encoding
gzip
Age
116
X-Cache
Hit on a01.news18a.com

Redirect headers

Server
nginx
Date
Wed, 05 Dec 2018 06:34:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.41
Set-Cookie
click_uid=1543991699066; expires=Sat, 30-Nov-2019 06:34:58 GMT; path=/; domain=.wuzhaiba.com
Location
http://www.news18a.com/
core.php
c.cnzz.com/ 		994 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1275462181&t=z
Requested by
Host: s96.cnzz.com
URL: https://s96.cnzz.com/z_stat.php?id=1275462181&web_id=1275462181
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.215.145.188 Nanjing, China, ASN23650 (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2eb4a2e9b86371d06d0d75593cbc790bd4cf70525208efdd043a167624b7b16b

Request headers

Referer
http://s.zhitoudsp.com:808/news.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 05 Dec 2018 06:26:37 GMT
via
cache29.l2cn8[0,200-0,H], cache6.l2cn8[0,0], kunlun6.cn190[0,200-0,H], kunlun8.cn190[1,0]
last-modified
Wed, 05 Dec 2018 06:26:37 GMT
server
Tengine
age
502
ali-swift-global-savetime
1543991197
content-type
application/javascript
status
200
x-swift-cachetime
900
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime
Wed, 05 Dec 2018 06:26:37 GMT
timing-allow-origin
*
content-length
994
eagleid
3ad7912615439916997326772e
expires
Wed, 05 Dec 2018 06:41:37 GMT
stat.htm
z2.cnzz.com/ 		2 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z2.cnzz.com/stat.htm?id=1275462181&r=&lg=en-us&ntime=none&cnzz_eid=594446491-1543986963-&showp=1600x1200&t=new&umuuid=1677d13a2ed5cc-08e8588433612f-17366952-1d4c00-1677d13a2efc55&h=1&rnd=1441025888
Requested by
Host: s.zhitoudsp.com
URL: http://s.zhitoudsp.com:808/news.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.119.206.93 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://s.zhitoudsp.com:808/news.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 05 Dec 2018 06:34:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Tengine
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=1151662849
Requested by
Host: s.zhitoudsp.com
URL: http://s.zhitoudsp.com:808/news.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.88.68.21 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://s.zhitoudsp.com:808/news.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Dec 2018 06:35:00 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| tourl number| flag number| randomNumber string| sc object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1275462181 object| cnzz_image_111733338 object| cnzz_image_441363608

5 Cookies

Domain/Path Name / Value
.news18a.com/ Name: ina_cityId
Value: 544
.news18a.com/ Name: cityName_cookie
Value: %E5%8C%97%E4%BA%AC
.news18a.com/ Name: cityId_cookie
Value: 201
.news18a.com/ Name: provinceName_cookie
Value: %E5%8C%97%E4%BA%AC
.news18a.com/ Name: provinceId_cookie
Value: 2