ccuw304261.ytu4zf.cn Open in urlscan Pro
156.251.50.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d1egd0j4cvcgnq.cloudfront.net/rUES
Effective URL:
http://ccuw304261.ytu4zf.cn/rUES
Submission: On May 03 via api (May 3rd 2024, 7:18:43 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 156.251.50.185, located in Hong Kong and belongs to TERAEXCH, US. The main domain is ccuw304261.ytu4zf.cn.

This is the only time ccuw304261.ytu4zf.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	108.138.2.23 108.138.2.23	16509 (AMAZON-02) (AMAZON-02)
5	156.251.50.185 156.251.50.185	399077 (TERAEXCH) (TERAEXCH)
11	3

4 108.138.2.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-23.fra56.r.cloudfront.net

d1egd0j4cvcgnq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 156.251.50.185 (Hong Kong)

ASN399077 (TERAEXCH, US)

ccuw304261.ytu4zf.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ytu4zf.cn ccuw304261.ytu4zf.cn	165 KB
4	cloudfront.net d1egd0j4cvcgnq.cloudfront.net	38 KB
11	2

	Domain	Requested by
5	ccuw304261.ytu4zf.cn	d1egd0j4cvcgnq.cloudfront.net ccuw304261.ytu4zf.cn
4	d1egd0j4cvcgnq.cloudfront.net	d1egd0j4cvcgnq.cloudfront.net
11	2

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ccuw304261.ytu4zf.cn/rUES
Frame ID: DE9C5ADA48C19B55FA5C0FBB5818F9D0
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

U蓝

Page URL History Show full URLs

https://d1egd0j4cvcgnq.cloudfront.net/rUES Page URL
http://ccuw304261.ytu4zf.cn/rUES HTTP 307
https://ccuw304261.ytu4zf.cn/rUES HTTP 307
http://ccuw304261.ytu4zf.cn/rUES Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

36 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

203 kB
Transfer

522 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d1egd0j4cvcgnq.cloudfront.net/rUES Page URL
http://ccuw304261.ytu4zf.cn/rUES HTTP 307
https://ccuw304261.ytu4zf.cn/rUES HTTP 307
http://ccuw304261.ytu4zf.cn/rUES Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	rUES Show response d1egd0j4cvcgnq.cloudfront.net/	2 KB 2 KB	523ms 453ms	Document text/html	108.138.2.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1egd0j4cvcgnq.cloudfront.net/rUES Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-23.fra56.r.cloudfront.net Software cloudflare / Resource Hash `ee141530ac078319124c84197783ca7dec92cf620dcc2e48ca88544c8762462e` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 87de7a6c68569759-FRA content-encoding gzip content-type text/html date Fri, 03 May 2024 07:18:39 GMT last-modified Mon, 11 Mar 2024 17:30:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyOGJbK3plnU2guxN3acZeOAZdEvZjEfCDBqftP5pW16WAUSKJtCZ9F0JVl%2B7mfb%2Fk4US4xNWEdDHDI5IL5wl9NErlGX0ALT6dJTf1VcvRO7uF5zDOqmjvFb1UqPsOWd8L00hw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront) x-amz-cf-id sPz1vn2qGscxA-EvUxRIcXVrugeBYzue6moG7116lpzq6EqsBZjZ5A== x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront
GET H2	200	jquery.min.js Show response d1egd0j4cvcgnq.cloudfront.net/	94 KB 33 KB	73ms 72ms	Script application/javascript	108.138.2.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1egd0j4cvcgnq.cloudfront.net/jquery.min.js Requested by Host: d1egd0j4cvcgnq.cloudfront.net URL: https://d1egd0j4cvcgnq.cloudfront.net/rUES Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-23.fra56.r.cloudfront.net Software cloudflare / Resource Hash `e803df6fcc964b62126953b82e4cb95c2b79429c538a06f9964cc5e8f11069ea` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d1egd0j4cvcgnq.cloudfront.net/rUES Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 07:18:39 GMT content-encoding gzip via 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-P6 x-cache RefreshHit from cloudfront last-modified Mon, 11 Mar 2024 17:30:52 GMT server cloudflare etag W/"65ef3fcc-176d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1qVaMDOsM8Rd4cMGlQc2hafUb0utoZnnTSUvWHfQB%2B67e3fEiJMlmN%2B7%2BKgt5xxbDBAQqOGS04XKRxO%2B5UxSuJO7BYI%2FJ7VAx1NmkjHTPHsaaZa%2FB9zHD1mrINQFS3dm9zDHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 87d3dc5e2c6e9f29-FRA x-amz-cf-id X8XRIPm74rM8_gxwtIBATy9nNPEWTs-3zS5aqDnM-liY_R5vz5NeBw==
POST H2	200	web d1egd0j4cvcgnq.cloudfront.net/un/	71 B 801 B	249ms 249ms	XHR text/html	108.138.2.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1egd0j4cvcgnq.cloudfront.net/un/web Requested by Host: d1egd0j4cvcgnq.cloudfront.net URL: https://d1egd0j4cvcgnq.cloudfront.net/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-23.fra56.r.cloudfront.net Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept / Referer https://d1egd0j4cvcgnq.cloudfront.net/rUES X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 07:18:39 GMT content-encoding gzip via 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront) cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-cf-pop FRA56-P6 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuog4C9Ow0COSAkTmvc6lurcFWoJSKLGKiiK9JvDfQ%2B9dtzt8K6eVjoEKA%2BboifQcKU%2FvsmngW8etKedslkVHh5R7o7TtBMS6x3Xc%2FEcUC2VsyFPF7QJxlFQf51NpzQ8oj3jgg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=utf-8 access-control-allow-origin https://d1egd0j4cvcgnq.cloudfront.net x-cache Miss from cloudfront access-control-allow-credentials true cf-ray 87de7a6fdbfe364a-FRA x-amz-cf-id qRT33ZFX2HhncGpIBKH0vKiqyuNoqz4rZMicL7NRVF-LhpfN6lIBqQ==
GET H2	200	favicon.ico d1egd0j4cvcgnq.cloudfront.net/	2 KB 2 KB	44ms 44ms	Other text/html	108.138.2.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1egd0j4cvcgnq.cloudfront.net/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-23.fra56.r.cloudfront.net Software cloudflare / Resource Hash `ee141530ac078319124c84197783ca7dec92cf620dcc2e48ca88544c8762462e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d1egd0j4cvcgnq.cloudfront.net/rUES Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 07:18:39 GMT content-encoding gzip via 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-P6 x-cache RefreshHit from cloudfront last-modified Mon, 11 Mar 2024 17:30:52 GMT server cloudflare etag "65ef3fcc-9d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaVjiXg0%2FrPbVeRf2qW0BiAfqgz6qZGpujaCbampTiTTnqDvmoa7UwY9sLWfq77zfU93GKzdf09SmalOCgEF%2FUeAx6%2BgVq%2FxhzTsAp9x%2FXbRdyvzdA1IgSJy0Hpgjg%2FVlpzvJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 87d3f2c3ffde4d97-FRA x-amz-cf-id kGjegUT3ZW-JieZ2LkZbKRpQyGQdIxvSIpAjxlSidOC_doeWpCUvqg==
GET H/1.1	200 OK	Primary Request rUES Show response ccuw304261.ytu4zf.cn/ Redirect Chain http://ccuw304261.ytu4zf.cn/rUES https://ccuw304261.ytu4zf.cn/rUES http://ccuw304261.ytu4zf.cn/rUES	3 KB 2 KB	366ms 366ms	Document text/html	156.251.50.185 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://ccuw304261.ytu4zf.cn/rUES Requested by Host: d1egd0j4cvcgnq.cloudfront.net URL: https://d1egd0j4cvcgnq.cloudfront.net/rUES Protocol HTTP/1.1 Server 156.251.50.185 , Hong Kong, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash `93bbe408b2c706a1e51e501c088c80baa100593685a1f9a909d7b4bb3ac2b8b7` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 03 May 2024 07:18:41 GMT ETag W/"65f01257-b53" Last-Modified Tue, 12 Mar 2024 08:29:11 GMT Server NgxFence Transfer-Encoding chunked X-Cache DYNAMIC Redirect headers Location http://ccuw304261.ytu4zf.cn/rUES Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	2.b123a3e6.chunk.css ccuw304261.ytu4zf.cn/static/css/	9 KB 3 KB	330ms 329ms	Stylesheet text/css	156.251.50.185 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://ccuw304261.ytu4zf.cn/static/css/2.b123a3e6.chunk.css Requested by Host: ccuw304261.ytu4zf.cn URL: http://ccuw304261.ytu4zf.cn/rUES Protocol HTTP/1.1 Server 156.251.50.185 , Hong Kong, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash `b5500215b59580a7331fe0d38991acc594947709e83b602b141d9b8454d35034` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://ccuw304261.ytu4zf.cn/rUES User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Date Fri, 03 May 2024 07:18:41 GMT Content-Encoding gzip Last-Modified Tue, 12 Mar 2024 08:29:08 GMT Server NgxFence ETag W/"65f01254-2509" Transfer-Encoding chunked X-Cache HIT Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	main.b123a3e6.chunk.css ccuw304261.ytu4zf.cn/static/css/	14 KB 4 KB	644ms 322ms	Stylesheet text/css	156.251.50.185 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://ccuw304261.ytu4zf.cn/static/css/main.b123a3e6.chunk.css Requested by Host: ccuw304261.ytu4zf.cn URL: http://ccuw304261.ytu4zf.cn/rUES Protocol HTTP/1.1 Server 156.251.50.185 , Hong Kong, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash `33f1559ee44b58a649ab819412995fb01fa0af46a902e739c0112a05caa382d6` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://ccuw304261.ytu4zf.cn/rUES User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Date Fri, 03 May 2024 07:18:42 GMT Content-Encoding gzip Last-Modified Tue, 12 Mar 2024 08:29:08 GMT Server NgxFence ETag W/"65f01254-37e8" Transfer-Encoding chunked X-Cache HIT Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	2.8b03b8b7.js Show response ccuw304261.ytu4zf.cn/static/js/	380 KB 148 KB	646ms 324ms	Script application/javascript	156.251.50.185 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://ccuw304261.ytu4zf.cn/static/js/2.8b03b8b7.js Requested by Host: ccuw304261.ytu4zf.cn URL: http://ccuw304261.ytu4zf.cn/rUES Protocol HTTP/1.1 Server 156.251.50.185 , Hong Kong, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash `49ff646602e6c49868dd2e9563af11cdd3068a3bc60b20af71133a15aeb9e529` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://ccuw304261.ytu4zf.cn/rUES User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Date Fri, 03 May 2024 07:18:42 GMT Content-Encoding gzip Last-Modified Tue, 12 Mar 2024 08:29:08 GMT Server NgxFence ETag W/"65f01254-5f166" Transfer-Encoding chunked X-Cache HIT Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	main.8b03b8b7.js Show response ccuw304261.ytu4zf.cn/static/js/	17 KB 8 KB	657ms 329ms	Script application/javascript	156.251.50.185 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://ccuw304261.ytu4zf.cn/static/js/main.8b03b8b7.js Requested by Host: ccuw304261.ytu4zf.cn URL: http://ccuw304261.ytu4zf.cn/rUES Protocol HTTP/1.1 Server 156.251.50.185 , Hong Kong, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash `c9f97f1adb378e5e4a242c77225176864440670b4a2a5b2075e922c3463d4997` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://ccuw304261.ytu4zf.cn/rUES User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Date Fri, 03 May 2024 07:18:42 GMT Content-Encoding gzip Last-Modified Tue, 12 Mar 2024 08:29:09 GMT Server NgxFence ETag W/"65f01255-4421" Transfer-Encoding chunked X-Cache HIT Content-Type application/javascript Connection keep-alive
GET		info ccuw304261.ytu4zf.cn/pc/web/	0 0

GET		favicon.ico ccuw304261.ytu4zf.cn/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ccuw304261.ytu4zf.cn
URL: http://ccuw304261.ytu4zf.cn/pc/web/info

Domain: ccuw304261.ytu4zf.cn
URL: http://ccuw304261.ytu4zf.cn/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonpreact-pwa

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ccuw304261.ytu4zf.cn
d1egd0j4cvcgnq.cloudfront.net
ccuw304261.ytu4zf.cn
108.138.2.23
156.251.50.185
33f1559ee44b58a649ab819412995fb01fa0af46a902e739c0112a05caa382d6
49ff646602e6c49868dd2e9563af11cdd3068a3bc60b20af71133a15aeb9e529
93bbe408b2c706a1e51e501c088c80baa100593685a1f9a909d7b4bb3ac2b8b7
b5500215b59580a7331fe0d38991acc594947709e83b602b141d9b8454d35034
c9f97f1adb378e5e4a242c77225176864440670b4a2a5b2075e922c3463d4997
e803df6fcc964b62126953b82e4cb95c2b79429c538a06f9964cc5e8f11069ea
ee141530ac078319124c84197783ca7dec92cf620dcc2e48ca88544c8762462e

ccuw304261.ytu4zf.cn Open in urlscan Pro 156.251.50.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

36 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

203 kBTransfer

522 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

ccuw304261.ytu4zf.cn Open in urlscan Pro
156.251.50.185 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

36 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

203 kB
Transfer

522 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions