urlscan.io logo urlscan.io
SecurityTrails logo

xxcnf.com Open in urlscan Pro
107.163.64.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xxcnf.com/
Effective URL: http://xxcnf.com/index.html
Submission: On November 16 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 25 HTTP transactions. The main IP is 107.163.64.136, located in Thousand Oaks, United States and belongs to TAKE2 - Take 2 Hosting, Inc., US. The main domain is xxcnf.com.
This is the only time xxcnf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 107.163.64.136 20248 (TAKE2)
1 107.163.64.5 20248 (TAKE2)
3 103.235.46.191 55967 (CNNIC-BAI...)
7 111.206.37.189 4808 (CHINA169-...)
1 180.149.132.115 23724 (CHINANET-...)
25 5
14    107.163.64.136 (Thousand Oaks, United States)

ASN20248 (TAKE2 - Take 2 Hosting, Inc., US)
xxcnf.com
1    107.163.64.5 (Thousand Oaks, United States)

ASN20248 (TAKE2 - Take 2 Hosting, Inc., US)
dxybn.com
3    103.235.46.191 (Central District, Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
7    111.206.37.189 (Beijing, China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
push.zhanzhang.baidu.com
bdimg.share.baidu.com
api.share.baidu.com
1    180.149.132.115 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
nsclick.baidu.com
Domain Requested by
14 xxcnf.com 1 redirects xxcnf.com
5 bdimg.share.baidu.com xxcnf.com
bdimg.share.baidu.com
3 hm.baidu.com dxybn.com
xxcnf.com
1 nsclick.baidu.com
1 api.share.baidu.com xxcnf.com
1 push.zhanzhang.baidu.com dxybn.com
1 dxybn.com xxcnf.com
25 7

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-08-28 -
2019-05-26		 9 months crt.sh

This page contains 1 frames:

Primary Page: http://xxcnf.com/index.html
Frame ID: 88EA8616C6A82930B1576AFB52D8F3C3
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xxcnf.com/ HTTP 301
    http://xxcnf.com/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

25
Requests

12 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

5
IPs

3
Countries

87 kB
Transfer

150 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xxcnf.com/ HTTP 301
    http://xxcnf.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
xxcnf.com/
Redirect Chain
  • http://xxcnf.com/
  • http://xxcnf.com/index.html
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0dc88c25c1ab5cefc78614508d8204033b733132d00b96da9b2279382d5daa9c

Request headers

Host
xxcnf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 15 Nov 2018 05:33:04 GMT
Accept-Ranges
bytes
ETag
"90844aea47cd41:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Fri, 16 Nov 2018 13:17:54 GMT
Content-Length
5365

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
index.html
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.2.17 ASP.NET
Date
Fri, 16 Nov 2018 13:17:54 GMT
Content-Length
133
TJ.js
dxybn.com/ 		457 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dxybn.com/TJ.js
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.5 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
42c3a94f93c117e0bce0eaf64534f96f487f72adbb4cb56a60789800d8a6d091

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Nov 2018 08:43:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"70798fcd637ad41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
374
main.css
xxcnf.com/templets/default/public/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xxcnf.com/templets/default/public/main.css
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4b05f9d11edaa6769b134746b199c57ddcc0bd4c30015da4e8a4d84ae1430085

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xxcnf.com/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Dec 2013 04:02:39 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"a260100eff6ce1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
5014
logo.png
xxcnf.com/templets/default/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/images/logo.png
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c54765bddc751479810eba888c76ac6d82bc45d55530a68a83aef01b70eef0af

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:54 GMT
Last-Modified
Sun, 26 Jul 2015 11:36:10 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"2a3194597c7d01:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
18701
upzxt.css
xxcnf.com/templets/default/public/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xxcnf.com/templets/default/public/upzxt.css
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
73327757f28063a36b80df81e48115e090f7cba92b3818b6779757e691f88c62

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xxcnf.com/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Oct 2018 07:40:54 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"9ecaee32370d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
768
news.css
xxcnf.com/templets/default/public/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xxcnf.com/templets/default/public/news.css
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
6d56e1ff8a9b148c0d2985d350a15f5f9f0e0f3742d2e734c5afe1c68dbe1020

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://xxcnf.com/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Dec 2013 04:02:44 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"bb81f92eff6ce1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
736
hm.js
hm.baidu.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?91109064b55b749963f48adeed64284d
Requested by
Host: dxybn.com
URL: http://dxybn.com/TJ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
147fddbb3fd02ddd908c48fe4b536985f83c4561360b323a0e64a0f04f6e1682
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Content-Encoding
gzip
Server
apache
Etag
6fb92eb4977e0c123d9d15b02200002d
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
9194
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: dxybn.com
URL: http://dxybn.com/TJ.js
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:45:53 GMT
Server
apache
Etag
"4078520154"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Sat, 16 Nov 2019 13:17:55 GMT
mainbg.jpg
xxcnf.com/templets/default/public/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/mainbg.jpg
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cc8a65d84ecebb6325c954c778fd0add5e61cfb288c89226b31125b35e30528d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
63
Content-Type
text/html
title_bg2.gif
xxcnf.com/templets/default/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/title_bg2.gif
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
70e7378827c0bdd1369598d06c8a0d0face7aff1f891ee651aff6edec1e502d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/news.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Last-Modified
Thu, 12 Dec 2013 04:07:01 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"512179ceff6ce1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2305
list_icon.gif
xxcnf.com/templets/default/public/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/list_icon.gif
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
809af0b548e0924d98f7572802f3ce2c93fd94f3f39f23f55c7cf789fba6df0f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/news.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Last-Modified
Thu, 12 Dec 2013 04:06:56 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"71ced798eff6ce1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1157
title_bg.gif
xxcnf.com/templets/default/public/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/title_bg.gif
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
626669d2b2daaa77fa976c699625f5ac18a01bd4d1a542bee134bd184a01bfea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/news.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Last-Modified
Thu, 12 Dec 2013 04:06:50 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"83b395eff6ce1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1042
mainfg.jpg
xxcnf.com/templets/default/public/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/mainfg.jpg
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cc8a65d84ecebb6325c954c778fd0add5e61cfb288c89226b31125b35e30528d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
63
Content-Type
text/html
dian.jpg
xxcnf.com/templets/default/public/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/dian.jpg
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
2538b745d321abf6e55ca58d130ab4a36dd1b6c0c16455b7b4a0477a3a925afe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Last-Modified
Thu, 12 Dec 2013 04:05:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"4a13496feff6ce1:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
8488
topbg.jpg
xxcnf.com/templets/default/public/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/topbg.jpg
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
22c32771341a68a89a1342d7b6b6b82d7ef9f4e45b6a2832ccc67ae04a1a5059

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Last-Modified
Thu, 12 Dec 2013 04:03:02 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"167f4adeff6ce1:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
12518
headallbg.jpg
xxcnf.com/templets/default/public/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xxcnf.com/templets/default/public/headallbg.jpg
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
107.163.64.136 Thousand Oaks, United States, ASN20248 (TAKE2 - Take 2 Hosting, Inc., US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cc8a65d84ecebb6325c954c778fd0add5e61cfb288c89226b31125b35e30528d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
xxcnf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://xxcnf.com/templets/default/public/main.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://xxcnf.com/templets/default/public/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:55 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
63
Content-Type
text/html
shell_v2.js
bdimg.share.baidu.com/static/js/ 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=13
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
BWS/1.0
Etag
"2176374695"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
571
Expires
Fri, 16 Nov 2018 13:47:56 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=864833620&si=91109064b55b749963f48adeed64284d&v=1.2.35&lv=1&ct=!!&tt=ag%E6%B8%B8%E6%88%8F%E7%BD%91-%E9%A6%96%E9%A1%B5&sn=8051
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Nov 2018 13:17:56 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
s.gif
api.share.baidu.com/ 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://xxcnf.com/index.html
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Nov 2018 13:17:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
apache
Content-Length
0
Content-Type
image/gif
logger.js
bdimg.share.baidu.com/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/logger.js?cdnversion=428438
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=13
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
BWS/1.0
Etag
"867751605"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
2404
Expires
Fri, 16 Nov 2018 13:47:56 GMT
bds_s_v2.js
bdimg.share.baidu.com/static/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=428438
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=13
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
6840e2b956675f9c0863baaa15d0522ae893dd60482b4af91a46083020578b5b

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
BWS/1.0
Etag
"859391591"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
9992
Expires
Fri, 16 Nov 2018 13:47:57 GMT
bdsstyle.css
bdimg.share.baidu.com/static/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=428438
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
4067e0bd861b026d7bda9b5b7dfb7d0bd2af96616aeb4313244d47be73c2c7d4

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jun 2015 08:50:09 GMT
Server
BWS/1.0
Etag
"3350779264"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1800
Accept-Ranges
bytes
Content-Length
2021
Expires
Fri, 16 Nov 2018 13:47:57 GMT
r1.gif
bdimg.share.baidu.com/static/images/ 		980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bdimg.share.baidu.com/static/images/r1.gif
Requested by
Host: xxcnf.com
URL: http://xxcnf.com/index.html
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
2683fd7fe3e389f10cad0defacd9baed57ca6af237298b4765b7905c2e07da86

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 13:17:58 GMT
Last-Modified
Fri, 05 Jun 2015 08:50:10 GMT
Server
BWS/1.0
Etag
"859364341"
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
980
Expires
Fri, 23 Nov 2018 13:17:58 GMT
hm.gif
hm.baidu.com/ 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=%7B%22netAll%22%3A2548%2C%22netDns%22%3A0%2C%22netTcp%22%3A0%2C%22srv%22%3A157%2C%22dom%22%3A984%2C%22loadEvent%22%3A7618%7D&et=87&ja=0&ln=en-us&lo=0&rnd=1423501511&si=91109064b55b749963f48adeed64284d&v=1.2.35&lv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Nov 2018 13:17:59 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
v.gif
nsclick.baidu.com/ 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nsclick.baidu.com/v.gif?pid=307&type=3071&sc=1585,1286,1600,1200&desturl=&apitype=1&linkid=jok1tldk0b9&velo_load=1350&velo_cssload=437&velo_jsLoad=923&cite_uid=2190889&cite_type=4&cite_mini=0
Protocol
HTTP/1.1
Server
180.149.132.115 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xxcnf.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Nov 2018 13:18:02 GMT
Last-Modified
Fri, 23 Oct 2009 08:06:04 GMT
Server
BWS/1.0
Etag
"4280832337"
Content-Type
image/gif
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
0
Expires
Fri, 16 Nov 2018 13:18:02 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt function| hasClass function| addClass function| removeClass function| link_expand number| tt number| times function| ChangeDiv boolean| _bdhm_loaded_91109064b55b749963f48adeed64284d object| mini_tangram_log_gwk6qz object| bdShare object| shell object| $BAIDU$ string| inner object| _bdS object| mini_tangram_log_k939k8

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.share.baidu.com
bdimg.share.baidu.com
dxybn.com
hm.baidu.com
nsclick.baidu.com
push.zhanzhang.baidu.com
xxcnf.com
103.235.46.191
107.163.64.136
107.163.64.5
111.206.37.189
180.149.132.115
0dc88c25c1ab5cefc78614508d8204033b733132d00b96da9b2279382d5daa9c
147fddbb3fd02ddd908c48fe4b536985f83c4561360b323a0e64a0f04f6e1682
22c32771341a68a89a1342d7b6b6b82d7ef9f4e45b6a2832ccc67ae04a1a5059
2538b745d321abf6e55ca58d130ab4a36dd1b6c0c16455b7b4a0477a3a925afe
2683fd7fe3e389f10cad0defacd9baed57ca6af237298b4765b7905c2e07da86
4067e0bd861b026d7bda9b5b7dfb7d0bd2af96616aeb4313244d47be73c2c7d4
42c3a94f93c117e0bce0eaf64534f96f487f72adbb4cb56a60789800d8a6d091
4b05f9d11edaa6769b134746b199c57ddcc0bd4c30015da4e8a4d84ae1430085
626669d2b2daaa77fa976c699625f5ac18a01bd4d1a542bee134bd184a01bfea
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6840e2b956675f9c0863baaa15d0522ae893dd60482b4af91a46083020578b5b
6d56e1ff8a9b148c0d2985d350a15f5f9f0e0f3742d2e734c5afe1c68dbe1020
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654
70e7378827c0bdd1369598d06c8a0d0face7aff1f891ee651aff6edec1e502d6
73327757f28063a36b80df81e48115e090f7cba92b3818b6779757e691f88c62
809af0b548e0924d98f7572802f3ce2c93fd94f3f39f23f55c7cf789fba6df0f
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214
c54765bddc751479810eba888c76ac6d82bc45d55530a68a83aef01b70eef0af
cc8a65d84ecebb6325c954c778fd0add5e61cfb288c89226b31125b35e30528d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855