auth.novcu.com Open in urlscan Pro
43.129.244.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.novcu.com/
Submission: On October 22 via automatic, source certstream-suspicious (October 22nd 2021, 11:11:59 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 43.129.244.39, located in Japan and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is auth.novcu.com.
TLS certificate: Issued by R3 on October 22nd 2021. Valid for: 3 months.

This is the only time auth.novcu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	43.129.244.39 43.129.244.39	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2402:4e00:183... 2402:4e00:1830:12fc:0:93c1:d63c:6e70	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
13	3

11 43.129.244.39 (Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

auth.novcu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2402:4e00:1830:12fc:0:93c1:d63c:6e70 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

q.qlogo.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	novcu.com auth.novcu.com	981 KB
1	qlogo.cn q.qlogo.cn	4 KB
0	111ttt.cn Failed mp.111ttt.cn Failed
13	3

	Domain	Requested by
11	auth.novcu.com	auth.novcu.com
1	q.qlogo.cn	auth.novcu.com
0	mp.111ttt.cn Failed	auth.novcu.com
13	3

This site contains no links.

Subject Issuer	Validity	Valid
auth.novcu.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.qpic.cn GlobalSign Organization Validation CA - SHA256 - G2	`2021-04-26` - `2022-05-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://auth.novcu.com/
Frame ID: 63A6166184C72B4E8D87886F88316AF0
Requests: 1 HTTP requests in this frame

Frame: https://auth.novcu.com/index/v3/
Frame ID: B1BB13796076B1BADDD746C21D081C69
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Six云授权系统

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

985 kB
Transfer

1074 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth.novcu.com/ 719 B
635 B 649ms
212ms Document
text/html 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.novcu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

840d027784cc5737f18bb5384dcac365236364f9b3b08e0b8fe13b12d7b93e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: auth.novcu.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 22 Oct 2021 11:11:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip

GET
H2 200 / Show response
auth.novcu.com/index/v3/ Frame B1BB 4 KB
2 KB 220ms
220ms Document
text/html 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.novcu.com/index/v3/

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

a68563b86133cd38de8ebb7a0e64b844ed960168318c78c127f6be3821cf2016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: auth.novcu.com
:scheme: https
:path: /index/v3/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth.novcu.com/
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/

Response headers

server: nginx
date: Fri, 22 Oct 2021 11:11:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip

GET
H2 200 main.css
auth.novcu.com/index/v3/css/ Frame B1BB 14 KB
4 KB 210ms
209ms Stylesheet
text/css 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.novcu.com/index/v3/css/main.css

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

5c2c87397482d94dc61a1a2c2f99353215fb0aaee442127d51b2e315e5d029db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/css/main.css
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
content-encoding: gzip
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: W/"5f77f6f9-37ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 22 Oct 2021 23:11:54 GMT

GET
H/1.1 200
OK headimg_dl
q.qlogo.cn/ Frame B1BB 4 KB
4 KB 969ms
268ms Image
image/jpeg 2402:4e00:1830:12fc:0:93c1:d63c:6e70
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q.qlogo.cn/headimg_dl?bs=qq&dst_uin=461313128&src_uin=sixcloud.co&fid=blog&spec=100
Requested by: Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2402:4e00:1830:12fc:0:93c1:d63c:6e70 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 40d70f16941be70f3c70b32be7876639c07b22c9c01e85a75fa6b7822484a89c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-DataSrc: 0
Date: Fri, 22 Oct 2021 11:11:55 GMT
Size: 3874
Connection: keep-alive
Content-Length: 3874
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Wed, 20 Jan 2021 23:13:51 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
chid: 0
X-Delay: 43422 us
Cache-Control: max-age=2592000
X-BCheck: 1611155631_0
X-NWS-LOG-UUID: ecb48566-bcee-46bc-9df2-1a8e995fd25d
Content-Type: image/jpeg

GET
H2 200 jquery.min.js Show response
auth.novcu.com/index/v3/js/ Frame B1BB 115 KB
40 KB 411ms
410ms Script
application/javascript 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.novcu.com/index/v3/js/jquery.min.js

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

bd5a3278f54f3a977dda3f06f21bc1e1bd451c5a44a91e1aea94a2d4db60e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/js/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
content-encoding: gzip
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: W/"5f77f6f9-1cb87"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 22 Oct 2021 23:11:54 GMT

GET
H2 200 su.js Show response
auth.novcu.com/index/v3/js/ Frame B1BB 5 KB
2 KB 614ms
613ms Script
application/javascript 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.novcu.com/index/v3/js/su.js

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

f1dcadbce1e20bc681ba16b67eac20a8cafdcdc0784725403a9d7490ca67546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/js/su.js
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
content-encoding: gzip
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: W/"5f77f6f9-14ab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 22 Oct 2021 23:11:54 GMT

GET
H2 200 snowfall.js Show response
auth.novcu.com/index/v3/js/ Frame B1BB 287 B
501 B 614ms
614ms Script
application/javascript 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.novcu.com/index/v3/js/snowfall.js

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

cd125bb2882921fb5b271caab5dc792f72c0fcd88be831cb10ed0f8ab1e02d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/js/snowfall.js
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: "5f77f6f9-11f"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 287
expires: Fri, 22 Oct 2021 23:11:54 GMT

GET
H2 200 cursor.png
auth.novcu.com/index/v3/img/ Frame B1BB 11 KB
11 KB 403ms
402ms Image
image/png 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.novcu.com/index/v3/img/cursor.png

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

71225c5ac766737321a15574687b7471d9a38818ba41a0b35dcb2c80d672464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/img/cursor.png
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: "5f77f6f9-2ae7"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10983
expires: Sun, 21 Nov 2021 11:11:54 GMT

GET
H2 200 main.css
auth.novcu.com/index/v3/css/ Frame B1BB 14 KB
14 KB 410ms
409ms Image
text/css 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.novcu.com/index/v3/css/main.css

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/css/main.css
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
content-encoding: gzip
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: W/"5f77f6f9-37ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 22 Oct 2021 23:11:54 GMT

GET
H2 200 bg.jpg
auth.novcu.com/index/v3/img/ Frame B1BB 792 KB
793 KB 411ms
411ms Image
image/jpeg 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.novcu.com/index/v3/img/bg.jpg

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/css/main.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

745a73f0bbb3baad5417746565201333f4554b8c75be85806817dd2a90520c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/img/bg.jpg
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: "5f77f6f9-c5eec"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 810732
expires: Sun, 21 Nov 2021 11:11:54 GMT

GET
H2 200 1kBpid.png
auth.novcu.com/index/v3/img/ Frame B1BB 112 KB
112 KB 592ms
592ms Image
image/png 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.novcu.com/index/v3/img/1kBpid.png

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

bae9b2e84d4e8b807d1e75e0fa42c50e9246110af6feaf951d98b9591f0a5f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/img/1kBpid.png
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:54 GMT
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: "5f77f6f9-1c078"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 114808
expires: Sun, 21 Nov 2021 11:11:54 GMT

GET 6836375.mp3
mp.111ttt.cn/mp3music/ Frame B1BB 0
0

GET
H2 200 1.png
auth.novcu.com/index/v3/img/ Frame B1BB 3 KB
3 KB 366ms
366ms Image
image/png 43.129.244.39
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.novcu.com/index/v3/img/1.png

Requested by

Host: auth.novcu.com
URL: https://auth.novcu.com/index/v3/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.129.244.39 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

nginx /

Resource Hash

f90a338231aa9eedc45392b9b2c2a55077ba332dbe736552e8c986367f3bd4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /index/v3/img/1.png
pragma: no-cache
cookie: PHPSESSID=2akli4cmeug9ek1d2h4ta18mmj
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: auth.novcu.com
referer: https://auth.novcu.com/index/v3/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.novcu.com/index/v3/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:11:55 GMT
last-modified: Sat, 03 Oct 2020 03:58:49 GMT
server: nginx
etag: "5f77f6f9-b24"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2852
expires: Sun, 21 Nov 2021 11:11:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mp.111ttt.cn
URL: https://mp.111ttt.cn/mp3music/6836375.mp3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.novcu.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2akli4cmeug9ek1d2h4ta18mmj

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://auth.novcu.com/index/v3/ Message: Mixed Content: The page at 'https://auth.novcu.com/index/v3/' was loaded over HTTPS, but requested an insecure element 'http://q.qlogo.cn/headimg_dl?bs=qq&dst_uin=461313128&src_uin=sixcloud.co&fid=blog&spec=100'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://auth.novcu.com/index/v3/ Message: Mixed Content: The page at 'https://auth.novcu.com/index/v3/' was loaded over HTTPS, but requested an insecure element 'http://q.qlogo.cn/headimg_dl?bs=qq&dst_uin=461313128&src_uin=sixcloud.co&fid=blog&spec=100'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://auth.novcu.com/index/v3/ Message: Mixed Content: The page at 'https://auth.novcu.com/index/v3/' was loaded over HTTPS, but requested an insecure element 'http://mp.111ttt.cn/mp3music/6836375.mp3'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://mp.111ttt.cn/mp3music/6836375.mp3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.novcu.com
mp.111ttt.cn
q.qlogo.cn
mp.111ttt.cn
2402:4e00:1830:12fc:0:93c1:d63c:6e70
43.129.244.39
40d70f16941be70f3c70b32be7876639c07b22c9c01e85a75fa6b7822484a89c
5c2c87397482d94dc61a1a2c2f99353215fb0aaee442127d51b2e315e5d029db
71225c5ac766737321a15574687b7471d9a38818ba41a0b35dcb2c80d672464e
745a73f0bbb3baad5417746565201333f4554b8c75be85806817dd2a90520c77
840d027784cc5737f18bb5384dcac365236364f9b3b08e0b8fe13b12d7b93e1d
a68563b86133cd38de8ebb7a0e64b844ed960168318c78c127f6be3821cf2016
bae9b2e84d4e8b807d1e75e0fa42c50e9246110af6feaf951d98b9591f0a5f82
bd5a3278f54f3a977dda3f06f21bc1e1bd451c5a44a91e1aea94a2d4db60e851
cd125bb2882921fb5b271caab5dc792f72c0fcd88be831cb10ed0f8ab1e02d2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1dcadbce1e20bc681ba16b67eac20a8cafdcdc0784725403a9d7490ca67546b
f90a338231aa9eedc45392b9b2c2a55077ba332dbe736552e8c986367f3bd4d4

auth.novcu.com Open in urlscan Pro 43.129.244.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

985 kBTransfer

1074 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

auth.novcu.com Open in urlscan Pro
43.129.244.39 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

985 kB
Transfer

1074 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions