urlscan.io logo urlscan.io
SecurityTrails logo

csxcx.kpicloud.cn Open in urlscan Pro
27.155.98.140  Public Scan

Go To Rescan Add Verdict Report
URL: https://csxcx.kpicloud.cn/
Submission Tags: @phishunt_io
Submission: On March 26 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 27.155.98.140, located in China and belongs to CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN. The main domain is csxcx.kpicloud.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on March 26th 2021. Valid for: a year.
This is the only time csxcx.kpicloud.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27.155.98.140 133774 (CHINATELE...)
2 162.159.236.77 13335 (CLOUDFLAR...)
4 3
Apex Domain
Subdomains		 Transfer
2 topthink.com
e.topthink.com
4 KB
1 kpicloud.cn
csxcx.kpicloud.cn
8 KB
0 qq.com Failed
tajs.qq.com Failed
4 3
Domain Requested by
2 e.topthink.com csxcx.kpicloud.cn
e.topthink.com
1 csxcx.kpicloud.cn
0 tajs.qq.com Failed csxcx.kpicloud.cn
4 3

This site contains links to these domains. Also see Links.

Domain
www.qiniu.com
e.topthink.com
Subject Issuer Validity Valid
csxcx.kpicloud.cn
Encryption Everywhere DV TLS CA - G1		 2021-03-26 -
2022-03-26		 a year crt.sh
e.topthink.com
TrustAsia TLS RSA CA		 2020-12-31 -
2021-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://csxcx.kpicloud.cn/
Frame ID: 0D87C94844B3FFA77A10ED3A5D1A8A6D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

12 kB
Transfer

35 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
csxcx.kpicloud.cn/ 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csxcx.kpicloud.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.155.98.140 , China, ASN133774 (CHINATELECOM-FUJIAN-FUZHOU-IDC1 Fuzhou, CN),
Reverse DNS
Software
nginx /
Resource Hash
eb1f53a177b1e51dbc8e9fe8554e2c0f350ff486d996316cb38218e119896cdd

Request headers

Host
csxcx.kpicloud.cn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Fri, 26 Mar 2021 10:00:12 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
stats
tajs.qq.com/ 		0
0
client.js
e.topthink.com/Public/static/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.topthink.com/Public/static/client.js
Requested by
Host: csxcx.kpicloud.cn
URL: https://csxcx.kpicloud.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.236.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
yunjiasu-nginx /
Resource Hash
43ffac8d56cdbde2f23e5f6895fdd5ce6bc21cbd61868ff53b37704364668fe0

Request headers

Referer
https://csxcx.kpicloud.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 10:00:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 09:25:41 GMT
server
yunjiasu-nginx
age
3515
etag
W/"2529-5a36504328f40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kRtrhYjsT9isOuzwUgFa30ys6SKAOnasJnIcSVk0AedzIVCbz6oMn2kU11ZI0LAMagr0XPODMLUBM7stDkBslORPGGZVDyNX38v41Ejl2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
635f88143ba37363-CPH
cf-request-id
090f9360a400007363738f9000000001
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83171ce6831197c0f77fd1ab8b4795a6064b60f0376341672e2e989a5b2cef19

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
846f676a751142fccaed31408d0ba2be2769208c71987a41a374b2855c90d71d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ad_bd568ce7058a1091
e.topthink.com/api/basic/ 		861 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e.topthink.com/api/basic/ad_bd568ce7058a1091?callback=callback_0_39140888463791224&_t=0.29883271166291214
Requested by
Host: e.topthink.com
URL: https://e.topthink.com/Public/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.236.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
yunjiasu-nginx /
Resource Hash
9f8689210b4312f14bdd7c28089178028b7923a8502d8d854379a4d08ce26251

Request headers

Referer
https://csxcx.kpicloud.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 10:00:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
yunjiasu-nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KLeNQaRCEUt8Cc3O8IqgPQLkmUMuCp4XOIMXYKCiHHVOdoUDMEkEM4Lxj8bkUsxtE5Buuy3QFrGJRr3QuMKsvmKPH5di91lkcxogP5fcGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
635f8816c89d7363-CPH
cf-request-id
090f93623b0000736364987000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tajs.qq.com
URL
https://tajs.qq.com/stats?sId=9347272

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| _thinkAd object| thinkHelper function| callback_0_39140888463791224

1 Cookies

Domain/Path Name / Value
csxcx.kpicloud.cn/ Name: thinkphp_show_page_trace
Value: 0|0