work.weixin.qq.com Open in urlscan Pro
203.205.219.90  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request h5 Show response work.weixin.qq.com/wework_admin/user/	21 KB 6 KB	1802ms 305ms	Document text/html	203.205.219.90 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.219.90 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash 6e9a398fddddd0e134970498615f89607223e97e475cba880dc211ef4deea91a Security Headers Name Value Content-Security-Policy script-src 'self' hm.baidu.com tongji.baidu.com *.google-analytics.com https://apis.google.com *.gtimg.com *.gtimg.cn *.qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp Request headers :method GET :authority work.weixin.qq.com :scheme https :path /wework_admin/user/h5 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 server nginx date Fri, 06 Sep 2019 16:12:39 GMT content-type text/html; charset=utf-8 vary Accept-Encoding content-security-policy script-src 'self' hm.baidu.com tongji.baidu.com *.google-analytics.com https://apis.google.com *.gtimg.com *.gtimg.cn *.qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp set-cookie wwrtx.i18n_lan=zh-cn; Path=/; Expires=Wed, 14 Jun 2017 07:00:00 GMT wwrtx.i18n_lan_key=zh-cn; Path=/; Expires=Wed, 14 Jun 2017 07:00:00 GMT wwrtx.ref=direct; Domain=.work.weixin.qq.com; Path=/; HttpOnly wwrtx.refid=153315900175990; Domain=.work.weixin.qq.com; Path=/; HttpOnly etag W/"7KnOajxFK5RQzDD6fp1G6g==" content-encoding gzip
GET H2	200	mobile$016775bb.css wwcdn.weixin.qq.com/node/wwmng/wwmng/style/css/	57 KB 8 KB	1874ms 264ms	Stylesheet text/css	150.109.207.114 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://wwcdn.weixin.qq.com/node/wwmng/wwmng/style/css/mobile$016775bb.css Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.114 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash bcd95d3c0872756aa31bd2cc89b85ac5e2fc01b2dc9891d86373dda8aa79d6dc Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:41 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 24 Jul 2019 02:27:00 GMT server NWSs status 200 content-type text/css access-control-allow-origin * cache-control max-age=315360000 x-nws-log-uuid 8188a098-4d8f-4c30-a16a-37a37744e4b1 timing-allow-origin * content-length 7858 expires Mon, 03 Sep 2029 16:12:40 GMT
GET H2	200	aq_common.js Show response js.aq.qq.com/js/	6 KB 3 KB	1596ms 266ms	Script application/javascript	203.205.158.62 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://js.aq.qq.com/js/aq_common.js Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.158.62 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash cc424e90de3fd0f14a47b5adc4b35eaa8dcd46b72a330e7e12f98dfa7a8953be Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:40 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Thu, 14 Feb 2019 06:24:21 GMT server NWSs content-type application/javascript status 200 cache-control max-age=600 x-nws-log-uuid 43323909-9cfd-465a-bbcd-5ee8df0ef40a content-length 2731 expires Fri, 06 Sep 2019 16:22:39 GMT
GET H2	200	jweixin-1.0.0.js Show response res.wx.qq.com/open/js/	9 KB 3 KB	762ms 252ms	Script application/x-javascript	150.109.206.115 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://res.wx.qq.com/open/js/jweixin-1.0.0.js Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.206.115 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash 3bc108ab00c1662daea7ab8f1328304667adf3335fbf5fb5ff65156decc0b3c1 Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:40 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 04 Sep 2019 18:10:00 GMT server NWSs status 200 content-type application/x-javascript access-control-allow-origin http://open.weixin.qq.com cache-control must-revalidate, max-age=31536000 x-nws-log-uuid cf1ad12a-772f-4631-8e9e-306056d754b9 content-length 3212 expires Sat, 05 Sep 2020 16:12:39 GMT
GET H2	200	wxCheckInstall$82a27e1b.js Show response wwcdn.weixin.qq.com/node/wwmng/wwmng/js/lib/	2 KB 1 KB	1874ms 265ms	Script application/x-javascript	150.109.207.114 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://wwcdn.weixin.qq.com/node/wwmng/wwmng/js/lib/wxCheckInstall$82a27e1b.js Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.114 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash edc031086d427b52d4323efb88ab3969d4ebb63891ac3960d19f310834a696b0 Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:41 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Thu, 25 Jul 2019 05:38:15 GMT server NWSs status 200 content-type application/x-javascript access-control-allow-origin * cache-control max-age=315360000 x-nws-log-uuid aea71c7e-25d5-4382-8d28-70ec271ab4b0 timing-allow-origin * content-length 929 expires Mon, 03 Sep 2029 16:12:40 GMT
GET H2	200	wxUtils$a3f210c7.js Show response wwcdn.weixin.qq.com/node/wwmng/wwmng/js/lib/	5 KB 2 KB	1875ms 266ms	Script application/x-javascript	150.109.207.114 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://wwcdn.weixin.qq.com/node/wwmng/wwmng/js/lib/wxUtils$a3f210c7.js Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.114 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash 7ae703556c8f30d69c6e1802d3245f32968eb317be7dfdb473b7eacbd762caef Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:41 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Thu, 25 Jul 2019 05:38:15 GMT server NWSs status 200 content-type application/x-javascript access-control-allow-origin * cache-control max-age=315360000 x-nws-log-uuid 7037facd-8fbe-41c8-8b4e-c198349433cc timing-allow-origin * content-length 1597 expires Mon, 03 Sep 2029 16:12:40 GMT
GET H2	200	bj-report-tryjs.min$596c06b4.js Show response wwcdn.weixin.qq.com/node/wwmng/wwmng/js/3rd/badjs/	9 KB 4 KB	1876ms 267ms	Script application/x-javascript	150.109.207.114 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://wwcdn.weixin.qq.com/node/wwmng/wwmng/js/3rd/badjs/bj-report-tryjs.min$596c06b4.js Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.114 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash 34721f4d3954f60e62f98111f5fceb0ea7d8f01884aa5c52543793fcb64f836a Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:41 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Thu, 25 Jul 2019 05:38:14 GMT server NWSs status 200 content-type application/x-javascript access-control-allow-origin * cache-control max-age=315360000 x-nws-log-uuid 9ac8f260-8732-492e-a24e-bb77541f82c7 timing-allow-origin * content-length 3585 expires Mon, 03 Sep 2029 16:12:40 GMT
GET H2	200	mobile.b8157838e4$6f5a06d9.png wwcdn.weixin.qq.com/node/wwmng/wwmng/style/images/	22 KB 22 KB	250ms 250ms	Image image/png	150.109.207.114 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://wwcdn.weixin.qq.com/node/wwmng/wwmng/style/images/mobile.b8157838e4$6f5a06d9.png Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.114 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash dcd48fbb928b3820873b8cfce7485d91d8628df7d26ef36b7020d7a1c43d5da3 Request headers Sec-Fetch-Mode no-cors Referer https://wwcdn.weixin.qq.com/node/wwmng/wwmng/style/css/mobile$016775bb.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:41 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 03 Apr 2019 12:00:17 GMT server NWSs content-type image/png status 200 cache-control max-age=315360000 x-nws-log-uuid 30255cde-74bc-4d83-afce-e823c5491cf5 content-length 22261 expires Mon, 03 Sep 2029 16:12:40 GMT
GET H2	200	GrayWordLogo$ab28af68.png wwcdn.weixin.qq.com/node/wwmng/wwmng/style/images/independent/logo/	1 KB 2 KB	250ms 250ms	Image image/png	150.109.207.114 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://wwcdn.weixin.qq.com/node/wwmng/wwmng/style/images/independent/logo/GrayWordLogo$ab28af68.png Requested by Host: work.weixin.qq.com URL: https://work.weixin.qq.com/wework_admin/user/h5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.114 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash 55aeb2473797e8c6cb01ce41db5b0f26136128f4c74cba4e6ec3f203b845c49a Request headers Sec-Fetch-Mode no-cors Referer https://work.weixin.qq.com/wework_admin/user/h5 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 06 Sep 2019 16:12:41 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 03 Apr 2019 12:00:16 GMT server NWSs status 200 content-type image/png access-control-allow-origin * cache-control max-age=315360000 x-nws-log-uuid f3ced1ea-9504-487d-9467-03af9bf259d3 timing-allow-origin * content-length 1309 expires Mon, 03 Sep 2029 16:12:40 GMT

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| RES_CDN object| jWeixin object| wx function| versionCompare object| appIDs string| ua function| clickCheckWeworkInstall string| WEIXIN_CLIENT_VERSION number| wxworkAndroidVersionCode function| checkWeworkInstall function| launchWWByAppID function| launchWWByScheme function| wxJSBridgeReady object| wxUtils object| BJ_REPORT function| androidDownload4wx function| S undefined| downloadEl object| lang object| bodyDOM

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.work.weixin.qq.com/	1969-12-31 23:59:59	Name: wwrtx.refid Value: 153315900175990
			.work.weixin.qq.com/	1969-12-31 23:59:59	Name: wwrtx.ref Value: direct

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' hm.baidu.com tongji.baidu.com *.google-analytics.com https://apis.google.com *.gtimg.com *.gtimg.cn *.qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.aq.qq.com
res.wx.qq.com
work.weixin.qq.com
wwcdn.weixin.qq.com
150.109.206.115
150.109.207.114
203.205.158.62
203.205.219.90
34721f4d3954f60e62f98111f5fceb0ea7d8f01884aa5c52543793fcb64f836a
3bc108ab00c1662daea7ab8f1328304667adf3335fbf5fb5ff65156decc0b3c1
55aeb2473797e8c6cb01ce41db5b0f26136128f4c74cba4e6ec3f203b845c49a
6e9a398fddddd0e134970498615f89607223e97e475cba880dc211ef4deea91a
7ae703556c8f30d69c6e1802d3245f32968eb317be7dfdb473b7eacbd762caef
bcd95d3c0872756aa31bd2cc89b85ac5e2fc01b2dc9891d86373dda8aa79d6dc
cc424e90de3fd0f14a47b5adc4b35eaa8dcd46b72a330e7e12f98dfa7a8953be
dcd48fbb928b3820873b8cfce7485d91d8628df7d26ef36b7020d7a1c43d5da3
edc031086d427b52d4323efb88ab3969d4ebb63891ac3960d19f310834a696b0