paper.tuisec.win Open in urlscan Pro
2400:cb00:2048:1::681b:9c27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paper.tuisec.win/detail/a6b7de76f34a58c
Submission: On September 13 via manual (September 13th 2018, 12:14:34 pm UTC) from BR

Summary HTTP 12 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2400:cb00:2048:1::681b:9c27, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is paper.tuisec.win.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 7th 2018. Valid for: 6 months.

This is the only time paper.tuisec.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2400:cb00:204... 2400:cb00:2048:1::681b:9c27	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	113.207.48.203 113.207.48.203	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
12	3

10 2400:cb00:2048:1::681b:9c27 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

paper.tuisec.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 113.207.48.203 (Chongqing, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tuisec.win paper.tuisec.win	76 KB
1	51.la js.users.51.la ia.51.la Failed	3 KB
12	2

	Domain	Requested by
10	paper.tuisec.win	paper.tuisec.win
1	js.users.51.la	paper.tuisec.win
0	ia.51.la Failed	paper.tuisec.win
12	3

This site contains links to these domains. Also see Links.

Domain
evi1cg.me
www.oracle.com
creativecommons.org

Subject Issuer	Validity	Valid
sni178209.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-07` - `2019-02-13`	6 months	crt.sh
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-03-19`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://paper.tuisec.win/detail/a6b7de76f34a58c
Frame ID: A66BE500576609F2C996387AAABF6AA5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

79 kB
Transfer

223 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://evi1cg.me/tag/cobaltstrike/
Title: cobaltstrike

Search URL Search Domain Scan URL

URL: http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
Title: java JDK

Search URL Search Domain Scan URL

URL: https://evi1cg.me/author/1/
Title: Evi1cg

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/
Title: 知识共享署名4.0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request a6b7de76f34a58c Show response paper.tuisec.win/detail/	7 KB 4 KB	579ms 537ms	Document text/html	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `21ca5ad30dc53fea6b5d6b648af70d4912a59f228ebc69ef03552114d0814924` Request headers :method GET :authority paper.tuisec.win :scheme https :path /detail/a6b7de76f34a58c pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id A66BE500576609F2C996387AAABF6AA5 Response headers status 200 date Thu, 13 Sep 2018 12:14:05 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844; expires=Fri, 13-Sep-19 12:14:04 GMT; path=/; domain=.tuisec.win; HttpOnly vary Accept-Encoding Accept-Encoding expires Fri, 14 Sep 2018 00:14:05 GMT cache-control max-age=43200 x-cache MISS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 459a880ee82d2b88-AMS content-encoding gzip
GET H2	200	highlight.min.js Show response paper.tuisec.win/static/js/	45 KB 20 KB	17ms 14ms	Script application/javascript	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/js/highlight.min.js Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c` Request headers :path /static/js/highlight.min.js pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 10 Jan 2018 14:39:36 GMT server cloudflare etag W/"5a5625a8-b3b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=2678400 cf-ray 459a88124acc2b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	base.css paper.tuisec.win/static/anf/	4 KB 1 KB	35ms 32ms	Stylesheet text/css	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/anf/base.css Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `30195aa50bda764384901170225112240897b9627a64e025041130d1f4fd5520` Request headers :path /static/anf/base.css pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify server cloudflare etag W/"596f26a2-116b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=2678400 cf-polished origSize=4459 last-modified Wed, 19 Jul 2017 09:30:10 GMT cf-ray 459a88124ace2b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	theme.css paper.tuisec.win/static/anf/	55 KB 10 KB	40ms 37ms	Stylesheet text/css	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/anf/theme.css Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `70b31ff1bf79f20356e2c77997a70bb000e8a66c50f46e092f01f08c468c6772` Request headers :path /static/anf/theme.css pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify server cloudflare etag W/"596f26a2-1072a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type text/css status 200 cache-control public, max-age=2678400 cf-polished origSize=67370 last-modified Wed, 19 Jul 2017 09:30:10 GMT cf-ray 459a88124acf2b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	no.css paper.tuisec.win/static/css/	4 KB 1 KB	21ms 19ms	Stylesheet text/css	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/css/no.css Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b5ccfb37f50681f505a602d784bb603f5cb6a7a4adc3dc474fa4f68dda40abc7` Request headers :path /static/css/no.css pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify server cloudflare etag W/"5ae9396f-14b7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type text/css status 200 cache-control public, max-age=2678400 cf-polished origSize=5303 last-modified Wed, 02 May 2018 04:07:11 GMT cf-ray 459a88124ad02b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	jquery.min.js Show response paper.tuisec.win/static/anf/	84 KB 33 KB	22ms 20ms	Script application/javascript	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/anf/jquery.min.js Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `2954921a29b75359c18ad9f244dfcc62d0725649e2d130934f8577052e0cb790` Request headers :path /static/anf/jquery.min.js pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 19 Jul 2017 09:30:10 GMT server cloudflare etag W/"596f26a2-14e7d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=2678400 cf-ray 459a88124ad12b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	waves.min.js Show response paper.tuisec.win/static/anf/	4 KB 2 KB	36ms 34ms	Script application/javascript	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/anf/waves.min.js Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `92f18637f6e7e3bd5249b98827dc8db480c2f79232fd35aac369c2d86ae3aaca` Request headers :path /static/anf/waves.min.js pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 19 Jul 2017 09:30:10 GMT server cloudflare etag W/"596f26a2-10c9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=2678400 cf-ray 459a88124ad22b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	zoom.min.js Show response paper.tuisec.win/static/anf/	4 KB 1 KB	38ms 37ms	Script application/javascript	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/anf/zoom.min.js Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f67df2310cee066fb6c1c27c97ec5b5efc748a1523490060a8097f7ea918dfd2` Request headers :path /static/anf/zoom.min.js pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 19 Jul 2017 09:30:10 GMT server cloudflare etag W/"596f26a2-1073" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=2678400 cf-ray 459a88124ad32b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H2	200	skin.js Show response paper.tuisec.win/static/anf/	11 KB 3 KB	39ms 38ms	Script application/javascript	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://paper.tuisec.win/static/anf/skin.js Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c2c3b81effee550cc59bee0f835ab2b2c295766ed9d8551da53f53f207e83481` Request headers :path /static/anf/skin.js pragma no-cache cookie __cfduid=d945768e44ea7da9d1a5e92292266ca151536840844 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 13 Sep 2018 12:14:05 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify server cloudflare etag W/"596f26a2-4b44" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=2678400 cf-polished origSize=19268 last-modified Wed, 19 Jul 2017 09:30:10 GMT cf-ray 459a88124ad42b88-AMS expires Sun, 14 Oct 2018 12:14:05 GMT
GET H/1.1	200 OK	19225774.js Show response js.users.51.la/	5 KB 3 KB	1053ms 322ms	Script application/javascript	113.207.48.203 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/19225774.js Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 113.207.48.203 Chongqing, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software NWSs / Resource Hash `95649305b849a87584e4b6c95d9177778901bd29244c597f52173dbaa34846a7` Request headers Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Sep 2018 12:14:06 GMT Content-Encoding gzip X-Cache-Lookup Hit From Disktank3 Gz, Hit From Inner Cluster Last-Modified Wed, 12 Sep 2018 09:30:00 GMT Server NWSs Content-Type application/javascript;charset=utf-8 X-NWS-LOG-UUID 55c615dc-86d9-40bf-a70d-5e53fbdeb661 Cache-Control max-age=600 X-Daa-Tunnel hop_count=1 Content-Disposition inline;filename=f.txt Connection keep-alive Content-Length 2306 Expires Thu, 13 Sep 2018 12:24:05 GMT
GET		go1 ia.51.la/	0 0

GET H2	204	ga.php paper.tuisec.win/ga/	0 274 B	276ms 276ms	Image text/plain	2400:cb00:2048:1::681b:9c27 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://paper.tuisec.win/ga/ga.php?dt=CS%20teamserver.bat%20-%20Evi1cg%27s%20blog&dr=&ul=en-US&sd=24-bit&sr=1600x1200&vp=1600x1200&z=1536840846218 Requested by Host: paper.tuisec.win URL: https://paper.tuisec.win/detail/a6b7de76f34a58c Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681b:9c27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.20 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers :path /ga/ga.php?dt=CS%20teamserver.bat%20-%20Evi1cg%27s%20blog&dr=&ul=en-US&sd=24-bit&sr=1600x1200&vp=1600x1200&z=1536840846218 pragma no-cache cookie __tins__19225774=%7B%22sid%22%3A%201536840846217%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201536842646217%7D; __51cke__=; __51laig__=1 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority paper.tuisec.win referer https://paper.tuisec.win/detail/a6b7de76f34a58c :scheme https :method GET Referer https://paper.tuisec.win/detail/a6b7de76f34a58c User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Thu, 13 Sep 2018 12:14:06 GMT server cloudflare x-powered-by PHP/5.6.20 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 204 cache-control no-cache, max-age=0 set-cookie __cfduid=d361c4b7bfa2c63a7fa0f02ec9d480b6e1536840846; expires=Fri, 13-Sep-19 12:14:06 GMT; path=/; domain=.tuisec.win; HttpOnly uuid=83a80307-ed8d-6c65-2d6d-60c9dae90ea1; expires=Fri, 17-May-2030 09:34:06 GMT; Max-Age=368400000 cf-ray 459a8818e8652b88-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ia.51.la
URL: https://ia.51.la/go1?id=19225774&rt=1536840846217&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1536840846217&tt=CS%2520teamserver.bat%2520-%2520Evi1cg%27s%2520blog&kw=&cu=https%253A%252F%252Fpaper.tuisec.win%252Fdetail%252Fa6b7de76f34a58c&pu=

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
paper.tuisec.win
ia.51.la
113.207.48.203
2400:cb00:2048:1::681b:9c27
21ca5ad30dc53fea6b5d6b648af70d4912a59f228ebc69ef03552114d0814924
2954921a29b75359c18ad9f244dfcc62d0725649e2d130934f8577052e0cb790
30195aa50bda764384901170225112240897b9627a64e025041130d1f4fd5520
70b31ff1bf79f20356e2c77997a70bb000e8a66c50f46e092f01f08c468c6772
92f18637f6e7e3bd5249b98827dc8db480c2f79232fd35aac369c2d86ae3aaca
95649305b849a87584e4b6c95d9177778901bd29244c597f52173dbaa34846a7
b5ccfb37f50681f505a602d784bb603f5cb6a7a4adc3dc474fa4f68dda40abc7
c2c3b81effee550cc59bee0f835ab2b2c295766ed9d8551da53f53f207e83481
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f67df2310cee066fb6c1c27c97ec5b5efc748a1523490060a8097f7ea918dfd2
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c

paper.tuisec.win Open in urlscan Pro 2400:cb00:2048:1::681b:9c27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

79 kBTransfer

223 kBSize

0 Cookies

4 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

paper.tuisec.win Open in urlscan Pro
2400:cb00:2048:1::681b:9c27 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

79 kB
Transfer

223 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions