urlscan.io logo urlscan.io
SecurityTrails logo

html.ecqun.com Open in urlscan Pro
175.24.254.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r1067943.ubigene.net/c/l?u=BBC1BFE&e=11D85E2&c=104BA7&t=0&l=58F5C943&email=7sAjdx4gWiUIl1uCdkSehg8o2jSupuqpq%2BY0UTwz...
Effective URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=1...
Submission Tags: phishing malicious Search All
Submission: On January 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 175.24.254.193, located in China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is html.ecqun.com.
TLS certificate: Issued by GeoTrust CN RSA CA G1 on August 17th 2020. Valid for: a year.
This is the only time html.ecqun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.38.25.206 16509 (AMAZON-02)
1 175.24.254.193 45090 (CNNIC-TEN...)
8 211.152.136.41 132203 (TENCENT-N...)
4 115.159.141.150 45090 (CNNIC-TEN...)
6 212.129.162.249 45090 (CNNIC-TEN...)
1 47.246.43.223 24429 (TAOBAO Zh...)
24 6
1    52.38.25.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-25-206.us-west-2.compute.amazonaws.com
r1067943.ubigene.net
1    175.24.254.193 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
html.ecqun.com
8    211.152.136.41 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.staticec.com
1.staticec.com
4    115.159.141.150 (Beijing, China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
kf.ecqun.com
6    212.129.162.249 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
kf.workec.com
ecfk.workec.com
1    47.246.43.223 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ec-web.staticec.com
Domain Requested by
6 1.staticec.com html.ecqun.com
4 ecfk.workec.com 1.staticec.com
4 kf.ecqun.com 1.staticec.com
2 kf.workec.com 1.staticec.com
2 www.staticec.com html.ecqun.com
www.staticec.com
1 ec-web.staticec.com html.ecqun.com
1 html.ecqun.com
1 r1067943.ubigene.net 1 redirects
0 eccollect1.workec.com Failed www.staticec.com
24 9

This site contains links to these domains. Also see Links.

Domain
www.scrm.com
Subject Issuer Validity Valid
*.ecqun.com
GeoTrust CN RSA CA G1		 2020-08-17 -
2021-09-16		 a year crt.sh
*.staticec.com
GeoTrust CN RSA CA G1		 2020-07-07 -
2021-09-06		 a year crt.sh
*.workec.com
GeoTrust RSA CN CA G2		 2020-10-28 -
2021-11-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Frame ID: EC66EF9F5CC3381E55F87AF803D915D1
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r1067943.ubigene.net/c/l?u=BBC1BFE&e=11D85E2&c=104BA7&t=0&l=58F5C943&email=7sAjdx4gWiUIl1uCdkSehg... HTTP 302
    https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

24
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

9
Subdomains

6
IPs

2
Countries

529 kB
Transfer

1629 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r1067943.ubigene.net/c/l?u=BBC1BFE&e=11D85E2&c=104BA7&t=0&l=58F5C943&email=7sAjdx4gWiUIl1uCdkSehg8o2jSupuqpq%2BY0UTwzGiU%3D&seq=1 HTTP 302
    https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request openwin.html
html.ecqun.com/kf/sdk/
Redirect Chain
  • http://r1067943.ubigene.net/c/l?u=BBC1BFE&e=11D85E2&c=104BA7&t=0&l=58F5C943&email=7sAjdx4gWiUIl1uCdkSehg8o2jSupuqpq%2BY0UTwzGiU%3D&seq=1
  • https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
175.24.254.193 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx / qcloudlnmp-6
Resource Hash
04a150d4050ab33a80e9c8cf616927f0ce47aaab29ec1e64528a571b67df2140

Request headers

:method
GET
:authority
html.ecqun.com
:scheme
https
:path
/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 28 Jan 2021 14:49:34 GMT
content-type
text/html
last-modified
Wed, 13 Jan 2021 11:10:52 GMT
etag
W/"5ffed53c-7be"
expires
Thu, 28 Jan 2021 14:54:34 GMT
cache-control
max-age=300
x-powered-by
qcloudlnmp-6
x-request-id
82fba3dabb9566d45f737cd8cba9f969
content-encoding
gzip

Redirect headers

Date
Thu, 28 Jan 2021 14:49:32 GMT
Content-Type
text/html; charset=utf-8
Content-Length
376
Connection
keep-alive
Cache-Control
private
Location
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Server
Microsoft-IIS/10.0
Set-Cookie
ASP.NET_SessionId=xcdjisnzzhcodtogkvg4htkw; domain=bmetrack.com; path=/; HttpOnly; SameSite=Lax sourcetracking=sourceid=0&phrase=%2fc%2fl%3fu%3dBBC1BFE%26e%3d11D85E2%26c%3d104BA7%26t%3d0%26l%3d58F5C943%26email%3d7sAjdx4gWiUIl1uCdkSehg8o2jSupuqpq%2bY0UTwzGiU%3d%26seq%3d1&refurl=&searchphrase=u%3dBBC1BFE%26e%3d11D85E2%26c%3d104BA7%26t%3d0%26l%3d58F5C943%26email%3d7sAjdx4gWiUIl1uCdkSehg8o2jSupuqpq%2bY0UTwzGiU%3d%26seq%3d1; expires=Fri, 28-May-2021 13:49:32 GMT; path=/
X-AspNet-Version
4.0.30319
X-XSS-Protection
0
sugoio_and_badjs.js
www.staticec.com/api/scripts/node_report/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staticec.com/api/scripts/node_report/sugoio_and_badjs.js?_ev=201709141542
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
876399677476421fdb8ad880ffa3e6adba0bb38f7e03c60d30422a94d4a5fde6

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Wed, 13 Jan 2021 07:03:49 GMT
server
NWS_Oversea_AP
content-type
application/javascript
cache-control
max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
c04b1a3f-f7b9-4625-b8cf-b3a098242b12
accept-ranges
bytes
content-length
3150
expires
Sat, 27 Feb 2021 14:49:34 GMT
pv_jsapi.20181119.js
1.staticec.com/my/comm/js/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.staticec.com/my/comm/js/pv_jsapi.20181119.js
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
d7a410be86c6337881730a88e205e1d59de2dba872da3f1929c5a9c56d61bbbe

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Wed, 20 Nov 2019 10:56:06 GMT
server
NWS_Oversea_AP
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
d71018e4-afc6-4cb8-ad3d-8cc476c80aae
accept-ranges
bytes
content-length
6197
expires
Sat, 27 Feb 2021 14:49:34 GMT
dll.redux_legacy.js
1.staticec.com/common/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.staticec.com/common/js/dll.redux_legacy.js?b69548f25c8be4dcc0f4
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
6190adfad6fe7f75aec4291629211bb638b20cf5d7f7cbc0b440d6a7236436ac

Request headers

Origin
https://html.ecqun.com
Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 13 Jan 2021 11:10:51 GMT
server
NWS_Oversea_AP
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3700ad0d-6fea-432b-830e-b8af994c1c9b
content-length
5631
expires
Sat, 27 Feb 2021 14:49:34 GMT
dll.react_legacy.js
1.staticec.com/common/js/ 		211 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.staticec.com/common/js/dll.react_legacy.js?f799e588df70ac29755b
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
b1d31d66426a15e54d02d16afa7251e103335be0d498de2cc669a462da8b1496

Request headers

Origin
https://html.ecqun.com
Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 13 Jan 2021 11:10:51 GMT
server
NWS_Oversea_AP
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
cf946fb5-7c7b-44a8-a53d-aa6157096768
content-length
56493
expires
Sat, 27 Feb 2021 14:49:34 GMT
ec_cs_session.js
1.staticec.com/kf/sdk/js/ 		836 KB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
192a3009b6e08acdbb3189ec324a1b0a0c6c3f50f9872d86d923216c521bf867

Request headers

Origin
https://html.ecqun.com
Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Wed, 20 Jan 2021 10:55:04 GMT
server
NWS_Oversea_AP
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
x-daa-tunnel
hop_count=1
x-nws-log-uuid
2d01b94d-0c6c-4694-95b5-9e385df719b7
content-length
311937
expires
Thu, 28 Jan 2021 14:59:34 GMT
sugoio.20180117.js
www.staticec.com/api/scripts/node_report/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.staticec.com/api/scripts/node_report/sugoio.20180117.js
Requested by
Host: www.staticec.com
URL: https://www.staticec.com/api/scripts/node_report/sugoio_and_badjs.js?_ev=201709141542
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
dc4f371f3235bf531a1ae7a006b871efe211b760d16eeebf83f040ee92146402

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 13 Jan 2021 11:10:42 GMT
server
NWS_Oversea_AP
content-type
application/javascript
cache-control
max-age=2592000
x-nws-log-uuid
cf09904e-405a-4afa-b8cc-7eb04dedc55e
content-length
46652
expires
Sat, 27 Feb 2021 14:49:34 GMT
init
kf.ecqun.com/index/talk/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kf.ecqun.com/index/talk/init?CorpID=11756362&corpid=11756362&groupid=8055&deviceType=0&cstype=special&referUrl=&cskey=REDefr4wSgStRe9PsJ&scheme=1&storage=&guid=&origin=1&csid=11756363&callback=getJSON_16118453750320_3113111213091948
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
115.159.141.150 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx / qcloudlnmp-4
Resource Hash
51d341452a7755b4956ad4518f666dada1e970b6331390e95f761d0937e7c329

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 28 Jan 2021 14:49:41 GMT
content-encoding
gzip
server
nginx
x-powered-by
qcloudlnmp-4
p3p
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cache-control
no-store, no-cache, must-revalidate, private, must-revalidate
content-type
text/javascript; charset=UTF-8
x-request-id
9e47b6b94bfac33264f3e29ea36ef6f7
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
page-categories-deployed
eccollect1.workec.com/api/sdk/desktop/ 		0
0
getQrCode
kf.workec.com/v10/cs/robot/csInfo/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://kf.workec.com/v10/cs/robot/csInfo/getQrCode
Protocol
H2
Server
212.129.162.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,corpid,cskey,guid,x-xsrf-token
Origin
https://html.ecqun.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 28 Jan 2021 14:49:43 GMT
content-length
0
access-control-allow-origin
https://html.ecqun.com
access-control-allow-methods
POST,GET, OPTIONS, DELETE,PUT,PATCH
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With,Content-Type,Accept,Cookie,X-XSRF-TOKEN,corpId,cskey,guid
access-control-allow-credentials
true
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-request-id
518d862422e4e5a06beb45dfc4c2cf81
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ce811fb8fe31c87cab9b0a270e5b8b61fbf31b78df6b6a1c79356cc18100a4a

Request headers

Origin
https://html.ecqun.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
getsig
kf.ecqun.com/index/talk/ 		477 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kf.ecqun.com/index/talk/getsig?corpid=11756362&guid=376330091&cskey=REDefr4wSgStRe9PsJ&storage=nufx5DYwjLZZSm5oMYVHPH42Lf%2FlO3FJA84Vxp1%2FrEvPhm1wF7hADxyw%2BL2zisUv2vY96Pjn7wj2rAnavNH0ZpQo3hpRKhu3V%2BALhpKjNonnvf5KGwCPEg%3D%3D&callback=getJSON_16118453814780_24217345594293405
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
115.159.141.150 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx / qcloudlnmp-1
Resource Hash
db13b2db70e0aafb9a25e2c9e94816b0120ea766400a92553414e6483f91bae7

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 28 Jan 2021 14:49:41 GMT
content-encoding
gzip
server
nginx
x-powered-by
qcloudlnmp-1
p3p
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cache-control
no-store, no-cache, must-revalidate, private, must-revalidate
content-type
text/javascript; charset=UTF-8
x-request-id
10bcb6c0866a9f3a9bcc9218a03fa7d7
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
getQrCode
kf.workec.com/v10/cs/robot/csInfo/ 		54 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kf.workec.com/v10/cs/robot/csInfo/getQrCode
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.129.162.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
39c209d3b9a3d523341dbd8f2b8af3301eaed44672306902b28043359c833ee0

Request headers

corpId
11756362
guid
376330091
X-XSRF-TOKEN
eyJpdiI6IkwzN1orSFM0ZWljU3lKUVNoRXprZ0E9PSIsInZhbHVlIjoiSU1SRWNcL1dVaEdLYmQ5Ukxib3hQcG91djVTUTduOEROZ05zbFZCRVM3Mlp3eU1rZUxRSTNQRU5ybWZqRGhvaHpxRzd2OTgwMmlhbDJuR0FUY0h1bENnPT0iLCJtYWMiOiJjZjYxMDExNjk1ZjBkZjc4NDA1ODI5ZGVkZGY5ZTYwMzNmN2I4MGU4NGUwYzJhNDNiMzVmZTFjZTlhZDhkZjU1In0=
cskey
REDefr4wSgStRe9PsJ
Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Jan 2021 14:49:44 GMT
content-encoding
gzip
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,GET, OPTIONS, DELETE,PUT,PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://html.ecqun.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With,Content-Type,Accept,Cookie,X-XSRF-TOKEN,corpId,cskey,guid
x-request-id
c34cbb107057a36ec2eae8d2779b267c
arrow-down.png
1.staticec.com/kf/sdk/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.staticec.com/kf/sdk/image/arrow-down.png
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
fb03765633e121eb928979efc174f13ba5deeb6fe15a9f276482c1919a93f06b

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:41 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
last-modified
Wed, 13 Jan 2021 11:10:52 GMT
server
NWS_Oversea_AP
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
3e73ea4e-be29-4415-b55f-2984005cbfab
content-length
15500
expires
Sat, 27 Feb 2021 14:49:40 GMT
fb29ae6aec0a14d5009e8dfbc4afb048
ec-web.staticec.com/face/11756362/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ec-web.staticec.com/face/11756362/fb29ae6aec0a14d5009e8dfbc4afb048?x-oss-process=image/resize,m_lfit,h_150,w_150&1581927654
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.223 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
098cf47b954070cebfc5c32ec29964f41cd6e61d8a09b36013227095048e2793

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:42 GMT
via
cache21.l2ot7-1[371,304-0,M], cache27.l2ot7-1[372,0], cache27.l2ot7-1[373,0], cache4.de2[1127,200-0,H], cache10.de2[1129,0]
x-oss-request-id
6012CF06E3DF743138B52E21
age
0
x-cache
HIT TCP_REFRESH_HIT dirn:11:444533334
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Thu, 28 Jan 2021 14:49:42 GMT
content-length
37445
x-oss-object-type
Normal
last-modified
Mon, 17 Feb 2020 08:20:54 GMT
server
Tengine
etag
"CEA8063A7AEE6ECB4B9CD71BEABF6F77"
ali-swift-global-savetime
1582090738
content-type
image/png
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
1524549527896596845
eagleid
2ff62b9e16118453816266896e
reminder.wav
1.staticec.com/kf/common/audios/ 		288 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://1.staticec.com/kf/common/audios/reminder.wav
Requested by
Host: html.ecqun.com
URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.41 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 28 Jan 2021 14:49:41 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Wed, 13 Jan 2021 11:10:52 GMT
server
NWS_Oversea_AP
access-control-allow-origin
*
content-type
application/octet-stream
Content-Range
bytes 0-294967/294968
cache-control
max-age=3600
x-nws-log-uuid
d73533c0-75ea-4710-a9ba-c0324f87de3a
Content-Length
294968
expires
Thu, 28 Jan 2021 15:49:40 GMT
truncated
/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e73dffa8111d6983159431f0db04002ed071b3a5e6df7454801967a0529a94d

Request headers

Origin
https://html.ecqun.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
upstatus
ecfk.workec.com/ 		102 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ecfk.workec.com/upstatus?Status=3&CorpID=11756362&VisitorID=376330091&CustomerID=11756363&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&Closed=1&TalkID=0&Name=%E6%B3%A2%E5%85%B0%23376330091&Pic=&callback=getJSON_16118453820200_3700978602068936
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.129.162.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
14172b9c826fb647b90381b45f34d2319a3887525285c101c3f7eda12fd476ee

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:42 GMT
server
nginx
content-length
102
vary
Origin
x-request-id
47fcfd1cff54fa9115c58e2781f2e405
content-type
application/javascript; charset=UTF-8
login
ecfk.workec.com/ 		92 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ecfk.workec.com/login?CorpID=11756362&VisitorID=376330091&Template=1&Scheme=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&Terminal=1&Keyword=undefined&Origin=undefined&Region=undefined%20undefined&Count=undefined&Url=https%253A%252F%252Fhtml.ecqun.com%252Fkf%252Fsdk%252Fopenwin.html%253Fcorpid%253D11756362%2526groupid%253D8055%2526mode%253D0%2526cskey%253DREDefr4wSgStRe9PsJ%2526scheme%253D1%2526csid%253D11756363%2526ecsess%253D1%2526utm_source%253DBenchmarkEmail%2526utm_campaign%253DH1299_cell_2_NA_silent3-5_11.3w%2526utm_medium%253Demail&Notify=1&callback=getJSON_16118453830060_8623452664256945
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.129.162.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
c85f87171229928479c7c489e8c61685ef01d8c2619efbe03494c5ce81789233

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:44 GMT
server
nginx
content-length
92
vary
Origin
x-request-id
4c35b6ad999510f252bfecd47dbf5a73
content-type
application/javascript; charset=UTF-8
upstatus
ecfk.workec.com/ 		123 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ecfk.workec.com/upstatus?Status=3&CorpID=11756362&VisitorID=376330091&CustomerID=11756363&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&Closed=1&TalkID=0&Name=%E6%B3%A2%E5%85%B0%23376330091&Pic=&callback=getJSON_16118453844510_13869859599250667
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.129.162.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
dc99e638bf29957fb578ef59cdbb2cc8e1906df25b700f0345fa4c25c61a56b3

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:46 GMT
server
nginx
content-length
123
vary
Origin
x-request-id
5d3924f1073bf921143cdd5030c8c08e
content-type
application/javascript; charset=UTF-8
heart
ecfk.workec.com/ 		174 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118453863670_15951602616378024
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.129.162.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
f113c04d1ec05709a4ebe35a928f3802fb478ff7c3abc4fdb2db5e9c2c1f0251

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 14:49:49 GMT
server
nginx
content-length
174
vary
Origin
x-request-id
6b5b4c4fd8a6094152fc4e4b9ea7118
content-type
application/javascript; charset=UTF-8
vlogtalk
kf.ecqun.com/index/index/ 		92 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kf.ecqun.com/index/index/vlogtalk?corpid=11756362&guid=376330091&type=1&csid=11756363&cskey=REDefr4wSgStRe9PsJ&storage=nufx5DYwjLZZSm5oMYVHPH42Lf%2FlO3FJA84Vxp1%2FrEvPhm1wF7hADxyw%2BL2zisUv2vY96Pjn7wj2rAnavNH0ZpQo3hpRKhu3V%2BALhpKjNonnvf5KGwCPEg%3D%3D&callback=getJSON_16118453863680_11520093755668204
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
115.159.141.150 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx / qcloudlnmp-1
Resource Hash
68ab8066548026bb4054db7e41f7bff66daa8c2906dafbc13e3c5dae0b25ed04

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 28 Jan 2021 14:49:46 GMT
content-encoding
gzip
server
nginx
x-powered-by
qcloudlnmp-1
p3p
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cache-control
no-store, no-cache, must-revalidate, private, must-revalidate
content-type
text/javascript; charset=UTF-8
x-request-id
2a1c4b28051bcd5383a5ddc919e7ed68
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
index
kf.ecqun.com/index/analy/ 		91 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kf.ecqun.com/index/analy/index?corpid=11756362&scheme=1&guid=376330091&talkid=11358492&csid=11756363&cskey=REDefr4wSgStRe9PsJ&groupid=8055&source=0&chatpage=&storage=nufx5DYwjLZZSm5oMYVHPH42Lf%2FlO3FJA84Vxp1%2FrEvPhm1wF7hADxyw%2BL2zisUv2vY96Pjn7wj2rAnavNH0ZpQo3hpRKhu3V%2BALhpKjNonnvf5KGwCPEg%3D%3D&callback=getJSON_16118453863840_9244432926772568
Requested by
Host: 1.staticec.com
URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
115.159.141.150 Beijing, China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx / qcloudlnmp-1
Resource Hash
9b68ea2ff31c319a7d858521e3dc3ae40a92366508405522c8310248959ea84a

Request headers

Referer
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 28 Jan 2021 14:49:46 GMT
content-encoding
gzip
server
nginx
x-powered-by
qcloudlnmp-1
p3p
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cache-control
no-store, no-cache, must-revalidate, private, must-revalidate
content-type
text/javascript; charset=UTF-8
x-request-id
013da49b04504d91dd29537158863384
expires
Thu, 19 Nov 1981 08:52:00 GMT, -1
heart
ecfk.workec.com/ 		0
0
heart
ecfk.workec.com/ 		0
0
heart
ecfk.workec.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
eccollect1.workec.com
URL
https://eccollect1.workec.com/api/sdk/desktop/page-categories-deployed?q=N4IghgDhCWAmIC4AEICMB2AxgFgEYYCYxMAzAkzAUwA4AGAZnoFZamC9cA2J+2MTkABpwUAPoA3SgCcAztAD2AO0QpaIAL5A
Domain
ecfk.workec.com
URL
https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118453913680_48300303252725696
Domain
ecfk.workec.com
URL
https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118453963680_5067983539665137
Domain
ecfk.workec.com
URL
https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118454013680_027445295101410583

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| sugoio boolean| isMobile number| unescapeResetTimes object| PVAPI function| _unescape function| ECPVsuperCall object| ECBridge number| originWindowHeight function| preventDefault function| redux_legacy_de1f3db62338a4791c43 function| react_legacy_c5c0ff7d16a1dee74b4c function| SparkMD5 object| Base64 function| imgMsgError function| imgMsgLoaded function| audioMetaDataLoaded object| msgCache object| webim function| ajax function| getLocalText string| ec_storage string| ec_cskey string| ec_scheme string| accsid string| ec_source undefined| isPreview object| previewData object| appData function| onImgError object| getJSON_16118453750320_3113111213091948 object| getJSON_16118453750320_32895177746103577 object| badjsLogger object| localKeys object| ec_localkeys number| ec_languageType number| ec_custfrom object| sessionData string| ec_token number| corpid object| reactCookie object| publicActs function| Zepto function| $ object| ecim function| openQQ function| ecShowImg function| onKickedEventCall object| getJSON_16118453814780_24217345594293405 object| getJSON_16118453814780_7410555085851913 object| getJSON_16118453820200_3700978602068936 object| getJSON_16118453820200_8941667116651391 object| getJSON_16118453830060_8623452664256945 object| getJSON_16118453830060_8502131558729582 object| getJSON_16118453844510_13869859599250667 object| getJSON_16118453844510_3850128169690352 object| getJSON_16118453863670_15951602616378024 object| getJSON_16118453863670_7032572023139578 object| getJSON_16118453863680_11520093755668204 object| getJSON_16118453863680_5911071589944059 number| seqid object| getJSON_16118453863840_9244432926772568 object| getJSON_16118453863840_4561976265176739 number| robotSessionListLength function| getJSON_16118453913680_48300303252725696 function| getJSON_16118453913680_2651743188324278 function| getJSON_16118453963680_5067983539665137 function| getJSON_16118453963680_331216524626182 function| getJSON_16118454013680_027445295101410583 function| getJSON_16118454013680_20994954111544661

4 Cookies

Domain/Path Name / Value
.ecqun.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjVNQTBpSFNQcDZlN3B1cFpNY1hxbEE9PSIsInZhbHVlIjoiamZIMWFQT3BRQUdweFFtK0drQWRoeWFvdEh4SnNSU3RuS2ZtckNCeFo0OTNZMGtyMjI1U0ZmTW1EczVKUUw2MmRUdkZvMldXa1wva3NqS29pdkZxR1FBPT0iLCJtYWMiOiI3ZjhmY2Q3MmU3MDk4Mjc4ZDU0Njg5ZWFjMDNjM2I4YjRiMjM0NjZkMWE1ZDJmYzU5ZmI0NzVjMDk1YjRkYTI3In0%3D
.ecqun.com/ Name: ecweb_session
Value: eyJpdiI6ImJHR3lSRGFZbXZLYjBBZnZpZHRQdmc9PSIsInZhbHVlIjoid1lXNzV3S1dSeXkrcjEzaEx1RmJrNWRZc241clQ5UzVBZENTRDRXckNiTkpIdWZiMUpaMmNTV2V0UVl0Sm1HXC9EcWFqN2ZvRGE0M1JlZVNsOTBVUUJnPT0iLCJtYWMiOiIzYzY4MDVmZjZiODA2MTY4MzA2N2RlMDIwZTBkMWM4ZGViZjI0MjY4ZmQzNWZhOTk4MDFlMzg1NjM4ODY1NmViIn0%3D
.ecqun.com/ Name: ecCookieVisitor11756362_1
Value: 41bR%2BP7F5eSicungwZX%2F0b7XPoWwONFdJs3bIbl%2B9Zg5IvEaqV54f3OMLDVOipdTZerO5PFdyfE%3D
html.ecqun.com/kf/sdk Name: storage
Value: nufx5DYwjLZZSm5oMYVHPH42Lf/lO3FJA84Vxp1/rEvPhm1wF7hADxyw+L2zisUv2vY96Pjn7wj2rAnavNH0ZpQo3hpRKhu3V+ALhpKjNonnvf5KGwCPEg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.staticec.com
ec-web.staticec.com
eccollect1.workec.com
ecfk.workec.com
html.ecqun.com
kf.ecqun.com
kf.workec.com
r1067943.ubigene.net
www.staticec.com
eccollect1.workec.com
ecfk.workec.com
115.159.141.150
175.24.254.193
211.152.136.41
212.129.162.249
47.246.43.223
52.38.25.206
04a150d4050ab33a80e9c8cf616927f0ce47aaab29ec1e64528a571b67df2140
098cf47b954070cebfc5c32ec29964f41cd6e61d8a09b36013227095048e2793
14172b9c826fb647b90381b45f34d2319a3887525285c101c3f7eda12fd476ee
192a3009b6e08acdbb3189ec324a1b0a0c6c3f50f9872d86d923216c521bf867
39c209d3b9a3d523341dbd8f2b8af3301eaed44672306902b28043359c833ee0
51d341452a7755b4956ad4518f666dada1e970b6331390e95f761d0937e7c329
6190adfad6fe7f75aec4291629211bb638b20cf5d7f7cbc0b440d6a7236436ac
68ab8066548026bb4054db7e41f7bff66daa8c2906dafbc13e3c5dae0b25ed04
6ce811fb8fe31c87cab9b0a270e5b8b61fbf31b78df6b6a1c79356cc18100a4a
876399677476421fdb8ad880ffa3e6adba0bb38f7e03c60d30422a94d4a5fde6
9b68ea2ff31c319a7d858521e3dc3ae40a92366508405522c8310248959ea84a
9e73dffa8111d6983159431f0db04002ed071b3a5e6df7454801967a0529a94d
b1d31d66426a15e54d02d16afa7251e103335be0d498de2cc669a462da8b1496
c85f87171229928479c7c489e8c61685ef01d8c2619efbe03494c5ce81789233
d7a410be86c6337881730a88e205e1d59de2dba872da3f1929c5a9c56d61bbbe
db13b2db70e0aafb9a25e2c9e94816b0120ea766400a92553414e6483f91bae7
dc4f371f3235bf531a1ae7a006b871efe211b760d16eeebf83f040ee92146402
dc99e638bf29957fb578ef59cdbb2cc8e1906df25b700f0345fa4c25c61a56b3
f113c04d1ec05709a4ebe35a928f3802fb478ff7c3abc4fdb2db5e9c2c1f0251
fb03765633e121eb928979efc174f13ba5deeb6fe15a9f276482c1919a93f06b