URL: https://ucloud.nxswl.cn/
Submission Tags: @phishunt_io
Submission: On September 05 via api from ES

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3037::ac43:be5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ucloud.nxswl.cn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.
This is the only time ucloud.nxswl.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains
Transfer
5 nxswl.cn
ucloud.nxswl.cn
105 KB
9 1
Domain Requested by
5 ucloud.nxswl.cn ucloud.nxswl.cn
9 1

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-08 -
2021-08-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://ucloud.nxswl.cn/
Frame ID: 32FEA0288435410CB941C91E0B0F8ED7
Requests: 9 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

9
Requests

56 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

3
IPs

1
Countries

105 kB
Transfer

453 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ucloud.nxswl.cn/
14 KB
5 KB
Document
General
Full URL
https://ucloud.nxswl.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:be5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670a97e619ab410eb1e5f01c9da253b47d8f124fd59fded1741e2df46ced9c5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
ucloud.nxswl.cn
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 05 Sep 2020 17:16:27 GMT
content-type
text/html
set-cookie
__cfduid=dcbe0a5258903a0af47c9835299f52c4c1599326186; expires=Mon, 05-Oct-20 17:16:26 GMT; path=/; domain=.nxswl.cn; HttpOnly; SameSite=Lax
last-modified
Sat, 05 Sep 2020 01:21:32 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0500de05df0000979ce3921200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ce1991c9f12979c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
three.min.js
ucloud.nxswl.cn/js/
0
0

tween.min.js
ucloud.nxswl.cn/js/
0
0

TrackballControls.js
ucloud.nxswl.cn/js/
0
0

CSS3DRenderer.js
ucloud.nxswl.cn/js/
0
0

three.min.js
ucloud.nxswl.cn/js/
420 KB
95 KB
Script
General
Full URL
https://ucloud.nxswl.cn/js/three.min.js
Requested by
Host: ucloud.nxswl.cn
URL: https://ucloud.nxswl.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:868e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f33a88801810adb51f2ebba218d722d930fcfc294646e330389a0241caef826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ucloud.nxswl.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 17:16:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
0
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0500de09c60000980e483d6200000001
last-modified
Sat, 05 Sep 2020 01:21:32 GMT
server
cloudflare
etag
W/"5f52e81c-691af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ce19922d9f2980e-FRA
tween.min.js
ucloud.nxswl.cn/js/
5 KB
2 KB
Script
General
Full URL
https://ucloud.nxswl.cn/js/tween.min.js
Requested by
Host: ucloud.nxswl.cn
URL: https://ucloud.nxswl.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:868e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31686caf8ddda83277ca5cee3a21df447f6ab680a2e9d88bf182f03eec761e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ucloud.nxswl.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 17:16:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
0
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0500de0d580000980e483f6200000001
last-modified
Sat, 05 Sep 2020 01:21:32 GMT
server
cloudflare
etag
W/"5f52e81c-1312"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ce199288eea980e-FRA
TrackballControls.js
ucloud.nxswl.cn/js/
10 KB
2 KB
Script
General
Full URL
https://ucloud.nxswl.cn/js/TrackballControls.js
Requested by
Host: ucloud.nxswl.cn
URL: https://ucloud.nxswl.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:868e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a5039f3015aa4678330a45435ed8f78fc16f32d508171294cb16a903c35a79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ucloud.nxswl.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 17:16:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
0
cf-polished
origSize=12645
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0500de0d760000980e483f8200000001
last-modified
Sat, 05 Sep 2020 01:21:32 GMT
server
cloudflare
etag
W/"5f52e81c-3165"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ce19928bf14980e-FRA
cf-bgj
minify
CSS3DRenderer.js
ucloud.nxswl.cn/js/
4 KB
1 KB
Script
General
Full URL
https://ucloud.nxswl.cn/js/CSS3DRenderer.js
Requested by
Host: ucloud.nxswl.cn
URL: https://ucloud.nxswl.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:868e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
212c55524f7369a9c7b53724216933363439864c5813184d7f7053d3b7ff5dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ucloud.nxswl.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Sep 2020 17:16:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
0
cf-polished
origSize=5476
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0500de0d890000980e483fc200000001
last-modified
Sat, 05 Sep 2020 01:21:32 GMT
server
cloudflare
etag
W/"5f52e81c-1564"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5ce19928df36980e-FRA
cf-bgj
minify

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ucloud.nxswl.cn
URL
https://ucloud.nxswl.cn/js/three.min.js
Domain
ucloud.nxswl.cn
URL
https://ucloud.nxswl.cn/js/tween.min.js
Domain
ucloud.nxswl.cn
URL
https://ucloud.nxswl.cn/js/TrackballControls.js
Domain
ucloud.nxswl.cn
URL
https://ucloud.nxswl.cn/js/CSS3DRenderer.js

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| THREE object| _typeface_js object| TWEEN object| table object| camera object| scene object| renderer object| controls object| objects object| targets function| init function| transform function| onWindowResize function| animate function| render

1 Cookies

Domain/Path Name / Value
.nxswl.cn/ Name: __cfduid
Value: dcbe0a5258903a0af47c9835299f52c4c1599326186

1 Console Messages

Source Level URL
Text
console-api log URL: https://ucloud.nxswl.cn/js/CSS3DRenderer.js(Line 1)
Message:
THREE.CSS3DRenderer 67

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000