weidian.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 7 HTTP transactions. The main IP is 49.51.131.122, located in Germany and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is weidian.com.
TLS certificate: Issued by GlobalSign Domain Validation CA - SHA... on January 15th 2018. Valid for: 2 years.

This is the only time weidian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	49.51.131.122 49.51.131.122	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	23.248.189.13 23.248.189.13	21859 (ZNET) (ZNET - Zenlayer Inc)
3	203.205.224.11 203.205.224.11	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
7	4

1 49.51.131.122 (Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

weidian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.248.189.13 (Los Angeles, United States)

ASN21859 (ZNET - Zenlayer Inc, US)

si.geilicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.205.224.11 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

assets.geilicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	geilicdn.com s.geilicdn.com Failed si.geilicdn.com assets.geilicdn.com	39 KB
1	weidian.com weidian.com	32 KB
7	2

	Domain	Requested by
3	assets.geilicdn.com	weidian.com
1	si.geilicdn.com	weidian.com
1	weidian.com
0	s.geilicdn.com Failed	weidian.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
*.weidian.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2020-01-16`	2 years	crt.sh
*.geilicdn.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-19` - `2020-01-20`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://weidian.com/?userid=973365404
Frame ID: A5DA6CC018C13A456A1DF9B4B1164CEB
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

3
Countries

71 kB
Transfer

211 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response weidian.com/	114 KB 32 KB	3937ms 562ms	Document text/html	49.51.131.122 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://weidian.com/?userid=973365404 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 49.51.131.122 , Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / PHP/5.3.14 Resource Hash `0a7d0bd1cdf38a52ff3ff65667acc44531dad86cff0bb1aec0fa631704afe754` Request headers :method GET :authority weidian.com :scheme https :path /?userid=973365404 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 server nginx date Thu, 15 Aug 2019 03:04:04 GMT content-type text/html vary Accept-Encoding x-powered-by PHP/5.3.14 cache-control no-cache no-cache content-encoding gzip set-cookie wdtoken=838b7d5f;Domain=.weidian.com; Path=/
GET		shoppingmall.d282dd4d.css s.geilicdn.com/p5/decorate/20193/css/index/	0 0

GET H2	200	img-0a2100000169b3975cf50a216239-unadjust_155_40.png si.geilicdn.com/	8 KB 8 KB	4650ms 130ms	Image image/png	23.248.189.13 Zenlayer Inc
General Check archive.org Show headers Download Go to Show image Full URL https://si.geilicdn.com/img-0a2100000169b3975cf50a216239-unadjust_155_40.png Requested by Host: weidian.com URL: https://weidian.com/?userid=973365404 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.248.189.13 Los Angeles, United States, ASN21859 (ZNET - Zenlayer Inc, US), Reverse DNS Software NWSs / Resource Hash `aa237047b78d2b261380eb466c1e044f88f8378bd4d1cf037dad6ddc6b21e766` Request headers Sec-Fetch-Mode no-cors Referer https://weidian.com/?userid=973365404 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 15 Aug 2019 03:04:09 GMT x-cache-lookup Hit From Disktank3 last-modified Tue, 13 Aug 2019 11:46:11 GMT server NWSs status 200 content-type image/png access-control-allow-origin * cache-control max-age=2592000 x-nws-log-uuid 61ca55fb-e559-4ec0-9a9d-b24f1ed67427 timing-allow-origin * content-length 7769 expires Sat, 14 Sep 2019 03:04:09 GMT
GET H2	200	index.js Show response assets.geilicdn.com/v-components/v-collect/11.1.7/	87 KB 29 KB	1490ms 28ms	Script application/javascript	203.205.224.11 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://assets.geilicdn.com/v-components/v-collect/11.1.7/index.js Requested by Host: weidian.com URL: https://weidian.com/?userid=973365404 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.224.11 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `942f947b8371e9d345179488985d7ce7ca04928c62cb5568f1b73815afd79fbc` Request headers Sec-Fetch-Mode cors Referer https://weidian.com/?userid=973365404 Origin https://weidian.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 15 Aug 2019 03:04:06 GMT content-encoding gzip x-cache-lookup Hit From MemCache Gz, Hit From Inner Cluster last-modified Fri, 24 May 2019 06:58:10 GMT server NWSs status 200 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000, s-maxage=3600 x-daa-tunnel hop_count=1 x-nws-log-uuid d9ff8915-f55a-43ec-95d5-ef4b8288a67b timing-allow-origin * content-length 29738 expires Sat, 14 Sep 2019 03:04:05 GMT
GET H2	200	download-toolbar.latest.js Show response assets.geilicdn.com/v-components/evoke-app/1.2.0/	1 KB 980 B	28ms 27ms	Script application/javascript	203.205.224.11 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://assets.geilicdn.com/v-components/evoke-app/1.2.0/download-toolbar.latest.js Requested by Host: weidian.com URL: https://weidian.com/?userid=973365404 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.224.11 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `3f5f911bf4d5a162b3f9b2147b548a851f23e8a5038adc482c2af96de6bce4e5` Request headers Sec-Fetch-Mode cors Referer https://weidian.com/?userid=973365404 Origin https://weidian.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 15 Aug 2019 03:04:06 GMT content-encoding gzip x-cache-lookup Hit From MemCache Gz, Hit From Inner Cluster last-modified Fri, 29 Mar 2019 09:23:53 GMT server NWSs status 200 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000, s-maxage=3600 x-daa-tunnel hop_count=1 x-nws-log-uuid b8ee8726-543e-45eb-a673-9de4a8d7904a timing-allow-origin * content-length 634 expires Sat, 14 Sep 2019 03:04:05 GMT
GET H2	200	index.latest.js Show response assets.geilicdn.com/v-components/evoke-app/1.2.0/	1 KB 970 B	28ms 28ms	Script application/javascript	203.205.224.11 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://assets.geilicdn.com/v-components/evoke-app/1.2.0/index.latest.js Requested by Host: weidian.com URL: https://weidian.com/?userid=973365404 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.224.11 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `9859760b908e5a479fbc927021671550f95c62b9663172bf009388538a5058c0` Request headers Sec-Fetch-Mode cors Referer https://weidian.com/?userid=973365404 Origin https://weidian.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 15 Aug 2019 03:04:06 GMT content-encoding gzip x-cache-lookup Hit From MemCache Gz, Hit From Inner Cluster last-modified Fri, 29 Mar 2019 09:23:54 GMT server NWSs status 200 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000, s-maxage=3600 x-daa-tunnel hop_count=1 x-nws-log-uuid 523d3c3d-0655-496c-aae8-80ff196f7892 timing-allow-origin * content-length 624 expires Sat, 14 Sep 2019 03:04:05 GMT
GET		placeholder.aabfe9a1.png s.geilicdn.com/p5/decorate/20198/images/common/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.geilicdn.com
URL: https://s.geilicdn.com/p5/decorate/20193/css/index/shoppingmall.d282dd4d.css

Domain: s.geilicdn.com
URL: https://s.geilicdn.com/p5/decorate/20198/images/common/placeholder.aabfe9a1.png

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.geilicdn.com
s.geilicdn.com
si.geilicdn.com
weidian.com
s.geilicdn.com
203.205.224.11
23.248.189.13
49.51.131.122
0a7d0bd1cdf38a52ff3ff65667acc44531dad86cff0bb1aec0fa631704afe754
3f5f911bf4d5a162b3f9b2147b548a851f23e8a5038adc482c2af96de6bce4e5
942f947b8371e9d345179488985d7ce7ca04928c62cb5568f1b73815afd79fbc
9859760b908e5a479fbc927021671550f95c62b9663172bf009388538a5058c0
aa237047b78d2b261380eb466c1e044f88f8378bd4d1cf037dad6ddc6b21e766

weidian.com Open in urlscan Pro 49.51.131.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

3 Countries

71 kBTransfer

211 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

weidian.com Open in urlscan Pro
49.51.131.122 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

3
Countries

71 kB
Transfer

211 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions