qcloud.bmy.com.cn Open in urlscan Pro
115.159.207.252 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qcloud.bmy.com.cn/login
Submission Tags: @phishunt_io
Submission: On February 26 via api (February 26th 2021, 6:38:27 pm UTC) from ES

Summary HTTP 10 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 115.159.207.252, located in China and belongs to . The main domain is qcloud.bmy.com.cn.
TLS certificate: Issued by TrustAsia TLS RSA CA on July 15th 2020. Valid for: a year.

This is the only time qcloud.bmy.com.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	115.159.207.252 115.159.207.252		() ()
3	2606:4700::68... 2606:4700::6810:125e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	3

3 115.159.207.252 (China)

ASN- ()

qcloud.bmy.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cloudflare.com cdnjs.cloudflare.com	78 KB
3	bmy.com.cn qcloud.bmy.com.cn	11 KB
0	bootcss.com Failed cdn.bootcss.com Failed
10	3

	Domain	Requested by
3	cdnjs.cloudflare.com	qcloud.bmy.com.cn cdnjs.cloudflare.com
3	qcloud.bmy.com.cn	qcloud.bmy.com.cn
0	cdn.bootcss.com Failed	qcloud.bmy.com.cn
10	3

This site contains no links.

Subject Issuer	Validity	Valid
qcloud.bmy.com.cn TrustAsia TLS RSA CA	`2020-07-15` - `2021-07-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qcloud.bmy.com.cn/login
Frame ID: ADF44446E8F15B18F881E6623B2C985F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

60 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

89 kB
Transfer

169 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set login Show response
qcloud.bmy.com.cn/ 4 KB
2 KB 1108ms
292ms Document
text/html 115.159.207.252

General

Check archive.org

Show headers Download Go to

Full URL: https://qcloud.bmy.com.cn/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.159.207.252 , China, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7f0c43c64626286d680aa35672a5a8f332ab8787e389bec327ec8dca92fc49bc

Request headers

Host: qcloud.bmy.com.cn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Date: Fri, 26 Feb 2021 18:38:08 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjhpWUZkNTVOZUJrVlFZd1hJZE5Hd2c9PSIsInZhbHVlIjoiTys0ZmF0cHB1UFBaa3FDakNZRHZYdkZIWnVJdzJCaWhKaHFkZlVnR1FzVnlyeGJPMkQyNUtVXC9UZk9YaUxhbTlTSHQzYmZQWFFZUzBya2NrN2NyRGRnPT0iLCJtYWMiOiIzOTg0OTQyNzBjOTliNjM5MzVhNmE0ZDQ2ZGNhOTBmYzM4YmNhN2VlYmZkNjc3ZTgxNjk3NzM2NjgxNTYxYTZiIn0%3D; expires=Fri, 26-Feb-2021 20:38:08 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImR6XC93ZzdsYjcrTFg5eHRaM0tGTmhnPT0iLCJ2YWx1ZSI6InZqMVVyOFJYeGczd3lJVnp1SFRXcm52SjFPdlRzUFJOemJtdm5tYjJEODJKMUViZ0RDMXdKMzRwZnNLczg0V0V5ZSs1WkVreUxWOTRJOUxHR1pvbGZnPT0iLCJtYWMiOiJmODYxZWZhNDIyNDZmODhmNWU3ZTJiZjllZTg5MjE0ZWJiMGQ3MTQyYzM0MGU4ZTkxYzIwZDkwMDIzMzViMGM1In0%3D; expires=Fri, 26-Feb-2021 20:38:08 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
5 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: qcloud.bmy.com.cn
URL: https://qcloud.bmy.com.cn/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://qcloud.bmy.com.cn/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 18:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1364545
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4972
cf-request-id: 08813b5a230000645be58f3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LgRSaTtPKa3W%2BbffTWU%2BE5DConkZNfJc6G17zcbtkdJWnafrZGb1LBSm2VAC52SyZ6t%2BCLY7VPfFlon66Ymxk6rSR16xQMFkGgG60f5KHobOLX8HE5GhL%2FUJP%2BOCmna5%2Fw%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627bc809d975645b-FRA
expires: Wed, 16 Feb 2022 18:38:08 GMT

GET
H2 200 ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 50 KB
7 KB 13ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css

Requested by

Host: qcloud.bmy.com.cn
URL: https://qcloud.bmy.com.cn/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://qcloud.bmy.com.cn/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 18:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 158261
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6642
cf-request-id: 08813b5a240000645bf513c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea8-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BEtDO5D3CijoG%2B4929mVXrxytpCQKEkLRuPa8CsgfPn%2B0eL4pHd72nmhNeJEDmiXuchYUtzjxQ%2BluVo7hxPLaUJMo6vSuoEd1TxuC2zxE8K0FBLUZ5oUbcsWK9CNR8%2Fcbg%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627bc809d976645b-FRA
expires: Wed, 16 Feb 2022 18:38:08 GMT

GET
H/1.1 200
OK jquery.validate.min.js Show response
qcloud.bmy.com.cn/js/lib/jquery-validation/ 23 KB
8 KB 265ms
264ms Script
application/javascript 115.159.207.252

General

Check archive.org

Show headers Download Go to

Full URL: https://qcloud.bmy.com.cn/js/lib/jquery-validation/jquery.validate.min.js
Requested by: Host: qcloud.bmy.com.cn
URL: https://qcloud.bmy.com.cn/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.159.207.252 , China, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Request headers

Referer: https://qcloud.bmy.com.cn/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 18:38:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 May 2017 06:45:46 GMT
Server: nginx
ETag: W/"5914089a-5a1e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Mar 2021 18:38:09 GMT

GET
H/1.1 200
OK messages_zh.js Show response
qcloud.bmy.com.cn/js/lib/jquery-validation/ 1 KB
1 KB 533ms
268ms Script
application/javascript 115.159.207.252

General

Check archive.org

Show headers Download Go to

Full URL: https://qcloud.bmy.com.cn/js/lib/jquery-validation/messages_zh.js
Requested by: Host: qcloud.bmy.com.cn
URL: https://qcloud.bmy.com.cn/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.159.207.252 , China, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ac55bc18db66a6d704533c827501993ecd5cb4339055c7d6ef30a84d6e6109e1

Request headers

Referer: https://qcloud.bmy.com.cn/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 18:38:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 May 2017 06:45:46 GMT
Server: nginx
ETag: W/"5914089a-53b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Mar 2021 18:38:09 GMT

GET bootstrap.min.css
cdn.bootcss.com/bootstrap/3.3.5/css/ 0
0

GET AdminLTE.min.css
cdn.bootcss.com/admin-lte/2.3.11/css/ 0
0

GET jquery.min.js
cdn.bootcss.com/jquery/1.11.3/ 0
0

GET bootstrap.min.js
cdn.bootcss.com/twitter-bootstrap/3.3.5/js/ 0
0

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 65 KB
66 KB 33ms
33ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://qcloud.bmy.com.cn
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 18:38:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 901772
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
cf-request-id: 08813b5a4300004e55de8f8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-10440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GuAXkS27c4RtJX5Lgc5TAsPQesZf8RWojJrkTMLyyoNELqK0y38QMcR02qpO3zKwenav84O4h0aRmSkTlIY9yZnvCxZHy5tInTZkn6nohulothFm4JL%2BeA%2BZbbhjlJEhZQ%3D%3D"}],"max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627bc80a08a64e55-FRA
expires: Wed, 16 Feb 2022 18:38:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.bootcss.com
URL: http://cdn.bootcss.com/bootstrap/3.3.5/css/bootstrap.min.css

Domain: cdn.bootcss.com
URL: http://cdn.bootcss.com/admin-lte/2.3.11/css/AdminLTE.min.css

Domain: cdn.bootcss.com
URL: http://cdn.bootcss.com/jquery/1.11.3/jquery.min.js

Domain: cdn.bootcss.com
URL: http://cdn.bootcss.com/twitter-bootstrap/3.3.5/js/bootstrap.min.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Laravel

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qcloud.bmy.com.cn/	1970-01-19 16:26:11	Name: laravel_session Value: eyJpdiI6ImR6XC93ZzdsYjcrTFg5eHRaM0tGTmhnPT0iLCJ2YWx1ZSI6InZqMVVyOFJYeGczd3lJVnp1SFRXcm52SjFPdlRzUFJOemJtdm5tYjJEODJKMUViZ0RDMXdKMzRwZnNLczg0V0V5ZSs1WkVreUxWOTRJOUxHR1pvbGZnPT0iLCJtYWMiOiJmODYxZWZhNDIyNDZmODhmNWU3ZTJiZjllZTg5MjE0ZWJiMGQ3MTQyYzM0MGU4ZTkxYzIwZDkwMDIzMzViMGM1In0%3D
			qcloud.bmy.com.cn/	1970-01-19 16:26:11	Name: XSRF-TOKEN Value: eyJpdiI6IjhpWUZkNTVOZUJrVlFZd1hJZE5Hd2c9PSIsInZhbHVlIjoiTys0ZmF0cHB1UFBaa3FDakNZRHZYdkZIWnVJdzJCaWhKaHFkZlVnR1FzVnlyeGJPMkQyNUtVXC9UZk9YaUxhbTlTSHQzYmZQWFFZUzBya2NrN2NyRGRnPT0iLCJtYWMiOiIzOTg0OTQyNzBjOTliNjM5MzVhNmE0ZDQ2ZGNhOTBmYzM4YmNhN2VlYmZkNjc3ZTgxNjk3NzM2NjgxNTYxYTZiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcss.com
cdnjs.cloudflare.com
qcloud.bmy.com.cn
cdn.bootcss.com
115.159.207.252
2606:4700::6810:125e
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
7f0c43c64626286d680aa35672a5a8f332ab8787e389bec327ec8dca92fc49bc
ac55bc18db66a6d704533c827501993ecd5cb4339055c7d6ef30a84d6e6109e1
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa