open.weixin.qq.com
Open in
urlscan Pro
240d:c040:1:40::11d
Public Scan
Effective URL: https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx41b9ecb066a979ab&redirect_uri=https://auth.chongyacaishui.com/w...
Submission Tags: @phishunt_io
Submission: On November 29 via api from ES
Summary
TLS certificate: Issued by Secure Site CA G2 on April 10th 2020. Valid for: a year.
This is the only time open.weixin.qq.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 116.207.118.53 116.207.118.53 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
1 2 | 240d:c040:1:4... 240d:c040:1:40::11d | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 | 150.109.206.154 150.109.206.154 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
8 | 4 |
ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
unicloudtiku.chongyacaishui.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
open.weixin.qq.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
res.wx.qq.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
chongyacaishui.com
unicloudtiku.chongyacaishui.com |
329 KB |
3 |
qq.com
1 redirects
open.weixin.qq.com res.wx.qq.com |
10 KB |
0 |
bspapp.com
Failed
5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com Failed |
|
8 | 3 |
Domain | Requested by | |
---|---|---|
5 | unicloudtiku.chongyacaishui.com |
unicloudtiku.chongyacaishui.com
|
2 | open.weixin.qq.com |
1 redirects
unicloudtiku.chongyacaishui.com
|
1 | res.wx.qq.com |
open.weixin.qq.com
|
0 | 5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com Failed |
unicloudtiku.chongyacaishui.com
|
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
unicloudtiku.chongyacaishui.com Encryption Everywhere DV TLS CA - G1 |
2020-11-28 - 2021-11-28 |
a year | crt.sh |
mp.weixin.qq.com Secure Site CA G2 |
2020-04-10 - 2021-04-15 |
a year | crt.sh |
res.wx.qq.com DigiCert SHA2 Secure Server CA |
2020-08-31 - 2021-09-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx41b9ecb066a979ab&redirect_uri=https://auth.chongyacaishui.com/wechat/wxLogin?target=http://unicloudtiku.chongyacaishui.com&response_type=code&scope=snsapi_userinfo&state=1&connect_redirect=1
Frame ID: 9A33A6E67A83BC1082B64F49465B5367
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://unicloudtiku.chongyacaishui.com/ Page URL
-
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx41b9ecb066a979ab&redirect_uri=https://auth....
HTTP 301
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx41b9ecb066a979ab&redirect_uri=https://auth.... Page URL
Detected technologies
Tengine (Web Servers) ExpandDetected patterns
- headers server /Tengine/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://unicloudtiku.chongyacaishui.com/ Page URL
-
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx41b9ecb066a979ab&redirect_uri=https://auth.chongyacaishui.com/wechat/wxLogin?target=http://unicloudtiku.chongyacaishui.com&response_type=code&scope=snsapi_userinfo&state=1
HTTP 301
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx41b9ecb066a979ab&redirect_uri=https://auth.chongyacaishui.com/wechat/wxLogin?target=http://unicloudtiku.chongyacaishui.com&response_type=code&scope=snsapi_userinfo&state=1&connect_redirect=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
unicloudtiku.chongyacaishui.com/ |
786 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.1e555237.css
unicloudtiku.chongyacaishui.com/static/ |
83 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.68f6872c.js
unicloudtiku.chongyacaishui.com/static/js/ |
616 KB 228 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.0990fc63.js
unicloudtiku.chongyacaishui.com/static/js/ |
145 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages-index-index.395df126.js
unicloudtiku.chongyacaishui.com/static/js/ |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
authorize
open.weixin.qq.com/connect/oauth2/ Redirect Chain
|
749 B 826 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
getPart
5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com/http/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weui.css
res.wx.qq.com/open/libs/weui/0.4.1/ |
44 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 4 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com
- URL
- https://5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com/http/getPart?course=0&book_id=1
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com
open.weixin.qq.com
res.wx.qq.com
unicloudtiku.chongyacaishui.com
5a109a7c-53ec-43df-975c-eff5c95bfe67.bspapp.com
116.207.118.53
150.109.206.154
240d:c040:1:40::11d
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
263d29d3ad8852751e559c9921abad23c9c2a0019d236ceec3dbb172ad1a4dd1
69110c9404e0a020d99c7db516b9dfff318af3794e302a9e19400604fdebde7b
7b3fb083d313df3816a5f89881011948f2d420dce4f6e046b941aa724c79cd5a
8029b657968a090109ca014ae429f2f26f59f30a4545122c42e503cf27bb2f4d
8cd83305714bed77c0cdf39441dc0c7d1a7d4c34960dc80b2c3b29b9ce03e3ab
b573e8631b166775ed47ff0f70df4299a5285047cd43899326a1495081bf3ce3
f1b69e162ebfac6dda6d5174f43b032dcc3740de9fc5ce54a52e91940a8af582
fad42ed2694bf0790c0468f5ec36f2ec6f59a84bf3e608cc7fb4189e5593d9bd