xa58.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 162.210.101.119, located in United States and belongs to STEADFAST, US. The main domain is xa58.com.

This is the only time xa58.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.210.101.119 162.210.101.119	32748 (STEADFAST) (STEADFAST)
1	240e:95c:3002... 240e:95c:3002:1:3::3ed	58563 (CHINATELE...) (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network)
2	2

1 162.210.101.119 (United States)

ASN32748 (STEADFAST, US)

xa58.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:95c:3002:1:3::3ed (China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)

s17.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	cnzz.com s17.cnzz.com — Cisco Umbrella Rank: 929540	673 B
1	xa58.com xa58.com	4 KB
2	2

	Domain	Requested by
1	s17.cnzz.com	xa58.com
1	xa58.com
2	2

This site contains links to these domains. Also see Links.

Domain
www.hnsanyun.cn

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://xa58.com/
Frame ID: 65BC0918168263CB3E5BCC0F73524D0F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

睿讯进销存系统

Page Statistics

2
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4 kB
Transfer

3 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hnsanyun.cn/manage/#/login?redirect=%2Fhome
Title: 进入系统下单

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response xa58.com/	3 KB 4 KB	238ms 47ms	Document text/html	162.210.101.119 STEADFAST
General Check archive.org Show headers Download Go to Full URL http://xa58.com/ Protocol HTTP/1.1 Server 162.210.101.119 , United States, ASN32748 (STEADFAST, US), Reverse DNS Software lighttpd/1.4.28 / Resource Hash `7b4dcd8af8b78796ce4f41ec1f7a118d00771ad27bcf5072586d72e11e42064e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Content-Length 3552 Content-Type text/html Date Sun, 08 Jan 2023 19:45:50 GMT ETag "4066199280" Last-Modified Mon, 26 Sep 2022 03:22:58 GMT Server lighttpd/1.4.28
GET H/1.1	200 OK	stat.php Show response s17.cnzz.com/	0 673 B	1978ms 400ms	Script application/javascript	240e:95c:3002:1:3::3ed CHINATELECOM-HUBE...
General Check archive.org Show headers Download Go to Full URL http://s17.cnzz.com/stat.php?id=5743641&show=pic Requested by Host: xa58.com URL: http://xa58.com/ Protocol HTTP/1.1 Server 240e:95c:3002:1:3::3ed , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://xa58.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Sun, 08 Jan 2023 19:45:52 GMT Content-Encoding gzip Via cache20.l2cn1807[75,75,200-0,M], cache32.l2cn1807[77,0], cache17.cn6[101,101,200-0,M], cache20.cn6[102,0] X-Swift-CacheTime 3600 X-Powered-By PHP/5.5.25 X-Cache MISS TCP_REFRESH_MISS dirn:10:154665809 Connection keep-alive X-Swift-SaveTime Sun, 08 Jan 2023 19:45:52 GMT Content-Length 20 Last-Modified Sun, 08 Jan 2023 19:45:52 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1673207152 Content-Type application/javascript Cache-Control max-age=1800,s-maxage=3600 Timing-Allow-Origin * EagleId 7760cc9616732071527585987e

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| cnzz_protocol

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://xa58.com/(Line 80) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s17.cnzz.com/stat.php?id=5743641&show=pic, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://xa58.com/(Line 80) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s17.cnzz.com/stat.php?id=5743641&show=pic, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s17.cnzz.com
xa58.com
162.210.101.119
240e:95c:3002:1:3::3ed
7b4dcd8af8b78796ce4f41ec1f7a118d00771ad27bcf5072586d72e11e42064e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

xa58.com Open in urlscan Pro 162.210.101.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

4 kBTransfer

3 kBSize

0 Cookies

1 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

xa58.com Open in urlscan Pro
162.210.101.119 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4 kB
Transfer

3 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions