user.nknight.live Open in urlscan Pro
154.223.156.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://user.nknight.live/
Effective URL:
https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index
Submission: On October 06 via automatic, source certstream-suspicious (October 6th 2021, 2:01:20 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 154.223.156.244, located in Hong Kong and belongs to ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK. The main domain is user.nknight.live.
TLS certificate: Issued by TrustAsia TLS RSA CA on October 6th 2021. Valid for: a year.

This is the only time user.nknight.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	154.223.156.244 154.223.156.244		137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited)
1	47.75.19.109 47.75.19.109		45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
2	154.209.236.171 154.209.236.171		137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited)
14	3

12 154.223.156.244 (Hong Kong) 1 redirects

ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)

user.nknight.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.75.19.109 (Central, Hong Kong)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

pub-broker.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.209.236.171 (Hong Kong)

ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)

nknight.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nknight.live 1 redirects user.nknight.live nknight.live	415 KB
1	aliyuncs.com pub-broker.oss-cn-hongkong.aliyuncs.com	3 KB
14	2

	Domain	Requested by
12	user.nknight.live	1 redirects user.nknight.live
2	nknight.live	user.nknight.live
1	pub-broker.oss-cn-hongkong.aliyuncs.com	user.nknight.live
14	3

This site contains links to these domains. Also see Links.

Domain
newknight.live

Subject Issuer	Validity	Valid
user.nknight.live TrustAsia TLS RSA CA	`2021-10-06` - `2022-10-05`	a year	crt.sh
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-25` - `2022-02-26`	a year	crt.sh
nknight.live TrustAsia TLS RSA CA	`2021-10-06` - `2022-10-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index
Frame ID: AD847C7BF3A1BC6E324A506EAE496D4B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NEW KNIGHT GROUP LIMITED

Page URL History Show full URLs

https://user.nknight.live/ HTTP 302
https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

418 kB
Transfer

670 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://newknight.live/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://user.nknight.live/ HTTP 302
https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response user.nknight.live/Public/ Redirect Chain https://user.nknight.live/ https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index	15 KB 5 KB	423ms 423ms	Document text/html	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ThinkPHP ASP.NET Resource Hash `f49eba759c1ce4cc3a254dc820ae70e9073996b0f7ce8d0568813470d9adcdd4` Request headers Host user.nknight.live Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.15.11 Date Wed, 06 Oct 2021 18:58:35 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Pragma no-cache Expires Thu, 19 Nov 1981 08:52:00 GMT X-Powered-By ThinkPHP ASP.NET Content-Encoding gzip Redirect headers Server nginx/1.15.11 Date Wed, 06 Oct 2021 18:58:34 GMT Content-Type text/html; charset=UTF-8 Content-Length 219 Location https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Connection keep-alive Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Expires Thu, 19 Nov 1981 08:52:00 GMT X-Powered-By PHP/5.6.27 ASP.NET Set-Cookie think_language=de-DE; expires=Wed, 06-Oct-2021 15:01:11 GMT; Max-Age=3600; path=/ PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6; path=/
GET H/1.1	200 OK	bootstrap.min.css user.nknight.live/Public/admin/hplus/css/	118 KB 21 KB	556ms 555ms	Stylesheet text/css	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/css/bootstrap.min.css Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `fd59295fd16dc5ab16925c6b95976e7d3f894046e860029db1507f7ca5a28396` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"89b9aa92afdad11:0" Last-Modified Sun, 10 Jul 2016 13:32:58 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	font-awesome.min93e3.css user.nknight.live/Public/admin/hplus/css/	26 KB 6 KB	546ms 545ms	Stylesheet text/css	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/css/font-awesome.min93e3.css?v=4.4.0 Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `e5867cba429222b765b5226c920bb7cb7fa81f736473e1a09e5ff73d1a1c8267` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"f96db392afdad11:0" Last-Modified Sun, 10 Jul 2016 13:32:58 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	animate.min.css user.nknight.live/Public/admin/hplus/css/	46 KB 5 KB	1313ms 797ms	Stylesheet text/css	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/css/animate.min.css Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `ef7bf0e71853244e24df78d92f07d1ae14873603f3817dac9088bbabebf25045` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"44cfa992afdad11:0" Last-Modified Sun, 10 Jul 2016 13:32:58 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	style.css user.nknight.live/Public/admin/hplus/css/login/	5 KB 2 KB	1048ms 531ms	Stylesheet text/css	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/css/login/style.css Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `e1a6bb39b44ca6b8128f06cb06b029826affd7e8db5ef54127368aaeb872a7a9` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"40488192d19d71:0" Last-Modified Tue, 23 Feb 2021 10:49:34 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	jquery.min.js Show response user.nknight.live/Public/admin/hplus/js/	82 KB 30 KB	1835ms 1318ms	Script application/x-javascript	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/js/jquery.min.js?v=2.1.4 Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"bafac198afdad11:0" Last-Modified Sun, 10 Jul 2016 13:33:08 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	layer.min.js Show response user.nknight.live/Public/admin/hplus/js/plugins/layer/	15 KB 6 KB	835ms 288ms	Script application/x-javascript	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/js/plugins/layer/layer.min.js Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `7b93d3076f2b495896fa5c0e97a4d376985b7eddd479eb77f8771b2414e1f218` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"3e6eff9aafdad11:0" Last-Modified Sun, 10 Jul 2016 13:33:12 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	alert.css user.nknight.live/Public/admin/dash/alert/css/	7 KB 2 KB	1046ms 530ms	Stylesheet text/css	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/dash/alert/css/alert.css Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `64e6c4eed931888750b6bc6f370f5500e76b67f60d361432bf6674ef6d991374` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:35 GMT Content-Encoding gzip ETag W/"c0c58d143c13d71:0" Last-Modified Sun, 07 Mar 2021 10:24:39 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:35 GMT
GET H/1.1	200 OK	alert.min.js Show response user.nknight.live/Public/admin/dash/alert/js/	7 KB 2 KB	881ms 279ms	Script application/x-javascript	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/dash/alert/js/alert.min.js Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `77f88222d45a8fdef6f601c98a9c907ec9eb7c7fc4c9cbed17b0185d0970142c` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:36 GMT Content-Encoding gzip ETag W/"c0c58d143c13d71:0" Last-Modified Sun, 07 Mar 2021 10:24:39 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:36 GMT
GET H/1.1	200 OK	logo_crm.png pub-broker.oss-cn-hongkong.aliyuncs.com/newknight/	3 KB 3 KB	734ms 284ms	Image image/png	47.75.19.109 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://pub-broker.oss-cn-hongkong.aliyuncs.com/newknight/logo_crm.png Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.75.19.109 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash `7d385e5f655729a409d0478769d0e412d7aa1b5e1dd175b1218335676aee8465` Request headers Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-oss-object-type Normal Date Wed, 06 Oct 2021 14:01:14 GMT x-oss-request-id 615DAC2A7E084E35395AE51A Last-Modified Thu, 23 Sep 2021 15:59:06 GMT Server AliyunOSS Content-MD5 LjRnnjNKa1ObMg+XqHbkVw== x-oss-server-side-encryption AES256 ETag "2E34679E334A6B539B320F97A876E457" Content-Type image/png x-oss-storage-class Standard Connection keep-alive Accept-Ranges bytes x-oss-hash-crc64ecma 2371776996844813381 Content-Length 2950 x-oss-server-time 64
GET H/1.1	200 OK	verify user.nknight.live/public/	399 B 734 B	371ms 371ms	Image image/png	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://user.nknight.live/public/verify Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / PHP/5.6.27 ASP.NET Resource Hash `fc5d05eada1241513c13308d3b2309822a49d5021527711528b5bdcf3e1ebc40` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 06 Oct 2021 18:58:37 GMT Server nginx/1.15.11 X-Powered-By PHP/5.6.27 ASP.NET Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Length 399 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	layer.css user.nknight.live/Public/admin/hplus/js/plugins/layer/skin/	15 KB 3 KB	284ms 284ms	Stylesheet text/css	154.223.156.244 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://user.nknight.live/Public/admin/hplus/js/plugins/layer/skin/layer.css Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/admin/hplus/js/plugins/layer/layer.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 154.223.156.244 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / ASP.NET Resource Hash `29207312f263dab049a5ea74f1c98e9677ca2d2643cbf2328f3e24dd1e097124` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host user.nknight.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Cookie think_language=de-DE; PHPSESSID=a7q9u5nhe4p3cerdo1rg78tjh6 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 18:58:37 GMT Content-Encoding gzip ETag W/"808244bfc0dfd41:0" Last-Modified Thu, 21 Mar 2019 08:33:23 GMT Server nginx/1.15.11 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Expires Fri, 05 Nov 2021 18:58:37 GMT
GET H/1.1	200 OK	1.webp nknight.live/wp-content/themes/en/img/	165 KB 166 KB	1834ms 775ms	Image image/webp	154.209.236.171 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://nknight.live/wp-content/themes/en/img/1.webp Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.209.236.171 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / Resource Hash `fb09702d70f0b8c742b2108e23aea470a5d847cf5e78a6954d78fd70eb7a8621` Request headers Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 13:42:57 GMT Last-Modified Tue, 20 Apr 2021 12:32:06 GMT Server nginx/1.15.11 ETag "607ec9c6-29554" Content-Type image/webp Connection keep-alive Accept-Ranges bytes Content-Length 169300
GET H/1.1	200 OK	1.webp nknight.live/wp-content/themes/en/img/	165 KB 166 KB	1871ms 784ms	Image image/webp	154.209.236.171 ANCHGLOBAL-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://nknight.live/wp-content/themes/en/img/1.webp?v=1 Requested by Host: user.nknight.live URL: https://user.nknight.live/Public/login?url=http%3A%2F%2Fuser.nknight.live%2Findex%2Fadmin_index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.209.236.171 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK), Reverse DNS Software nginx/1.15.11 / Resource Hash `fb09702d70f0b8c742b2108e23aea470a5d847cf5e78a6954d78fd70eb7a8621` Request headers Accept-Language de-DE,de;q=0.9 Referer https://user.nknight.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 06 Oct 2021 13:42:57 GMT Last-Modified Tue, 20 Apr 2021 12:32:06 GMT Server nginx/1.15.11 ETag "607ec9c6-29554" Content-Type image/webp Connection keep-alive Accept-Ranges bytes Content-Length 169300

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| layer function| jqueryAlert function| getCookie function| set_select_checked object| M string| JUMP_URL object| accout object| password object| verify function| gg_auth function| submit_login function| languageChange

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			user.nknight.live/	1970-01-19 21:45:32	Name: think_language Value: de-DE
			user.nknight.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: a7q9u5nhe4p3cerdo1rg78tjh6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nknight.live
pub-broker.oss-cn-hongkong.aliyuncs.com
user.nknight.live
154.209.236.171
154.223.156.244
47.75.19.109
29207312f263dab049a5ea74f1c98e9677ca2d2643cbf2328f3e24dd1e097124
64e6c4eed931888750b6bc6f370f5500e76b67f60d361432bf6674ef6d991374
77f88222d45a8fdef6f601c98a9c907ec9eb7c7fc4c9cbed17b0185d0970142c
7b93d3076f2b495896fa5c0e97a4d376985b7eddd479eb77f8771b2414e1f218
7d385e5f655729a409d0478769d0e412d7aa1b5e1dd175b1218335676aee8465
e1a6bb39b44ca6b8128f06cb06b029826affd7e8db5ef54127368aaeb872a7a9
e5867cba429222b765b5226c920bb7cb7fa81f736473e1a09e5ff73d1a1c8267
ef7bf0e71853244e24df78d92f07d1ae14873603f3817dac9088bbabebf25045
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f49eba759c1ce4cc3a254dc820ae70e9073996b0f7ce8d0568813470d9adcdd4
fb09702d70f0b8c742b2108e23aea470a5d847cf5e78a6954d78fd70eb7a8621
fc5d05eada1241513c13308d3b2309822a49d5021527711528b5bdcf3e1ebc40
fd59295fd16dc5ab16925c6b95976e7d3f894046e860029db1507f7ca5a28396