core.mars-era.cn
Open in
urlscan Pro
47.95.123.0
Public Scan
Effective URL: https://core.mars-era.cn/panel/login?redirect_uri=https%3A//oauth.mars-connect.com/oauth/authorize%3Fclient_id%3D23%26res...
Submission: On June 17 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on December 28th 2023. Valid for: a year.
This is the only time core.mars-era.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 18.66.102.94 18.66.102.94 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 164.52.0.106 164.52.0.106 | 63199 (CDSC-AS1) (CDSC-AS1) | |
1 8 | 47.95.123.0 47.95.123.0 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
1 | 2404:2280:1a4... 2404:2280:1a4:0:3::7ef | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 163.181.131.222 163.181.131.222 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 104.126.37.168 104.126.37.168 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
10 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-94.fra56.r.cloudfront.net
m-mffatr.oasgames.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
core.mars-era.cn |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sf3-cn.feishucdn.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-168.deploy.static.akamaitechnologies.com
www.feishu.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
mars-era.cn
1 redirects
core.mars-era.cn |
3 MB |
2 |
oasgames.com
2 redirects
m-mffatr.oasgames.com |
664 B |
1 |
feishu.cn
www.feishu.cn — Cisco Umbrella Rank: 291801 |
|
1 |
feishucdn.com
sf3-cn.feishucdn.com — Cisco Umbrella Rank: 501861 |
2 KB |
1 |
alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 8693 |
1 KB |
1 |
mars-connect.com
1 redirects
oauth.mars-connect.com |
402 B |
10 | 6 |
Domain | Requested by | |
---|---|---|
8 | core.mars-era.cn |
1 redirects
core.mars-era.cn
|
2 | m-mffatr.oasgames.com | 2 redirects |
1 | www.feishu.cn |
sf3-cn.feishucdn.com
|
1 | sf3-cn.feishucdn.com |
core.mars-era.cn
|
1 | g.alicdn.com |
core.mars-era.cn
|
1 | oauth.mars-connect.com | 1 redirects |
10 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mars-era.cn Encryption Everywhere DV TLS CA - G1 |
2023-12-28 - 2024-12-27 |
a year | crt.sh |
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3 |
2023-12-26 - 2024-07-30 |
7 months | crt.sh |
*.feishucdn.com GlobalSign GCC R3 DV TLS CA 2020 |
2024-05-15 - 2025-06-16 |
a year | crt.sh |
*.feishu.cn RapidSSL ECC CA 2018 |
2024-04-08 - 2025-05-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://core.mars-era.cn/panel/login?redirect_uri=https%3A//oauth.mars-connect.com/oauth/authorize%3Fclient_id%3D23%26response_type%3Dcode%26state%3Dhttp%253A%252F%252Fm-mffatr.oasgames.com%252F
Frame ID: 316E14AC260FE437E65DF5A0ED7CAC07
Requests: 9 HTTP requests in this frame
Frame:
https://www.feishu.cn/suite/passport/sso/qr?goto=https%3A%2F%2Fwww.feishu.cn%2Fsuite%2Fpassport%2Foauth%2Fauthorize%3Fclient_id%3Dcli_a07d05ec217c100e%26redirect_uri%3Dhttps%3A%2F%2Foauth.mars-era.cn%2Foauth%2Ffeishu-login%3Fclient_id%3D23_scan%26response_type%3Dcode%26state%3Dhttp%3A%2F%2Fm-mffatr.oasgames.com%2F
Frame ID: 04405B36577BEF1040342EC7C124D22B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
CORE SYSTEMPage URL History Show full URLs
-
https://m-mffatr.oasgames.com/
HTTP 302
https://m-mffatr.oasgames.com/auth/check?state=http%3A//m-mffatr.oasgames.com/ HTTP 302
https://oauth.mars-connect.com/oauth/authorize?response_type=code&client_id=23&state=http://m-mffatr.oasgam... HTTP 302
https://core.mars-era.cn/panel/login/check?redirect_uri=https%3A//oauth.mars-connect.com/oauth/author... HTTP 302
https://core.mars-era.cn/panel/login?redirect_uri=https%3A//oauth.mars-connect.com/oauth/authorize%3F... Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://m-mffatr.oasgames.com/
HTTP 302
https://m-mffatr.oasgames.com/auth/check?state=http%3A//m-mffatr.oasgames.com/ HTTP 302
https://oauth.mars-connect.com/oauth/authorize?response_type=code&client_id=23&state=http://m-mffatr.oasgames.com/ HTTP 302
https://core.mars-era.cn/panel/login/check?redirect_uri=https%3A//oauth.mars-connect.com/oauth/authorize%3Fclient_id%3D23%26response_type%3Dcode%26state%3Dhttp%253A%252F%252Fm-mffatr.oasgames.com%252F HTTP 302
https://core.mars-era.cn/panel/login?redirect_uri=https%3A//oauth.mars-connect.com/oauth/authorize%3Fclient_id%3D23%26response_type%3Dcode%26state%3Dhttp%253A%252F%252Fm-mffatr.oasgames.com%252F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
core.mars-era.cn/panel/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
core.mars-era.cn/static/dist/css/ |
408 KB 76 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddLogin.js
g.alicdn.com/dingding/dinglogin/0.0.5/ |
708 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LarkSSOSDKWebQRCode-1.0.1.js
sf3-cn.feishucdn.com/obj/static/lark/passport/qrcode/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.min.js
core.mars-era.cn/static/dist/scripts/ |
2 MB 517 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr
www.feishu.cn/suite/passport/sso/ Frame 0440 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-bg.png
core.mars-era.cn/dist/images/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grenn-bg.png
core.mars-era.cn/dist/images/ |
340 KB 340 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
core.mars-era.cn/dist/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-core.ico
core.mars-era.cn/dist/images/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage function| DDLogin string| open_url string| domain string| dingtalk_enable boolean| is_company string| qr_redirect_uri string| feishu_redirect_uri string| dingtalk_appid string| feishu_appid object| CORE string| client_id string| state string| introduce_url string| qr_url string| feishu_qr_url string| feishu_sdk_qr_url function| QRLogin object| LarkSSOSDKWebQRCode function| setImmediate function| clearImmediate object| __core-js_shared__5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.feishu.cn/ | Name: swp_csrf_token Value: bfbbd02b-23ee-41cc-9bd6-d841886cb6bb |
|
.feishu.cn/ | Name: t_beda37 Value: 8799aac4f29b31d4807b7907d0ebfaf264f63b741636db66256ceafe0fd2914f |
|
.feishu.cn/ | Name: passport_web_did Value: 7381286433769963523 |
|
.feishu.cn/ | Name: QXV0aHpDb250ZXh0 Value: 1262d86bdc6c45d5adf598e28ab2c7a6 |
|
.feishu.cn/ | Name: locale Value: en-US |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
core.mars-era.cn
g.alicdn.com
m-mffatr.oasgames.com
oauth.mars-connect.com
sf3-cn.feishucdn.com
www.feishu.cn
104.126.37.168
163.181.131.222
164.52.0.106
18.66.102.94
2404:2280:1a4:0:3::7ef
47.95.123.0
1ae5eb8f363b65dc8a00ae73d9f41482510eadc06f68e70c8812a4b53ee46839
1d62ac72b5a56e068780c0bc4b4243ae82815197f3964fa496a395fd708468ef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
40d80e988ea040b3b7ded40883a507b671b08bd6fbcaff1051d5319ccb062b3a
699e7955d415228838920297f1514024810404af7119a11b1523807454360fc4
85179a2b32b9b5c4d583a96cfc9f9dd6423ea3fdd721563ef00763a96f1a654a
9a159a9793582754257d955fde5bbfc83e10aba4dff99d98919c5738b36b767f
9ac9d2ba958dfc9daab2190d4d8e2490c3e06196700c15babc05deb5e4eba57b
ecdf3012b09a23746d97b8ea1524e663039e4c4c9b4ff1db93c5d8ac27d592ab