urlscan.io logo urlscan.io
SecurityTrails logo

user.secwu.com Open in urlscan Pro
38.47.50.29  Public Scan

Go To Rescan Add Verdict Report
URL: https://user.secwu.com/
Submission: On November 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 38.47.50.29, located in United States and belongs to HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK. The main domain is user.secwu.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 15th 2022. Valid for: a year.
This is the only time user.secwu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 38.47.50.29 150337 (HKPENG-AS...)
1 79.133.177.251 24429 (TAOBAO Zh...)
1 36.27.223.51 136190 (CHINATELE...)
2 2401:b180:700... 37963 (ALIBABA-C...)
1 2408:4001:f00... 37963 (ALIBABA-C...)
10 5
5    38.47.50.29 (United States)

ASN150337 (HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK)
user.secwu.com
1    79.133.177.251 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com
1    36.27.223.51 (Yiwu, China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
userapi.ruisuyun.cn
2    2401:b180:7003::1ac (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
gm.mmstat.com
1    2408:4001:f00::37 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cf.aliyun.com
Apex Domain
Subdomains		 Transfer
5 secwu.com
user.secwu.com
2 MB
2 mmstat.com
gm.mmstat.com — Cisco Umbrella Rank: 13849
417 B
1 aliyun.com
cf.aliyun.com — Cisco Umbrella Rank: 39681
244 B
1 ruisuyun.cn
userapi.ruisuyun.cn
627 B
1 alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 6869
37 KB
10 5
Domain Requested by
5 user.secwu.com user.secwu.com
2 gm.mmstat.com
1 cf.aliyun.com g.alicdn.com
1 userapi.ruisuyun.cn user.secwu.com
1 g.alicdn.com user.secwu.com
10 5

This site contains no links.

Subject Issuer Validity Valid
user.secwu.com
Encryption Everywhere DV TLS CA - G1		 2022-11-15 -
2023-11-14		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-22 -
2023-08-06		 a year crt.sh
*.ruisuyun.cn
Sectigo RSA Domain Validation Secure Server CA		 2022-07-11 -
2023-08-11		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-18 -
2023-08-19		 a year crt.sh
*.aliyun.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-08-24 -
2022-12-20		 4 months crt.sh

This page contains 1 frames:

Primary Page: https://user.secwu.com/
Frame ID: EF2C9DED43D129DA54128BDCA60353D8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

云防护系统

Page Statistics

10
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2218 kB
Transfer

9418 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
user.secwu.com/ 		591 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user.secwu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.47.50.29 , United States, ASN150337 (HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software
Waf /
Resource Hash
e2cb4e371f1fce40bb43ddf3ba320240e556cc7d66d0df70b74e9c4949e0236e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 15 Nov 2022 07:48:22 GMT
etag
W/"636c66ed-24f"
last-modified
Thu, 10 Nov 2022 02:50:21 GMT
server
Waf
vary
Accept-Encoding
index.js
g.alicdn.com/sd/nch5/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/sd/nch5/index.js?t=2020072809
Requested by
Host: user.secwu.com
URL: https://user.secwu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.251 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e1e616e66cc940825d7a25dd9f975fa3e2ba123009d44bedfbf4753cc94384ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:47:27 GMT
content-encoding
gzip
via
cache21.l2de2[0,0,200-0,H], cache23.l2de2[1,0], cache23.l2de2[1,0], cache10.de3[0,0,200-0,H], cache8.de3[1,0]
x-oss-request-id
6373440F10A93F39324E916A
content-md5
xr4bQj/vO3rtOQJfKwNc9w==
age
56
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:13:507763037
x-swift-savetime
Tue, 15 Nov 2022 07:47:27 GMT
content-length
36917
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1668498447
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
8494546801772201043
eagleid
4f85b19c16684985032312534e
x-oss-server-time
4
app.8d3b56f805dcfb8cc7ef13441669d4ea.css
user.secwu.com/static/css/ 		774 KB
161 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://user.secwu.com/static/css/app.8d3b56f805dcfb8cc7ef13441669d4ea.css
Requested by
Host: user.secwu.com
URL: https://user.secwu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.47.50.29 , United States, ASN150337 (HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software
Waf /
Resource Hash
9874f68c650d351728caa6e012445bc137eaf843e333af0bc8ccf08820c63b37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:48:22 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 02:49:51 GMT
server
Waf
etag
W/"636c66cf-c160a"
vary
Accept-Encoding
x-cache
from user.secwu.com
content-type
text/css
manifest.913a30ba4f131762f91f.js
user.secwu.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.secwu.com/static/js/manifest.913a30ba4f131762f91f.js
Requested by
Host: user.secwu.com
URL: https://user.secwu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.47.50.29 , United States, ASN150337 (HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software
Waf /
Resource Hash
425713cb241018cc02f45cea5beddcaa64e81e81197e4b8a003677cf1fffb387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:48:22 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 02:49:55 GMT
server
Waf
etag
W/"636c66d3-690"
vary
Accept-Encoding
x-cache
from user.secwu.com
content-type
application/javascript
vendor.e46ee44b1cba60ac7399.js
user.secwu.com/static/js/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.secwu.com/static/js/vendor.e46ee44b1cba60ac7399.js
Requested by
Host: user.secwu.com
URL: https://user.secwu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.47.50.29 , United States, ASN150337 (HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software
Waf /
Resource Hash
25ae221947bbc1a7a325561e9707845d5846226a55bd477c9a477213e4d1919d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:48:22 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 02:49:56 GMT
server
Waf
etag
W/"636c66d4-79a901"
vary
Accept-Encoding
x-cache
from user.secwu.com
content-type
application/javascript
app.11aee0c796e303f49fbb.js
user.secwu.com/static/js/ 		720 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.secwu.com/static/js/app.11aee0c796e303f49fbb.js
Requested by
Host: user.secwu.com
URL: https://user.secwu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.47.50.29 , United States, ASN150337 (HKPENG-AS-AP PENG CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software
Waf /
Resource Hash
37b6482943b0f49fc8940f9df4d5424aa5b8320a4ba92e1a0690b03c3e4ceb99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:48:22 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 02:49:55 GMT
server
Waf
etag
W/"636c66d3-b3f32"
vary
Accept-Encoding
x-cache
from user.secwu.com
content-type
application/javascript
getSysByDomain
userapi.ruisuyun.cn/rs/commonRest/ 		606 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://userapi.ruisuyun.cn/rs/commonRest/getSysByDomain?domainName=user.secwu.com
Requested by
Host: user.secwu.com
URL: https://user.secwu.com/static/js/vendor.e46ee44b1cba60ac7399.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.27.223.51 Yiwu, China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Waf /
Resource Hash
cc61e01faf7610969ad05f0d73e61a32e9fbce2c19d5ec9ecd961c227077d55d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://user.secwu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:48:27 GMT
content-encoding
gzip
server
Waf
vary
Accept-Encoding
x-cache
from userapi.ruisuyun.cn
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://user.secwu.com
access-control-allow-credentials
true
x-application-context
lw_project:docker:8888
fsp.1.1
gm.mmstat.com/ 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm.mmstat.com/fsp.1.1?code=13&msg=init%20monitor%3B&pid=sufeiPunish&page=https%3A%2F%2Fuser.secwu.com%2Flogin&query=&hash=&referrer=&title=%E4%BA%91%E9%98%B2%E6%8A%A4%E7%B3%BB%E7%BB%9F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&c1=FFFF0N000000000094EA%3A1668498507229%3A0.8033626902809672&c2=FFFF0N000000000094EA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::1ac , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:48:28 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
fsp.1.1
gm.mmstat.com/ 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm.mmstat.com/fsp.1.1?code=13&msg=Timeout_null%3B&pid=sufeiPunish&page=https%3A%2F%2Fuser.secwu.com%2Flogin&query=&hash=&referrer=&title=%E4%BA%91%E9%98%B2%E6%8A%A4%E7%B3%BB%E7%BB%9F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&c1=FFFF0N000000000094EA%3A1668498507229%3A0.8033626902809672&c2=FFFF0N000000000094EA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::1ac , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 07:48:28 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
initialize.jsonp
cf.aliyun.com/nocaptcha/ 		79 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.aliyun.com/nocaptcha/initialize.jsonp?a=FFFF0N000000000094EA&t=FFFF0N000000000094EA%3A1668498507229%3A0.8033626902809672&scene=nc_login&lang=cn&v=v1.2.20&href=https%3A%2F%2Fuser.secwu.com%2Flogin&comm=%7B%22cntp%22%3A%22undefined%22%2C%22cneftp%22%3A%224g%22%2C%22btryc%22%3Atrue%2C%22btryl%22%3A1%7D&callback=__jsonp_1939526148
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/sd/nch5/index.js?t=2020072809
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2408:4001:f00::37 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
227e5e802ad029cc937966881d8a71ab543ef2fdb5358ed516f9c2d8c7e528f8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.secwu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 07:48:28 GMT
strict-transport-security
max-age=0
server
Tengine/Aserver
content-type
text/javascript;charset=UTF-8
content-language
zh-CN
timing-allow-origin
*
content-length
79
eagleeye-traceid
2127a4f616684985081317918e710a

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| UA_Opt function| __nch5 function| NoCaptcha function| webpackJsonp object| __core-js_shared__ function| setImmediate function| clearImmediate object| $cookies object| regeneratorRuntime

2 Cookies

Domain/Path Name / Value
user.secwu.com/ Name: uselang
Value: cn
.mmstat.com/ Name: sca
Value: b29c633c