urlscan.io logo urlscan.io
SecurityTrails logo

lwnrf.cn Open in urlscan Pro
172.67.165.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://lwnrf.cn/center/l/LUOwLOper/5nrmk34afq0t
Submission: On December 23 via manual from CN — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 172.67.165.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is lwnrf.cn.
TLS certificate: Issued by WE1 on December 18th 2024. Valid for: 3 months.
This is the only time lwnrf.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.165.21 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
1 lwnrf.cn
lwnrf.cn
1 KB
0 mdxele.com Failed
mdxele.com Failed
2 2
Domain Requested by
1 lwnrf.cn
0 mdxele.com Failed lwnrf.cn
2 2

This site contains no links.

Subject Issuer Validity Valid
lwnrf.cn
WE1		 2024-12-18 -
2025-03-18		 3 months crt.sh

This page contains 1 frames:

Frame: mailto://dengwei@mdxele.com?bcc=mupgxn0brgoe@qsxyl.com
Frame ID: 9014A95179AB573CB5B4FAB6E5B1CB89
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

opening E-mail clients...

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5nrmk34afq0t
lwnrf.cn/center/l/LUOwLOper/ 		593 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lwnrf.cn/center/l/LUOwLOper/5nrmk34afq0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.165.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb342271696e8bfc78f7c4e34e71d82516579dfc3eda73d8d314fffd8203517
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

ali-swift-global-savetime
1734949381
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f67a23e5b5ad34e-FRA
content-encoding
zstd
content-md5
dp1WFe1600p57rYbRnHOOw==
content-type
text/html
date
Mon, 23 Dec 2024 10:23:01 GMT
eagleid
a3b5839a17349493808801832e
last-modified
Mon, 04 Nov 2024 01:51:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDbWXFSRLLnmFntcxkLD5o7TD9Dq1u%2FrLmcGZq%2F7u%2Bi%2F99DppZ5Wy37ckugQ%2BM9i4P4afzFwo7fV%2BOtS%2F%2BLkhfwTfHeat1Vm7VvxRNdHfyLkBacC338CwCHGBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31235&min_rtt=31049&rtt_var=4990&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4505&delivery_rate=497&cwnd=12000&unsent_bytes=0&cid=48cbc7d0e2bdc5a8&ts=687&x=1" cfExtPri cfHdrFlush;dur=0
timing-allow-origin
*
vary
Accept-Encoding
via
cache21.l2so158-1[15,15,200-0,M], cache54.l2so158-1[17,0], cache54.l2so158-1[17,0], ens-cache7.de7[616,615,200-0,M], ens-cache6.de7[620,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-content-type-options
nosniff
x-oss-cdn-auth
success
x-oss-hash-crc64ecma
14396726945066975589
x-oss-object-type
Normal
x-oss-request-id
67693A05EC0F103338E8CA69
x-oss-server-time
9
x-oss-storage-class
Standard
x-swift-cachetime
0
x-swift-savetime
Mon, 23 Dec 2024 10:23:01 GMT
dengwei@mdxele.com
/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mdxele.com
URL
mailto:dengwei@mdxele.com?bcc=mupgxn0brgoe@qsxyl.com

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| url number| idx string| sid

0 Cookies

1 Console Messages

Source Level URL
Text
other error URL: https://lwnrf.cn/center/l/LUOwLOper/5nrmk34afq0t
Message:
Not allowed to launch 'mailto:dengwei@mdxele.com?bcc=mupgxn0brgoe@qsxyl.com' because a user gesture is required.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lwnrf.cn
mdxele.com
mdxele.com
172.67.165.21
3bb342271696e8bfc78f7c4e34e71d82516579dfc3eda73d8d314fffd8203517