webvpn.yxnu.net
Open in
urlscan Pro
61.166.32.248
Public Scan
Effective URL: https://webvpn.yxnu.net/login
Submission: On October 29 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 29th 2020. Valid for: 3 months.
This is the only time webvpn.yxnu.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 61.166.32.248 61.166.32.248 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
1 | 203.205.137.113 203.205.137.113 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
13 | 2 |
ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
webvpn.yxnu.net |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
rescdn.qqmail.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
yxnu.net
1 redirects
webvpn.yxnu.net |
437 KB |
1 |
qqmail.com
rescdn.qqmail.com |
773 B |
13 | 2 |
Domain | Requested by | |
---|---|---|
13 | webvpn.yxnu.net |
1 redirects
webvpn.yxnu.net
|
1 | rescdn.qqmail.com |
webvpn.yxnu.net
|
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webvpn.yxnu.net Let's Encrypt Authority X3 |
2020-10-29 - 2021-01-27 |
3 months | crt.sh |
*.weixin.qq.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-03-10 - 2021-03-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://webvpn.yxnu.net/login
Frame ID: 09D20BDFA41D98AC36997BCF93CBEC1D
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://webvpn.yxnu.net/
HTTP 302
https://webvpn.yxnu.net/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://webvpn.yxnu.net/
HTTP 302
https://webvpn.yxnu.net/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
webvpn.yxnu.net/ Redirect Chain
|
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
webvpn.yxnu.net/wengine-vpn/js/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
webvpn.yxnu.net/wengine-vpn/js/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layui.css
webvpn.yxnu.net/wengine-vpn/js/layui/css/ |
71 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
webvpn.yxnu.net/wengine-vpn/js/image/ |
197 KB 197 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cas.png
webvpn.yxnu.net/wengine-vpn/js/image/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
question-mark.png
webvpn.yxnu.net/wengine-vpn/js/image/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wx.png
webvpn.yxnu.net/wengine-vpn/js/image/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
webvpn.yxnu.net/wengine-vpn/js/js/ |
94 KB 94 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
webvpn.yxnu.net/wengine-vpn/js/layer-v3.1.1/ |
22 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layui.js
webvpn.yxnu.net/wengine-vpn/js/layui/ |
7 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wwLogin-1.0.0.js
rescdn.qqmail.com/node/ww/wwopenmng/js/sso/ |
728 B 773 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.css
webvpn.yxnu.net/wengine-vpn/js/layer-v3.1.1/theme/default/ |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| layer object| layui function| WwLogin string| token string| logoutByOther string| userName string| logoutOtherToken undefined| sec number| intervalId function| getWidth function| getHeight function| browserCheck boolean| isMobile boolean| check1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
webvpn.yxnu.net/ | Name: wengine_vpn_ticket Value: 64b67717f5749085 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rescdn.qqmail.com
webvpn.yxnu.net
203.205.137.113
61.166.32.248
1542a611bf12307cf5cd877df1d8742680cf55f7b0501e1fe00dd8f8fe5eaab3
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
2f38fe4c05e08ba4dbd4c82d16df74c1353f3bccca6015861e38e05b90b28e56
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
580c275a494eddc0f30864c8edcf1db0e7865b9d876b5fdcd7f1423d090651c5
6dca8719b4088a7a94bebc98d72ae7beb4448bddfcf1168700d02917a2ae3f61
9a6b36b648cf9b40a1951c246336f159f26374f354cc32aafd9946c72c4be86e
a1f15b7cf909062d12d4cfbab46737f2f983e3bb72061fbbfdec0778ef0ed031
bd117a8f2dc7b4defc09dceb081512eb5682470b26fd4af74f442d5d77c94fcb
dfed4de324852dfeff6f0d597eb00371d653ca2f33cbc942a53ea897f0bc1abd
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc