ntbxsp.cn Open in urlscan Pro
38.35.116.91 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ntbxsp.cn/
Submission: On January 24 via api (January 24th 2023, 12:27:40 am UTC) from NL — Scanned from NL

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 19 HTTP transactions. The main IP is 38.35.116.91, located in United States and belongs to ROOT-NETWORKS Root Networks, GB. The main domain is ntbxsp.cn.

This is the only time ntbxsp.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	38.35.116.91 38.35.116.91	32708 (ROOT-NETW...) (ROOT-NETWORKS Root Networks)
1 1	2606:4700:20:... 2606:4700:20::681a:8af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:472d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.101.220.121 47.101.220.121	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	154.39.104.49 154.39.104.49	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
1	185.23.181.24 185.23.181.24	138915 (KAOPU-HK ...) (KAOPU-HK Kaopu Cloud HK Limited)
1 2	120.79.86.49 120.79.86.49	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	43.132.250.251 43.132.250.251	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	218.12.76.170 218.12.76.170	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	79.133.177.226 79.133.177.226	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
19	10

10 38.35.116.91 (United States)

ASN32708 (ROOT-NETWORKS Root Networks, GB)
PTR: connect.rcp.net

ntbxsp.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:8af (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

0xzx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:472d (United States)

ASN13335 (CLOUDFLARENET, US)

0xzx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.101.220.121 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

img.78game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.39.104.49 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

www.zhicheng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.23.181.24 (Frankfurt am Main, Germany)

ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)

img-blog.csdnimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 120.79.86.49 (Shenzhen, China) 1 redirects

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.cf10.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.132.250.251 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.bihuoji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.12.76.170 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

img3.downza.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.226 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

nimg.ws.126.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ntbxsp.cn ntbxsp.cn	66 KB
2	cf10.cn 1 redirects www.cf10.cn	836 B
2	0xzx.com 1 redirects 0xzx.com	37 KB
1	126.net nimg.ws.126.net — Cisco Umbrella Rank: 110461	33 KB
1	downza.cn img3.downza.cn	12 KB
1	bihuoji.com www.bihuoji.com
1	csdnimg.cn img-blog.csdnimg.cn — Cisco Umbrella Rank: 96372	234 KB
1	zhicheng.com www.zhicheng.com
1	78game.com img.78game.com	10 KB
0	0hl.net Failed www.0hl.net Failed
19	10

	Domain	Requested by
10	ntbxsp.cn	ntbxsp.cn
2	www.cf10.cn	1 redirects ntbxsp.cn
2	0xzx.com	1 redirects ntbxsp.cn
1	nimg.ws.126.net	ntbxsp.cn
1	img3.downza.cn	ntbxsp.cn
1	www.bihuoji.com	ntbxsp.cn
1	img-blog.csdnimg.cn	ntbxsp.cn
1	www.zhicheng.com	ntbxsp.cn
1	img.78game.com	ntbxsp.cn
0	www.0hl.net Failed	ntbxsp.cn
19	10

This site contains no links.

Subject Issuer	Validity	Valid
img.78game.com Encryption Everywhere DV TLS CA - G1	`2023-01-03` - `2024-01-02`	a year	crt.sh
*.csdnimg.cn RapidSSL RSA CA 2018	`2022-10-11` - `2023-10-11`	a year	crt.sh
bihuoji.com TrustAsia RSA DV TLS CA G2	`2022-07-16` - `2023-07-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ntbxsp.cn/
Frame ID: F48BAAF7F72756837F5557FDA04831CD
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

我手机上两个tp钱包

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

16 %
HTTPS

20 %
IPv6

10
Domains

10
Subdomains

10
IPs

5
Countries

391 kB
Transfer

477 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://0xzx.com/wp-content/uploads/2021/06/N6tod7ha.png HTTP 301
https://0xzx.com/wp-content/uploads/2021/06/N6tod7ha.png

Request Chain 11

http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-768x112.jpg%20768w HTTP 301
http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-768x112.jpg%20768w

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ntbxsp.cn/ 14 KB
5 KB 1180ms
156ms Document
text/html 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: 61408e77ebff34c8010056a7ea3bbb0e40bece50313db99938c143b0cf50c65a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4276
Content-Type: text/html
Date: Tue, 24 Jan 2023 00:27:24 GMT
ETag: "39e5-5f29dc9f5088f-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 19 Jan 2023 13:19:55 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
ntbxsp.cn/skin/css/ 23 KB
5 KB 157ms
157ms Stylesheet
text/css 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/skin/css/style.css
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: 85f50343327a816e544423dc9eeb540764ee5f241a73c901c55c4658c5e0e20f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "5c29-5f29dc0d2936d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4622

GET
H/1.1 404
Not Found api.js
ntbxsp.cn/ 0
0 156ms
155ms Script
text/html 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/api.js
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 325
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
ntbxsp.cn/skin/js/ 91 KB
33 KB 323ms
164ms Script
application/javascript 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/skin/js/jquery-1.8.3.min.js
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: 32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "16dc7-5f29dc0d28f85-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33437

GET
H/1.1 200
OK common.js Show response
ntbxsp.cn/skin/js/ 4 KB
2 KB 313ms
154ms Script
application/javascript 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/skin/js/common.js
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: a3a3183177eceea158d9fa037b2f40ee56d80161c274f734571ff8ac06d0d71b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "f18-5f29dc0d28f85-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1345

GET
H/1.1 200
OK logo.png
ntbxsp.cn/skin/images/ 12 KB
13 KB 155ms
154ms Image
image/png 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ntbxsp.cn/skin/images/logo.png
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: 9ec5ade6153ac5a770dc9463808b55ef31e8dfe9cee4340117258fb1c11d2638

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "31f2-5f29dc0d28f85-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 12809

GET
H2

200

N6tod7ha.png
0xzx.com/wp-content/uploads/2021/06/
Redirect Chain

http://0xzx.com/wp-content/uploads/2021/06/N6tod7ha.png
https://0xzx.com/wp-content/uploads/2021/06/N6tod7ha.png

36 KB
36 KB

181ms
135ms

Image
image/webp

2606:4700:20::ac43:472d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0xzx.com/wp-content/uploads/2021/06/N6tod7ha.png

Requested by

Host: ntbxsp.cn
URL: http://ntbxsp.cn/

Protocol

Server

2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ca2ef6b95b4570070ab75e80c16081a9f6bba69ed3a826b0fde01020da0044e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 00:27:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=95997
content-disposition: inline; filename="N6tod7ha.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36556
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 26 Jun 2021 13:55:08 GMT
server: cloudflare
etag: "60d731bc-176fd"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000
permissions-policy: camera=(), microphone=(), geolocation=()
accept-ranges: bytes
cf-ray: 78e4a4c00cfbbb43-FRA
expires: Sat, 18 Feb 2023 21:51:42 GMT

Redirect headers

Date: Tue, 24 Jan 2023 00:27:28 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://0xzx.com/wp-content/uploads/2021/06/N6tod7ha.png
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 78e4a4bf7f1b5b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Tue, 24 Jan 2023 01:27:28 GMT

GET
H2 200 -1_0103215514JK.jpg
img.78game.com/uploads/allimg/230103/ 10 KB
10 KB 1431ms
265ms Image
image/jpeg 47.101.220.121
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.78game.com/uploads/allimg/230103/-1_0103215514JK.jpg

Requested by

Host: ntbxsp.cn
URL: http://ntbxsp.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.101.220.121 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

e2f1e2a2c037c9d06c1fd083685a06d3839a462a687273ab4efd3ffb88613ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 00:27:29 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 03 Jan 2023 13:55:14 GMT
server: nginx
etag: "63b433c2-2778"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10104
expires: Thu, 23 Feb 2023 00:27:29 GMT

GET
H/1.1 403
Forbidden 20210318060058406.jpg
www.zhicheng.com/uploadfile/2021/0318/ 0
0 798ms
274ms Image
text/html 154.39.104.49
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.zhicheng.com/uploadfile/2021/0318/20210318060058406.jpg
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 154.39.104.49 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK wt.png
ntbxsp.cn/skin/ 5 KB
5 KB 157ms
155ms Image
image/png 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ntbxsp.cn/skin/wt.png
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: 8925a7b31423dc854c6920323394bbbb86b89a45686266c100d6d507a7058c5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "124a-5f29dc0d28f85-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4683

GET 7197ff8d831a45b0bc3eb76c6113b008.jpg
www.0hl.net/wp-content/uploads/2022/03/ 0
0

GET
H2 200 c8d49ccb53497a7590d32a5876821766.png
img-blog.csdnimg.cn/img_convert/ 233 KB
234 KB 2696ms
391ms Image
image/jpeg 185.23.181.24
KAOPU-HK Kaopu Cl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-blog.csdnimg.cn/img_convert/c8d49ccb53497a7590d32a5876821766.png
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.23.181.24 Frankfurt am Main, Germany, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 917388e784bba9ca302c2401594e60d0b78c2218b4b883d188d54184913be997

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 00:27:31 GMT
x-oss-request-id: 63C88722000B1F3032C3C1D7
content-md5: WHgMb7CwwbvSHaOGxVOdkA==
content-length: 238441
x-oss-object-type: Normal
last-modified: Mon, 22 Feb 2021 14:44:48 GMT
server: AliyunOSS
etag: "58780C6FB0B0C1BBD21DA386C5539D90"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1523368392488360158
x-oss-server-time: 119
x-ser: BC19_dx-lt-yd-zhejiang-wenzhou-11-cache-2, BC24_DE-Frankfurt-Frankfurt-7-cache-1

GET
H/1.1

404
Not Found

70ab0f6449c0eb09678c051f6b1b68e-768x112.jpg%20768w
www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/www.cf10...
Redirect Chain

http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/...
http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/w...

0
0

345ms
344ms

Image
text/html

120.79.86.49
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-768x112.jpg%20768w
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 120.79.86.49 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

Date: Tue, 24 Jan 2023 00:27:29 GMT
Server: Apache
X-Redirect-By: WordPress
X-Cache: MISS
Upgrade: h2
Location: http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-768x112.jpg%20768w
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Upgrade, close
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 a566075fb44ecd88679b95e30bd16979.jpg
www.bihuoji.com/wp-content/uploads/2020/04/ 0
0 1906ms
205ms Image
text/html 43.132.250.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bihuoji.com/wp-content/uploads/2020/04/a566075fb44ecd88679b95e30bd16979.jpg
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.132.250.251 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK 165250-6139cb62cf232.jpg
img3.downza.cn/download/202109/ 11 KB
12 KB 2742ms
207ms Image
image/jpeg 218.12.76.170
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img3.downza.cn/download/202109/165250-6139cb62cf232.jpg
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 218.12.76.170 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 3fe87e863350336c443743699338e48d6c8af083db4755d6a0f9cfa646fdf3bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

nginx-hit: 1
Date: Tue, 24 Jan 2023 00:27:31 GMT
via: CHN-HEshijiazhuang-AREACUCC1-CACHE28[12],CHN-HEshijiazhuang-AREACUCC1-CACHE40[0,TCP_HIT,11],CHN-TJ-GLOBAL1-CACHE6[14],CHN-TJ-GLOBAL1-CACHE3[0,TCP_HIT,14]
X-CCDN-CacheTTL: 31536000
x-amz-request-id: 00000185ADBF7912900679C0BD21A522
CloudServiceDiscount: CDN
Age: 436747
Connection: keep-alive
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length: 11593
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSwMsPWNGUl6gWJf/fhIpPdYE/DzHKm0
Last-Modified: Thu, 09 Sep 2021 08:52:50 GMT
Server: openresty
ETag: "352082e3f18d989c93701f1f9c9166ae"
Content-Type: image/jpeg
Accept-Ranges: bytes
x-hcs-proxy-type: 1

GET
H/1.1 200
OK /
nimg.ws.126.net/ 32 KB
33 KB 1399ms
23ms Image
image/jpeg 79.133.177.226
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nimg.ws.126.net/?url=http://dingyue.ws.126.net/2021/0525/4b22f7dap00qtnv88004oc000p000jzg.png&thumbnail=650x2147483647&quality=80&type=jpg
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 79.133.177.226 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 20e1d0a49aec5723c2152d9d28e0a0dd9456afd1f246329edc26ae118344e4ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:26:20 GMT
Via: cache45.l2st3-1[56,56,200-0,M], cache19.l2st3-1[58,0], cache9.l2sg2[96,95,200-0,M], cache16.l2sg2[96,0], cache4.l2de2[0,0,200-0,H], cache14.l2de2[0,0], cache3.de3[2,2,200-0,M], cache10.de3[4,0]
cdn-ip: 79.133.177.226
X-Nos-Request-Id: aef8dfd40a820000000063cf25ac6334
Content-Md5: e63916973f42b4ec539e0c5d73361a7a
Age: 0
X-Swift-CacheTime: 2591930
X-Cache: MISS TCP_MISS dirn:-2:-2
cdn-user-ip: 5.79.98.49
X-Envoy-Upstream-Service-Time: 12
Connection: keep-alive
X-Nos-Storage-Class: STANDARD_IA
X-Swift-SaveTime: Tue, 24 Jan 2023 00:27:30 GMT
Content-Length: 32771
Last-Modified: Tue, 25 May 2021 19:43:21 Asia/Shanghai
Server: Tengine
X-Cache-Remote: MISS
cdn-source: ali
Etag: 4b22f7da8f862fa6851dbf529047c80b
X-Nos-Requesttype: imageView
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Content-From: netease
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: false
Ali-Swift-Global-Savetime: 1674519980
Timing-Allow-Origin: *
EagleId: 4f85b19e16745200500232925e
Expires: Thu, 23 Feb 2023 00:26:20 GMT

GET
H/1.1 404
Not Found tongji.js
ntbxsp.cn/ 0
0 154ms
154ms Script
text/html 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/tongji.js
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sidebar-follow-jquery.js Show response
ntbxsp.cn/skin/js/ 3 KB
2 KB 154ms
154ms Script
application/javascript 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to

Full URL: http://ntbxsp.cn/skin/js/sidebar-follow-jquery.js
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: be8aa8bbaea4ec349a8650739e489f0a097a5b2b8423ed161bfe665ee991595a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "bf1-5f29dc0d28f85-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1212

GET
H/1.1 200
OK bg.png
ntbxsp.cn/skin/images/ 2 KB
2 KB 154ms
154ms Image
image/png 38.35.116.91
ROOT-NETWORKS Roo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ntbxsp.cn/skin/images/bg.png
Requested by: Host: ntbxsp.cn
URL: http://ntbxsp.cn/skin/css/style.css
Protocol: HTTP/1.1
Server: 38.35.116.91 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB),
Reverse DNS: connect.rcp.net
Software: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev /
Resource Hash: fcad0e94fa03ef0f1d2db8fb8233bbf691ba8c1d4c78d5ec9d9a1c4f6e3376e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://ntbxsp.cn/skin/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 00:27:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 13:17:22 GMT
Server: Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev
ETag: "845-5f29dc0d2936d-gzip"
Vary: Accept-Encoding
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2107

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.0hl.net
URL: https://www.0hl.net/wp-content/uploads/2022/03/7197ff8d831a45b0bc3eb76c6113b008.jpg

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ntbxsp.cn/api.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ntbxsp.cn/tongji.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.zhicheng.com/uploadfile/2021/0318/20210318060058406.jpg Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.bihuoji.com/wp-content/uploads/2020/04/a566075fb44ecd88679b95e30bd16979.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e.jpg%20820w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-300x44.jpg%20300w,%20http:/www.cf10.cn/wp-content/uploads/2022/11/70ab0f6449c0eb09678c051f6b1b68e-768x112.jpg%20768w Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0xzx.com
img-blog.csdnimg.cn
img.78game.com
img3.downza.cn
nimg.ws.126.net
ntbxsp.cn
www.0hl.net
www.bihuoji.com
www.cf10.cn
www.zhicheng.com
www.0hl.net
120.79.86.49
154.39.104.49
185.23.181.24
218.12.76.170
2606:4700:20::681a:8af
2606:4700:20::ac43:472d
38.35.116.91
43.132.250.251
47.101.220.121
79.133.177.226
20e1d0a49aec5723c2152d9d28e0a0dd9456afd1f246329edc26ae118344e4ea
32c696facdc745fe3f18c62fc0e8e35dbce7dc26261599ad8feeff2456592680
3fe87e863350336c443743699338e48d6c8af083db4755d6a0f9cfa646fdf3bf
61408e77ebff34c8010056a7ea3bbb0e40bece50313db99938c143b0cf50c65a
7ca2ef6b95b4570070ab75e80c16081a9f6bba69ed3a826b0fde01020da0044e
85f50343327a816e544423dc9eeb540764ee5f241a73c901c55c4658c5e0e20f
8925a7b31423dc854c6920323394bbbb86b89a45686266c100d6d507a7058c5c
917388e784bba9ca302c2401594e60d0b78c2218b4b883d188d54184913be997
9ec5ade6153ac5a770dc9463808b55ef31e8dfe9cee4340117258fb1c11d2638
a3a3183177eceea158d9fa037b2f40ee56d80161c274f734571ff8ac06d0d71b
be8aa8bbaea4ec349a8650739e489f0a097a5b2b8423ed161bfe665ee991595a
e2f1e2a2c037c9d06c1fd083685a06d3839a462a687273ab4efd3ffb88613ac0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcad0e94fa03ef0f1d2db8fb8233bbf691ba8c1d4c78d5ec9d9a1c4f6e3376e9

ntbxsp.cn Open in urlscan Pro 38.35.116.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

16 %HTTPS

20 %IPv6

10 Domains

10 Subdomains

10 IPs

5 Countries

391 kBTransfer

477 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

ntbxsp.cn Open in urlscan Pro
38.35.116.91 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

16 %
HTTPS

20 %
IPv6

10
Domains

10
Subdomains

10
IPs

5
Countries

391 kB
Transfer

477 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions