notezi.com Open in urlscan Pro
154.213.53.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://notezi.com/
Submission: On July 11 via api (July 11th 2019, 7:13:25 pm UTC) from DE

Summary HTTP 30 Redirects Links 10 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 30 HTTP transactions. The main IP is 154.213.53.224, located in Hong Kong and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is notezi.com.

This is the only time notezi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	154.213.53.224 154.213.53.224		132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
1	103.235.46.191 103.235.46.191		55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
1	47.75.156.244 47.75.156.244		45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
30	4

1 154.213.53.224 (Hong Kong)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

notezi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.75.156.244 (China)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

www.fd220.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	fd220.com www.fd220.com
1	baidu.com hm.baidu.com push.zhanzhang.baidu.com Failed	12 KB
1	notezi.com notezi.com	12 KB
0	bdimg.com Failed apps.bdimg.com Failed
0	53kf.com Failed tb.53kf.com Failed
0	qsjn.com Failed cdn.qsjn.com Failed
30	6

	Domain	Requested by
1	www.fd220.com	notezi.com
1	hm.baidu.com	notezi.com
1	notezi.com
0	apps.bdimg.com Failed	notezi.com
0	push.zhanzhang.baidu.com Failed	notezi.com
0	tb.53kf.com Failed	notezi.com
0	cdn.qsjn.com Failed	notezi.com
30	7

This site contains links to these domains. Also see Links.

Domain
www.bdachat.com
www.bfakltd.com
www.bcunoin.com
www.jotasg.com
www.fvhs97.com
www.bcsbsnc.com
www.wrhs55.com
www.normox.com
www.ophnet.com
www.wevern.com

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-05-09` - `2020-06-25`	a year	crt.sh
www.fd220.com Let's Encrypt Authority X3	`2019-06-04` - `2019-09-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://notezi.com/
Frame ID: 23FDAB67504D0F083C9DF5AF074C2F08
Requests: 29 HTTP requests in this frame

Frame: https://www.fd220.com/home/reg.html?att=992
Frame ID: EA726A515EF870C7AB1F2570358161DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

30
Requests

7 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

24 kB
Transfer

90 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bdachat.com/
Title: 联运彩票-欢乐时时彩网址

Search URL Search Domain Scan URL

URL: http://www.bfakltd.com/
Title: 联运彩票|欢乐时时彩网址

Search URL Search Domain Scan URL

URL: http://www.bcunoin.com/
Title: 联运彩票|欢乐时时彩网址

Search URL Search Domain Scan URL

URL: http://www.jotasg.com/
Title: 联运彩票-欢乐时时彩网址

Search URL Search Domain Scan URL

URL: http://www.fvhs97.com/
Title: 联运彩票计划

Search URL Search Domain Scan URL

URL: http://www.bcsbsnc.com/
Title: 联运彩票-欢乐时时彩网址

Search URL Search Domain Scan URL

URL: http://www.wrhs55.com/
Title: 联运彩票计划

Search URL Search Domain Scan URL

URL: http://www.normox.com/
Title: 联运彩票计划

Search URL Search Domain Scan URL

URL: http://www.ophnet.com/
Title: 联运彩票|欢乐时时彩网址

Search URL Search Domain Scan URL

URL: http://www.wevern.com/
Title: 联运彩票计划

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
notezi.com/ 58 KB
12 KB 1824ms
220ms Document
text/html 154.213.53.224
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL: http://notezi.com/
Protocol: HTTP/1.1
Server: 154.213.53.224 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 97d304b2a00ca41c12826dc65219514af148e5f849defb91046df5d88ae185f2

Request headers

Host: notezi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
ETag: "8d704f08a4d1065"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, POST
Date: Thu, 11 Jul 2019 19:12:57 GMT
Content-Length: 12165

GET pace-theme-flash.css
cdn.qsjn.com/Public/home/plugins/pace/ 0
0

GET bootstrap.min.css
cdn.qsjn.com/Public/home/plugins/bootstrapv3/css/ 0
0

GET pages.css
cdn.qsjn.com/Public/home/css/ 0
0

GET animate.css
cdn.qsjn.com/Public/home/css/ 0
0

GET style.css
cdn.qsjn.com/Public/home/css/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 32 KB
12 KB 1139ms
604ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?baeb0b2c35b45d5ec016e87f9e5d3ad1

Requested by

Host: notezi.com
URL: http://notezi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

da20d8fd2d40bd278ea9862ef4af6c1d6ddf73664c67224a22f8905f4b240dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://notezi.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 11 Jul 2019 19:12:52 GMT
Content-Encoding: gzip
Server: apache
Etag: ec602aefee726995153181a3dcfdcf21
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11873

GET trddition_pic.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET trddition_text.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET allfinish_pic.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET allfinish_text.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET monoblock_bible_pic_1.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET monoblock_bible_pic_2.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET contact.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET weixin_qrcode.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET ims_qrcode.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET pace.min.js
cdn.qsjn.com/Public/home/plugins/pace/ 0
0

GET jquery-1.11.1.min.js
cdn.qsjn.com/Public/home/plugins/jquery/ 0
0

GET layer.js
cdn.qsjn.com/Public/home/plugins/layer/ 0
0

GET logo_white_mini.png
cdn.qsjn.com/Public/home/img/ 0
0

GET weixin_person.jpg
cdn.qsjn.com/Public/home/img/ 0
0

GET jquery.SuperSlide.2.1.1.js
cdn.qsjn.com/Public/home/plugins/jquery-superslide/ 0
0

GET hm.gif
hm.baidu.com/ 0
0

GET 58f31e6658511.jpg
cdn.qsjn.com/Uploads/201704/ 0
0

GET 58f322f8ad9cb.jpg
cdn.qsjn.com/Uploads/201704/ 0
0

GET 592e5431ef0e4.jpg
cdn.qsjn.com/Uploads/201705/ 0
0

GET 1
tb.53kf.com/code/code/10154153/ 0
0

GET push.js
push.zhanzhang.baidu.com/ 0
0

GET jquery.min.js
apps.bdimg.com/libs/jquery/2.1.4/ 0
0

GET
H/1.1 200
OK reg.html
www.fd220.com/home/ Frame EA72 0
0 3148ms
236ms Document
text/html 47.75.156.244
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fd220.com/home/reg.html?att=992
Requested by: Host: notezi.com
URL: http://notezi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.156.244 , China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: www.fd220.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://notezi.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://notezi.com/

Response headers

Server: nginx
Date: Thu, 11 Jul 2019 19:13:17 GMT
Content-Type: text/html; charset=utf-8
Expires: Fri, 12 Jul 2019 19:13:17 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
X-Cache: MISS from
Transfer-Encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/plugins/pace/pace-theme-flash.css

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/plugins/bootstrapv3/css/bootstrap.min.css

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/css/pages.css?v=20170410

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/css/animate.css

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/css/style.css?v=20170608

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/trddition_pic.jpg?v=20170412

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/trddition_text.jpg?v=20170412

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/allfinish_pic.jpg?v=20170412

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/allfinish_text.jpg?v=201706082

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/monoblock_bible_pic_1.jpg?v=20170412

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/monoblock_bible_pic_2.jpg?v=20170412

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/contact.jpg?v=20170412

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/weixin_qrcode.jpg?v=20170410

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/ims_qrcode.jpg?v=20170410

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/plugins/pace/pace.min.js

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/plugins/jquery/jquery-1.11.1.min.js

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/plugins/layer/layer.js

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/logo_white_mini.png?v=20170307

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/img/weixin_person.jpg

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Public/home/plugins/jquery-superslide/jquery.SuperSlide.2.1.1.js

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1055451501&si=baeb0b2c35b45d5ec016e87f9e5d3ad1&v=1.2.51&lv=1&sn=59228&ct=!!&tt=%E6%AC%A2%E4%B9%90%E6%97%B6%E6%97%B6%E5%BD%A9%E5%AE%98%E6%96%B9%E5%BC%80%E5%A5%96

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Uploads/201704/58f31e6658511.jpg

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Uploads/201704/58f322f8ad9cb.jpg

Domain: cdn.qsjn.com
URL: http://cdn.qsjn.com/Uploads/201705/592e5431ef0e4.jpg

Domain: tb.53kf.com
URL: http://tb.53kf.com/code/code/10154153/1

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Domain: apps.bdimg.com
URL: http://apps.bdimg.com/libs/jquery/2.1.4/jquery.min.js

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _hmt object| regexp string| where boolean| _bdhm_loaded_baeb0b2c35b45d5ec016e87f9e5d3ad1 object| mini_tangram_log_2rzc6b string| V_PATH function| price_box function| order_box number| ccc_ad_style number| ccc_ad_type object| ccc_browser object| ccc_brandKeys object| ccc_index function| Unicode2Native function| getAgentHref object| ccc_regexp string| agentHref string| ccc_html string| ccc_where function| doAd

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://notezi.com/(Line 1108) Message: ok

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.bdimg.com
cdn.qsjn.com
hm.baidu.com
notezi.com
push.zhanzhang.baidu.com
tb.53kf.com
www.fd220.com
apps.bdimg.com
cdn.qsjn.com
hm.baidu.com
push.zhanzhang.baidu.com
tb.53kf.com
103.235.46.191
154.213.53.224
47.75.156.244
97d304b2a00ca41c12826dc65219514af148e5f849defb91046df5d88ae185f2
da20d8fd2d40bd278ea9862ef4af6c1d6ddf73664c67224a22f8905f4b240dfa