html.ecqun.com
Open in
urlscan Pro
175.24.254.193
Public Scan
Effective URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=1...
Submission Tags: phishing malicious Search All
Submission: On January 28 via api from US
Summary
TLS certificate: Issued by GeoTrust CN RSA CA G1 on August 17th 2020. Valid for: a year.
This is the only time html.ecqun.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.38.25.206 52.38.25.206 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 175.24.254.193 175.24.254.193 | 45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
8 | 211.152.136.41 211.152.136.41 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
4 | 115.159.141.150 115.159.141.150 | 45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
6 | 212.129.162.249 212.129.162.249 | 45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
1 | 47.246.43.223 47.246.43.223 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
24 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-25-206.us-west-2.compute.amazonaws.com
r1067943.ubigene.net |
ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
html.ecqun.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.staticec.com | |
1.staticec.com |
ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
kf.ecqun.com |
ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
kf.workec.com | |
ecfk.workec.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ec-web.staticec.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
staticec.com
www.staticec.com 1.staticec.com ec-web.staticec.com |
475 KB |
6 |
workec.com
eccollect1.workec.com Failed kf.workec.com ecfk.workec.com |
1 KB |
5 |
ecqun.com
html.ecqun.com kf.ecqun.com |
8 KB |
1 |
ubigene.net
1 redirects
r1067943.ubigene.net |
977 B |
24 | 4 |
Domain | Requested by | |
---|---|---|
6 | 1.staticec.com |
html.ecqun.com
|
4 | ecfk.workec.com |
1.staticec.com
|
4 | kf.ecqun.com |
1.staticec.com
|
2 | kf.workec.com |
1.staticec.com
|
2 | www.staticec.com |
html.ecqun.com
www.staticec.com |
1 | ec-web.staticec.com |
html.ecqun.com
|
1 | html.ecqun.com | |
1 | r1067943.ubigene.net | 1 redirects |
0 | eccollect1.workec.com Failed |
www.staticec.com
|
24 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.scrm.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ecqun.com GeoTrust CN RSA CA G1 |
2020-08-17 - 2021-09-16 |
a year | crt.sh |
*.staticec.com GeoTrust CN RSA CA G1 |
2020-07-07 - 2021-09-06 |
a year | crt.sh |
*.workec.com GeoTrust RSA CN CA G2 |
2020-10-28 - 2021-11-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email
Frame ID: EC66EF9F5CC3381E55F87AF803D915D1
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://r1067943.ubigene.net/c/l?u=BBC1BFE&e=11D85E2&c=104BA7&t=0&l=58F5C943&email=7sAjdx4gWiUIl1uCdkSehg...
HTTP 302
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Powered by EC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://r1067943.ubigene.net/c/l?u=BBC1BFE&e=11D85E2&c=104BA7&t=0&l=58F5C943&email=7sAjdx4gWiUIl1uCdkSehg8o2jSupuqpq%2BY0UTwzGiU%3D&seq=1
HTTP 302
https://html.ecqun.com/kf/sdk/openwin.html?corpid=11756362&groupid=8055&mode=0&cskey=REDefr4wSgStRe9PsJ&scheme=1&csid=11756363&ecsess=1&utm_source=BenchmarkEmail&utm_campaign=H1299_cell_2_NA_silent3-5_11.3w&utm_medium=email Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
openwin.html
html.ecqun.com/kf/sdk/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sugoio_and_badjs.js
www.staticec.com/api/scripts/node_report/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pv_jsapi.20181119.js
1.staticec.com/my/comm/js/ |
35 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dll.redux_legacy.js
1.staticec.com/common/js/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dll.react_legacy.js
1.staticec.com/common/js/ |
211 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec_cs_session.js
1.staticec.com/kf/sdk/js/ |
836 KB 305 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sugoio.20180117.js
www.staticec.com/api/scripts/node_report/ |
117 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
kf.ecqun.com/index/talk/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
page-categories-deployed
eccollect1.workec.com/api/sdk/desktop/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getQrCode
kf.workec.com/v10/cs/robot/csInfo/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 6 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getsig
kf.ecqun.com/index/talk/ |
477 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
getQrCode
kf.workec.com/v10/cs/robot/csInfo/ |
54 B 447 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-down.png
1.staticec.com/kf/sdk/image/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb29ae6aec0a14d5009e8dfbc4afb048
ec-web.staticec.com/face/11756362/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reminder.wav
1.staticec.com/kf/common/audios/ |
288 KB 0 |
Media
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 KB 38 KB |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upstatus
ecfk.workec.com/ |
102 B 233 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
ecfk.workec.com/ |
92 B 221 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upstatus
ecfk.workec.com/ |
123 B 253 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heart
ecfk.workec.com/ |
174 B 303 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vlogtalk
kf.ecqun.com/index/index/ |
92 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index
kf.ecqun.com/index/analy/ |
91 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
heart
ecfk.workec.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
heart
ecfk.workec.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
heart
ecfk.workec.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- eccollect1.workec.com
- URL
- https://eccollect1.workec.com/api/sdk/desktop/page-categories-deployed?q=N4IghgDhCWAmIC4AEICMB2AxgFgEYYCYxMAzAkzAUwA4AGAZnoFZamC9cA2J+2MTkABpwUAPoA3SgCcAztAD2AO0QpaIAL5A
- Domain
- ecfk.workec.com
- URL
- https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118453913680_48300303252725696
- Domain
- ecfk.workec.com
- URL
- https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118453963680_5067983539665137
- Domain
- ecfk.workec.com
- URL
- https://ecfk.workec.com/heart?CorpID=11756362&VisitorID=376330091&Type=3&PageID=100&Flag=1&Key=Gw8Dr0gdDOnwqvcWJOcB7zRvscsbXihietKT9%2B4OxfM%3D&callback=getJSON_16118454013680_027445295101410583
Verdicts & Comments Add Verdict or Comment
79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| sugoio boolean| isMobile number| unescapeResetTimes object| PVAPI function| _unescape function| ECPVsuperCall object| ECBridge number| originWindowHeight function| preventDefault function| redux_legacy_de1f3db62338a4791c43 function| react_legacy_c5c0ff7d16a1dee74b4c function| SparkMD5 object| Base64 function| imgMsgError function| imgMsgLoaded function| audioMetaDataLoaded object| msgCache object| webim function| ajax function| getLocalText string| ec_storage string| ec_cskey string| ec_scheme string| accsid string| ec_source undefined| isPreview object| previewData object| appData function| onImgError object| getJSON_16118453750320_3113111213091948 object| getJSON_16118453750320_32895177746103577 object| badjsLogger object| localKeys object| ec_localkeys number| ec_languageType number| ec_custfrom object| sessionData string| ec_token number| corpid object| reactCookie object| publicActs function| Zepto function| $ object| ecim function| openQQ function| ecShowImg function| onKickedEventCall object| getJSON_16118453814780_24217345594293405 object| getJSON_16118453814780_7410555085851913 object| getJSON_16118453820200_3700978602068936 object| getJSON_16118453820200_8941667116651391 object| getJSON_16118453830060_8623452664256945 object| getJSON_16118453830060_8502131558729582 object| getJSON_16118453844510_13869859599250667 object| getJSON_16118453844510_3850128169690352 object| getJSON_16118453863670_15951602616378024 object| getJSON_16118453863670_7032572023139578 object| getJSON_16118453863680_11520093755668204 object| getJSON_16118453863680_5911071589944059 number| seqid object| getJSON_16118453863840_9244432926772568 object| getJSON_16118453863840_4561976265176739 number| robotSessionListLength function| getJSON_16118453913680_48300303252725696 function| getJSON_16118453913680_2651743188324278 function| getJSON_16118453963680_5067983539665137 function| getJSON_16118453963680_331216524626182 function| getJSON_16118454013680_027445295101410583 function| getJSON_16118454013680_209949541115446614 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ecqun.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IjVNQTBpSFNQcDZlN3B1cFpNY1hxbEE9PSIsInZhbHVlIjoiamZIMWFQT3BRQUdweFFtK0drQWRoeWFvdEh4SnNSU3RuS2ZtckNCeFo0OTNZMGtyMjI1U0ZmTW1EczVKUUw2MmRUdkZvMldXa1wva3NqS29pdkZxR1FBPT0iLCJtYWMiOiI3ZjhmY2Q3MmU3MDk4Mjc4ZDU0Njg5ZWFjMDNjM2I4YjRiMjM0NjZkMWE1ZDJmYzU5ZmI0NzVjMDk1YjRkYTI3In0%3D |
|
.ecqun.com/ | Name: ecweb_session Value: eyJpdiI6ImJHR3lSRGFZbXZLYjBBZnZpZHRQdmc9PSIsInZhbHVlIjoid1lXNzV3S1dSeXkrcjEzaEx1RmJrNWRZc241clQ5UzVBZENTRDRXckNiTkpIdWZiMUpaMmNTV2V0UVl0Sm1HXC9EcWFqN2ZvRGE0M1JlZVNsOTBVUUJnPT0iLCJtYWMiOiIzYzY4MDVmZjZiODA2MTY4MzA2N2RlMDIwZTBkMWM4ZGViZjI0MjY4ZmQzNWZhOTk4MDFlMzg1NjM4ODY1NmViIn0%3D |
|
.ecqun.com/ | Name: ecCookieVisitor11756362_1 Value: 41bR%2BP7F5eSicungwZX%2F0b7XPoWwONFdJs3bIbl%2B9Zg5IvEaqV54f3OMLDVOipdTZerO5PFdyfE%3D |
|
html.ecqun.com/kf/sdk | Name: storage Value: nufx5DYwjLZZSm5oMYVHPH42Lf/lO3FJA84Vxp1/rEvPhm1wF7hADxyw+L2zisUv2vY96Pjn7wj2rAnavNH0ZpQo3hpRKhu3V+ALhpKjNonnvf5KGwCPEg== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.staticec.com
ec-web.staticec.com
eccollect1.workec.com
ecfk.workec.com
html.ecqun.com
kf.ecqun.com
kf.workec.com
r1067943.ubigene.net
www.staticec.com
eccollect1.workec.com
ecfk.workec.com
115.159.141.150
175.24.254.193
211.152.136.41
212.129.162.249
47.246.43.223
52.38.25.206
04a150d4050ab33a80e9c8cf616927f0ce47aaab29ec1e64528a571b67df2140
098cf47b954070cebfc5c32ec29964f41cd6e61d8a09b36013227095048e2793
14172b9c826fb647b90381b45f34d2319a3887525285c101c3f7eda12fd476ee
192a3009b6e08acdbb3189ec324a1b0a0c6c3f50f9872d86d923216c521bf867
39c209d3b9a3d523341dbd8f2b8af3301eaed44672306902b28043359c833ee0
51d341452a7755b4956ad4518f666dada1e970b6331390e95f761d0937e7c329
6190adfad6fe7f75aec4291629211bb638b20cf5d7f7cbc0b440d6a7236436ac
68ab8066548026bb4054db7e41f7bff66daa8c2906dafbc13e3c5dae0b25ed04
6ce811fb8fe31c87cab9b0a270e5b8b61fbf31b78df6b6a1c79356cc18100a4a
876399677476421fdb8ad880ffa3e6adba0bb38f7e03c60d30422a94d4a5fde6
9b68ea2ff31c319a7d858521e3dc3ae40a92366508405522c8310248959ea84a
9e73dffa8111d6983159431f0db04002ed071b3a5e6df7454801967a0529a94d
b1d31d66426a15e54d02d16afa7251e103335be0d498de2cc669a462da8b1496
c85f87171229928479c7c489e8c61685ef01d8c2619efbe03494c5ce81789233
d7a410be86c6337881730a88e205e1d59de2dba872da3f1929c5a9c56d61bbbe
db13b2db70e0aafb9a25e2c9e94816b0120ea766400a92553414e6483f91bae7
dc4f371f3235bf531a1ae7a006b871efe211b760d16eeebf83f040ee92146402
dc99e638bf29957fb578ef59cdbb2cc8e1906df25b700f0345fa4c25c61a56b3
f113c04d1ec05709a4ebe35a928f3802fb478ff7c3abc4fdb2db5e9c2c1f0251
fb03765633e121eb928979efc174f13ba5deeb6fe15a9f276482c1919a93f06b