urlscan.io logo urlscan.io
SecurityTrails logo

a.xzfile.com Open in urlscan Pro
61.184.202.96  Public Scan

Go To Rescan Add Verdict Report
URL: http://a.xzfile.com/down2/lhsmbsv7.0_downcc.com.zip
Submission: On August 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 61.184.202.96, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is a.xzfile.com.
This is the only time a.xzfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 61.184.202.96 4134 (CHINANET-...)
1 180.163.40.41 4812 (CHINANET-...)
3 61.170.81.242 4812 (CHINANET-...)
5 3
Apex Domain
Subdomains		 Transfer
3 xiazaicc.com
api.xiazaicc.com
4 KB
1 7273.com
www.7273.com
6 KB
1 xzfile.com
a.xzfile.com
3 KB
5 3
Domain Requested by
3 api.xiazaicc.com a.xzfile.com
api.xiazaicc.com
1 www.7273.com a.xzfile.com
1 a.xzfile.com
5 3

This site contains links to these domains. Also see Links.

Domain
www.7273.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://a.xzfile.com/down2/lhsmbsv7.0_downcc.com.zip
Frame ID: 00813D4B589F8DBA721981325831C31E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

搜索-7273资源网

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

14 kB
Transfer

14 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lhsmbsv7.0_downcc.com.zip
a.xzfile.com/down2/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.xzfile.com/down2/lhsmbsv7.0_downcc.com.zip
Protocol
HTTP/1.1
Server
61.184.202.96 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
00c3bbf37e0db82ef956f58b46200ca99023b5b37fdc9d98603a9b506140318f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
2836
Content-Type
text/html
Date
Thu, 10 Aug 2023 18:46:28 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
logo.png
www.7273.com/statics/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.7273.com/statics/images/logo.png
Requested by
Host: a.xzfile.com
URL: http://a.xzfile.com/down2/lhsmbsv7.0_downcc.com.zip
Protocol
HTTP/1.1
Server
180.163.40.41 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine / ASP.NET
Resource Hash
4238fec2d8d72e63ccf385bda9fe9af1a1aa69f792408fc1a18ef29ac7e3b205
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.xzfile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 17:15:12 GMT
Via
cache43.l2cm10-2[0,0,304-0,H], cache9.l2cm10-2[1,0], cache1.cn879[0,0,200-0,H], cache7.cn879[1,0]
Age
5476
X-Swift-CacheTime
2197
X-Powered-By
ASP.NET
X-Cache
HIT TCP_MEM_HIT dirn:1:86181145
Connection
keep-alive
X-Swift-SaveTime
Thu, 10 Aug 2023 18:38:39 GMT
Content-Length
5920
Last-Modified
Mon, 13 Sep 2021 08:49:06 GMT
Server
Tengine
ETag
"d810f367ca8d71:0"
X-Frame-Options
sameorigin
Ali-Swift-Global-Savetime
1691687716
Content-Type
image/png
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
6a0fda9b16916931927452897e
stat.php
api.xiazaicc.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.xiazaicc.com/stat.php?id=13&m=0
Requested by
Host: a.xzfile.com
URL: http://a.xzfile.com/down2/lhsmbsv7.0_downcc.com.zip
Protocol
HTTP/1.1
Server
61.170.81.242 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
242.81.170.61.broad.xw.sh.dynamic.163data.com.cn
Software
Tengine /
Resource Hash
aae3c1fa8bf29784df7d2c6aff44f57fe6469231fc40a55eb4081a3da7cbec42

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://a.xzfile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 18:46:31 GMT
Content-Encoding
gzip
Via
cache50.l2cn2647[33,32,200-0,M], cache74.l2cn2647[34,0], vcache28.cn6013[42,41,200-0,M], vcache22.cn6013[44,0]
Server
Tengine
X-Swift-CacheTime
0
Transfer-Encoding
chunked
Ali-Swift-Global-Savetime
1691693192
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
X-Cache
MISS TCP_MISS dirn:-2:-2
Connection
keep-alive
X-Swift-SaveTime
Thu, 10 Aug 2023 18:46:32 GMT
Timing-Allow-Origin
*
EagleId
3daa512a16916931925575467e
error
api.xiazaicc.com/ 		40 B
887 B 		Script
General
Check archive.org
Download Go to
Full URL
http://api.xiazaicc.com/error?url=http%3A%2F%2Fa.xzfile.com%2Fdown2%2Flhsmbsv7.0_downcc.com.zip&before_url=&site_id=13&lg=en-us&showp=1600x1200&device=0&browser=Chrome&sys=Windows%3B%2010&t=2023_7_10_20_46&useragent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F115.0.5790.170%20safari%2F537.36&m=0%27
Requested by
Host: api.xiazaicc.com
URL: http://api.xiazaicc.com/stat.php?id=13&m=0
Protocol
HTTP/1.1
Server
61.170.81.242 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
242.81.170.61.broad.xw.sh.dynamic.163data.com.cn
Software
Tengine /
Resource Hash
28a7d30db2b2c216e8861003f0b03b090ae42a499a5d7a9b570f51373ebfe0c6

Request headers

Referer
http://a.xzfile.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 10 Aug 2023 18:46:32 GMT
Content-Encoding
gzip
Via
cache57.l2cn2647[187,186,200-0,M], cache27.l2cn2647[188,0], vcache13.cn6013[194,194,200-0,M], vcache22.cn6013[195,0]
X-Swift-CacheTime
0
Transfer-Encoding
chunked
X-Cache
MISS TCP_MISS dirn:-2:-2
Connection
keep-alive
X-Swift-SaveTime
Thu, 10 Aug 2023 18:46:32 GMT
Server
Tengine
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,GET,OPTIONS,DELETE
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1691693192
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
sign
EagleId
3daa512a16916931927805636e
error_data
api.xiazaicc.com/ 		13 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
http://api.xiazaicc.com/error_data?url=http%3A%2F%2Fa.xzfile.com%2Fdown2%2Flhsmbsv7.0_downcc.com.zip&get_data=0&site_id=13&referrer=&t=2023_7_10_20_46%27
Requested by
Host: api.xiazaicc.com
URL: http://api.xiazaicc.com/stat.php?id=13&m=0
Protocol
HTTP/1.1
Server
61.170.81.242 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
242.81.170.61.broad.xw.sh.dynamic.163data.com.cn
Software
Tengine /
Resource Hash
edbb30c1a71c4df238e084797e9f3627b0029691f84efd1d03fed18cb4538b27

Request headers

Referer
http://a.xzfile.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 10 Aug 2023 18:46:32 GMT
Content-Encoding
gzip
Via
cache72.l2cn2647[78,77,200-0,M], cache42.l2cn2647[79,0], vcache11.cn6013[87,87,200-0,M], vcache20.cn6013[89,0]
X-Swift-CacheTime
0
Transfer-Encoding
chunked
X-Cache
MISS TCP_MISS dirn:-2:-2
Connection
keep-alive
X-Swift-SaveTime
Thu, 10 Aug 2023 18:46:32 GMT
Server
Tengine
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST,GET,OPTIONS,DELETE
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1691693192
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
sign
EagleId
3daa512816916931927793264e

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| domain object| obj object| e string| lg string| parame function| serialize function| getOSname function| device function| t function| fIsMobile function| getBrowserInfo function| request string| day string| Storage_name object| get_data string| don object| parame_data undefined| j

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: http://a.xzfile.com/down2/lhsmbsv7.0_downcc.com.zip
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://api.xiazaicc.com/stat.php?id=13&m=0(Line 175)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://api.xiazaicc.com/error?url=http%3A%2F%2Fa.xzfile.com%2Fdown2%2Flhsmbsv7.0_downcc.com.zip&before_url=&site_id=13&lg=en-us&showp=1600x1200&device=0&browser=Chrome&sys=Windows%3B%2010&t=2023_7_10_20_46&useragent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F115.0.5790.170%20safari%2F537.36&m=0%27, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://api.xiazaicc.com/stat.php?id=13&m=0(Line 175)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://api.xiazaicc.com/error?url=http%3A%2F%2Fa.xzfile.com%2Fdown2%2Flhsmbsv7.0_downcc.com.zip&before_url=&site_id=13&lg=en-us&showp=1600x1200&device=0&browser=Chrome&sys=Windows%3B%2010&t=2023_7_10_20_46&useragent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F115.0.5790.170%20safari%2F537.36&m=0%27, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://api.xiazaicc.com/stat.php?id=13&m=0(Line 191)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://api.xiazaicc.com/error_data?url=http%3A%2F%2Fa.xzfile.com%2Fdown2%2Flhsmbsv7.0_downcc.com.zip&get_data=0&site_id=13&referrer=&t=2023_7_10_20_46%27, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.