www.xntk.net - urlscan.io

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 45.120.29.53, located in Hong Kong and belongs to GIGABIT-MY Gigabit Hosting Sdn Bhd, MY. The main domain is www.xntk.net.

This is the only time www.xntk.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.120.29.53 45.120.29.53	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
1	58.216.10.76 58.216.10.76	23650 (CHINANET-...) (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone)
1	125.76.247.199 125.76.247.199	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	125.76.247.141 125.76.247.141	4835 (CHINANET-...) (CHINANET-IDC-SN China Telecom (Group))
1	140.205.60.79 140.205.60.79	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
6	5

2 45.120.29.53 (Hong Kong)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)

www.xntk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.216.10.76 (Nanjing, China)

ASN23650 (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN)

m.bvoer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.76.247.199 (Xian, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

s5.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.76.247.141 (Xian, China)

ASN4835 (CHINANET-IDC-SN China Telecom (Group), CN)

c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.205.60.79 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z9.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cnzz.com s5.cnzz.com c.cnzz.com z9.cnzz.com	13 KB
2	xntk.net www.xntk.net	18 KB
1	bvoer.com m.bvoer.com	394 B
6	3

	Domain	Requested by
2	www.xntk.net	www.xntk.net
1	z9.cnzz.com	www.xntk.net
1	c.cnzz.com	s5.cnzz.com
1	s5.cnzz.com	www.xntk.net
1	m.bvoer.com	www.xntk.net
6	5

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.xntk.net/book_j.php?bid=41682&cid=1154
Frame ID: 63FB8611BD586CB8F4905ACEC9331CB3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

6
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

32 kB
Transfer

30 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cnzz.com/stat/website.php?web_id=5842207
Title: 站长统计

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set book_j.php Show response www.xntk.net/	15 KB 16 KB	1162ms 252ms	Document text/html	45.120.29.53 GIGABIT-MY Gigabi...
General Check archive.org Show headers Download Go to Full URL http://www.xntk.net/book_j.php?bid=41682&cid=1154 Protocol HTTP/1.1 Server 45.120.29.53 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY), Reverse DNS Software Microsoft-IIS/6.0 / PHP/5.2.11 Resource Hash `12173a441089713639b827b62950c50944fa6971b65974276232847d943e3ef2` Request headers Host www.xntk.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 63FB8611BD586CB8F4905ACEC9331CB3 Response headers Connection close Date Mon, 23 Jul 2018 11:10:45 GMT Server Microsoft-IIS/6.0 X-Powered-By PHP/5.2.11 Set-Cookie xntk_t=1 xntk_c1=1532344245 Content-type text/html
GET H/1.1	200 OK	booktext.js Show response www.xntk.net/js/	2 KB 3 KB	291ms 290ms	Script application/x-javascript	45.120.29.53 GIGABIT-MY Gigabi...
General Check archive.org Show headers Download Go to Full URL http://www.xntk.net/js/booktext.js Requested by Host: www.xntk.net URL: http://www.xntk.net/book_j.php?bid=41682&cid=1154 Protocol HTTP/1.1 Server 45.120.29.53 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY), Reverse DNS Software Microsoft-IIS/6.0 / Resource Hash `b46e024b9af2a714c8925aa8f1a4cce5961508fd9fa9ba89e12f2e956bf9a20a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.xntk.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://www.xntk.net/book_j.php?bid=41682&cid=1154 Cookie xntk_t=1; xntk_c1=1532344245 Connection keep-alive Cache-Control no-cache Referer http://www.xntk.net/book_j.php?bid=41682&cid=1154 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 23 Jul 2018 11:10:45 GMT Last-Modified Sat, 08 Jan 2011 10:05:27 GMT Server Microsoft-IIS/6.0 Accept-Ranges bytes ETag "8eb13931bafcb1:3b5" Content-Length 2554 Content-Type application/x-javascript
GET H/1.1	200 OK	2453.html Show response m.bvoer.com/	4 B 394 B	6783ms 364ms	Script text/html	58.216.10.76 CHINANET-JS-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://m.bvoer.com/2453.html? Requested by Host: www.xntk.net URL: http://www.xntk.net/book_j.php?bid=41682&cid=1154 Protocol HTTP/1.1 Server 58.216.10.76 Nanjing, China, ASN23650 (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software nginx / Resource Hash `3b37362b7b2d4fc521591e41f623fd377ff7a3549bbcb31f7b395c6e6f39fd9e` Request headers Referer http://www.xntk.net/book_j.php?bid=41682&cid=1154 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 23 Jul 2018 11:10:49 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Language utf-8 P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	stat.php Show response s5.cnzz.com/	11 KB 12 KB	1291ms 955ms	Script application/javascript	125.76.247.199 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://s5.cnzz.com/stat.php?id=5842207&web_id=5842207 Requested by Host: www.xntk.net URL: http://www.xntk.net/book_j.php?bid=41682&cid=1154 Protocol HTTP/1.1 Server 125.76.247.199 Xian, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `e3881b4fa10b1321ff113774cd54d1d31d93f45d07231ee67a364e450a7e9348` Request headers Referer http://www.xntk.net/book_j.php?bid=41682&cid=1154 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 23 Jul 2018 09:58:40 GMT Via cache28.l2cm9[28,200-0,M], cache29.l2cm9[29,0], kunlun10.cn44[0,200-0,H], kunlun10.cn44[0,0] Last-Modified Mon, 23 Jul 2018 09:58:40 GMT Server Tengine Age 4324 X-Cache HIT TCP_MEM_HIT dirn:10:638782611 mlen:-1 Content-Type application/javascript Cache-Control max-age=5400,s-maxage=5400 X-Swift-CacheTime 5400 Connection keep-alive Timing-Allow-Origin * Content-Length 11259 EagleId 7522074a15323442444193813e X-Swift-SaveTime Mon, 23 Jul 2018 09:58:40 GMT
GET H/1.1	200 OK	core.php Show response c.cnzz.com/	991 B 1 KB	590ms 294ms	Script application/javascript	125.76.247.141 CHINANET-IDC-SN C...
General Check archive.org Show headers Download Go to Full URL http://c.cnzz.com/core.php?web_id=5842207&t=z Requested by Host: s5.cnzz.com URL: http://s5.cnzz.com/stat.php?id=5842207&web_id=5842207 Protocol HTTP/1.1 Server 125.76.247.141 Xian, China, ASN4835 (CHINANET-IDC-SN China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash `39b83527613bede4f3105ffabd33a6fbbd074db7cfd29061fd9d7dc0dcafb892` Request headers Referer http://www.xntk.net/book_j.php?bid=41682&cid=1154 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 23 Jul 2018 11:08:01 GMT Via cache31.l2cm9[0,200-0,H], cache39.l2cm9[0,0], kunlun5.cn44[0,200-0,H], kunlun5.cn44[1,0] Last-Modified Mon, 23 Jul 2018 11:08:01 GMT Server Tengine Age 169 X-Cache HIT TCP_MEM_HIT dirn:-2:-2 mlen:-1 Content-Type application/javascript Connection keep-alive X-Swift-CacheTime 898 X-Swift-SaveTime Mon, 23 Jul 2018 11:08:03 GMT Timing-Allow-Origin * Content-Length 991 EagleId 7522074515323442505146789e Expires Mon, 23 Jul 2018 11:23:01 GMT
GET H/1.1	200 OK	stat.htm z9.cnzz.com/	2 B 240 B	729ms 283ms	Image text/html	140.205.60.79 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL http://z9.cnzz.com/stat.htm?id=5842207&r=&lg=en-us&ntime=none&cnzz_eid=1420690314-1532339920-&showp=1600x1200&t=%E5%9C%A3%E5%A2%9F%201146%2C%E7%AC%AC1146%E7%AB%A0%20%E9%98%B3%E9%97%B4%E7%A6%81%E5%9C%B0%E5%86%85%E6%AD%A6%E7%96%AF%E5%AD%90%E7%9C%9F%E8%BA%AB%20-%20567%E4%B8%AD%E6%96%87&umuuid=164c6d5aea40-06482f342a9b7b-17366952-1d4c00-164c6d5aea5fa9&h=1&rnd=1985757604 Requested by Host: www.xntk.net URL: http://www.xntk.net/book_j.php?bid=41682&cid=1154 Protocol HTTP/1.1 Server 140.205.60.79 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.xntk.net/book_j.php?bid=41682&cid=1154 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 23 Jul 2018 11:10:50 GMT Content-Encoding gzip Transfer-Encoding chunked Server Tengine Connection close Vary Accept-Encoding Content-Type text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.xntk.net/	1970-01-18 22:01:09	Name: CNZZDATA5842207 Value: cnzz_eid%3D1420690314-1532339920-%26ntime%3D1532339920
			.xntk.net/	1970-01-18 22:01:09	Name: UM_distinctid Value: 164c6d5aea40-06482f342a9b7b-17366952-1d4c00-164c6d5aea5fa9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
m.bvoer.com
s5.cnzz.com
www.xntk.net
z9.cnzz.com
125.76.247.141
125.76.247.199
140.205.60.79
45.120.29.53
58.216.10.76
12173a441089713639b827b62950c50944fa6971b65974276232847d943e3ef2
39b83527613bede4f3105ffabd33a6fbbd074db7cfd29061fd9d7dc0dcafb892
3b37362b7b2d4fc521591e41f623fd377ff7a3549bbcb31f7b395c6e6f39fd9e
b46e024b9af2a714c8925aa8f1a4cce5961508fd9fa9ba89e12f2e956bf9a20a
e3881b4fa10b1321ff113774cd54d1d31d93f45d07231ee67a364e450a7e9348
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.xntk.net Open in urlscan Pro 45.120.29.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

0 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

32 kBTransfer

30 kBSize

2 Cookies

1 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

Indicators

www.xntk.net Open in urlscan Pro
45.120.29.53 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

32 kB
Transfer

30 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions