config.pinyin.sogou.com Open in urlscan Pro
129.226.102.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&ty...
Effective URL:
https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&ty...
Submission: On May 15 via manual (May 15th 2024, 1:45:50 am UTC) from IN — Scanned from DE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 129.226.102.244, located in Hong Kong, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is config.pinyin.sogou.com. The Cisco Umbrella rank of the primary domain is 18209.
TLS certificate: Issued by GlobalSign Organization Validation CA... on September 19th 2023. Valid for: 10 months.

This is the only time config.pinyin.sogou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	129.226.102.244 129.226.102.244	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	218.60.45.135 218.60.45.135	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
7	3

2 129.226.102.244 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

config.pinyin.sogou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 218.60.45.135 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

dl.pinyin.sogou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sogou.com config.pinyin.sogou.com — Cisco Umbrella Rank: 18209 dl.pinyin.sogou.com — Cisco Umbrella Rank: 262248	13 KB
7	1

	Domain	Requested by
3	dl.pinyin.sogou.com	config.pinyin.sogou.com
2	config.pinyin.sogou.com
7	2

This site contains no links.

Subject Issuer	Validity	Valid
*.pinyin.sogou.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-09-19` - `2024-07-22`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Frame ID: 25E82F6016C6295434FA890D2C73BE09
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

输入法

Page URL History Show full URLs

http://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000... HTTP 307
https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

13 kB
Transfer

14 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257 HTTP 307
https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request fastlogin.php Show response
config.pinyin.sogou.com/api/qqfastlogin/
Redirect Chain

http://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257

4 KB
1 KB

1633ms
390ms

Document
text/html

129.226.102.244
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.102.244 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e5a08e3d7fd8b21b0a34867613094abd76a52bd1a2f2e72eac3920ea02da3d47

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1339
Content-Type: text/html; charset=GBK
Date: Wed, 15 May 2024 01:45:45 GMT
Server: nginx/1.20.1

Redirect headers

Location: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK login_word.jpg
dl.pinyin.sogou.com/api/qqfastlogin/img/ 2 KB
2 KB 1324ms
181ms Image
image/jpeg 218.60.45.135
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.pinyin.sogou.com/api/qqfastlogin/img/login_word.jpg
Requested by: Host: config.pinyin.sogou.com
URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.60.45.135 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: a6fa72543b11a7144ca45221cecb49056caccc667ba575cfebeb50943f7fe627

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://config.pinyin.sogou.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 27 Apr 2024 00:40:24 GMT
x-cos-hash-crc64ecma: 4396572103046666114
Last-Modified: Tue, 07 Nov 2023 02:10:52 GMT
Server: nginx
Etag: "67c412a52a55d0951478eb4f5d695dff"
Content-Type: image/jpeg
x-cos-request-id: NjYyYzQ5NzhfMzEwZWZmMWVfOTI4OV83YzE3MTk=
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1844

GET
H/1.1 200
OK cry.png
dl.pinyin.sogou.com/api/qqfastlogin/img/ 6 KB
7 KB 1360ms
194ms Image
image/png 218.60.45.135
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.pinyin.sogou.com/api/qqfastlogin/img/cry.png
Requested by: Host: config.pinyin.sogou.com
URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.60.45.135 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 6928316de4ebb750e759b9e279ac73922d3f8c412d84347dce87c21a00dc38fd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://config.pinyin.sogou.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 11:39:00 GMT
x-cos-hash-crc64ecma: 16117892068231426226
Last-Modified: Mon, 06 Nov 2023 14:50:53 GMT
Server: nginx
Etag: "57480215911ab334c2417087e808c48b"
Content-Type: image/png
x-cos-request-id: NjYyYTQwZDRfMTc0YzYwMGJfNWZiNV9iM2ZjOGU=
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6313

GET loginqq1.css
dl.pinyin.sogou.com/api/qqfastlogin/css/ 0
0

GET jquery-1.7.2.min.js
dl.pinyin.sogou.com/api/qqfastlogin/js/ 0
0

GET
H/1.1 200
OK close_btn.jpg
dl.pinyin.sogou.com/api/qqfastlogin/img/ 3 KB
3 KB 1354ms
202ms Image
image/jpeg 218.60.45.135
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.pinyin.sogou.com/api/qqfastlogin/img/close_btn.jpg
Requested by: Host: config.pinyin.sogou.com
URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.60.45.135 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 3241d83e4082c4820f937f8bf083b72962fef7cf68ea9766488d765768195724

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://config.pinyin.sogou.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:26:28 GMT
x-cos-hash-crc64ecma: 5550925763833993446
Last-Modified: Mon, 06 Nov 2023 14:50:53 GMT
Server: nginx
Etag: "3cce03328d4e05c819f021f8e792d913"
Content-Type: image/jpeg
x-cos-request-id: NjYyZjgzZTRfOTY0ZTQ0MGJfZGI0ZF8yNTAzYmZk
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2801

GET
H/1.1 404
Not Found favicon.ico
config.pinyin.sogou.com/ 19 B
200 B 390ms
389ms Other
text/plain 129.226.102.244
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://config.pinyin.sogou.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

129.226.102.244 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Resource Hash

b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 01:45:46 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 19
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dl.pinyin.sogou.com
URL: http://dl.pinyin.sogou.com/api/qqfastlogin/css/loginqq1.css

Domain: dl.pinyin.sogou.com
URL: http://dl.pinyin.sogou.com/api/qqfastlogin/js/jquery-1.7.2.min.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loginning function| login_failed function| login_reload

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257 Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure element 'http://dl.pinyin.sogou.com/api/qqfastlogin/img/login_word.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257 Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure element 'http://dl.pinyin.sogou.com/api/qqfastlogin/img/cry.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257(Line 5) Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure stylesheet 'http://dl.pinyin.sogou.com/api/qqfastlogin/css/loginqq1.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257 Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure script 'http://dl.pinyin.sogou.com/api/qqfastlogin/js/jquery-1.7.2.min.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257(Line 100) Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure element 'http://dl.pinyin.sogou.com/api/qqfastlogin/img/login_word.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257(Line 100) Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure element 'http://dl.pinyin.sogou.com/api/qqfastlogin/img/cry.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257(Line 100) Message: Mixed Content: The page at 'https://config.pinyin.sogou.com/api/qqfastlogin/fastlogin.php?h=038e7f84d1379608ebc49148b8f738d3&id=1&r=0000_sogou_pinyin_80d&type=single&v=8.2.0.9257' was loaded over HTTPS, but requested an insecure element 'http://dl.pinyin.sogou.com/api/qqfastlogin/img/close_btn.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://config.pinyin.sogou.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

config.pinyin.sogou.com
dl.pinyin.sogou.com
dl.pinyin.sogou.com
129.226.102.244
218.60.45.135
3241d83e4082c4820f937f8bf083b72962fef7cf68ea9766488d765768195724
6928316de4ebb750e759b9e279ac73922d3f8c412d84347dce87c21a00dc38fd
a6fa72543b11a7144ca45221cecb49056caccc667ba575cfebeb50943f7fe627
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
e5a08e3d7fd8b21b0a34867613094abd76a52bd1a2f2e72eac3920ea02da3d47

config.pinyin.sogou.com Open in urlscan Pro 129.226.102.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

3 IPs

2 Countries

13 kBTransfer

14 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

config.pinyin.sogou.com Open in urlscan Pro
129.226.102.244 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

13 kB
Transfer

14 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions