html.ecqun.com Open in urlscan Pro
101.35.76.214  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request openwin.html Show response html.ecqun.com/kf/sdk/	2 KB 1 KB	2614ms 277ms	Document text/html	101.35.76.214 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://html.ecqun.com/kf/sdk/openwin.html?corpid=4214176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 101.35.76.214 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software / qcloudlnmp-2 Resource Hash 5c7a3753cd0b3c27007e9f86f131fa456a540e5093682fd74dfd532043ce9e59 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=300 content-encoding gzip content-type text/html date Sun, 23 Jul 2023 13:55:14 GMT etag W/"64a3fcfd-780" expires Sun, 23 Jul 2023 14:00:14 GMT last-modified Tue, 04 Jul 2023 11:05:33 GMT x-powered-by qcloudlnmp-2 x-request-id a83e00f3ba336e6f860d10d84627a8c0
GET H2	200	pv_jsapi.kf.js Show response 1.staticec.com/my/comm/js/	34 KB 8 KB	4432ms 232ms	Script application/javascript	36.249.92.207 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://1.staticec.com/my/comm/js/pv_jsapi.kf.js Requested by Host: html.ecqun.com URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=4214176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 36.249.92.207 Quanzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software Lego Server / qcloudlnmp-2 Resource Hash aa6810c0467faea5aa5de19b425fb3444fd4048c620380693a3b109029bdaafd Request headers accept-language de-DE,de;q=0.9 Referer https://html.ecqun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sun, 25 Jun 2023 11:03:25 GMT content-encoding gzip x-cache-lookup Cache Hit age 2425291 x-powered-by qcloudlnmp-2 content-length 7405 x-request-id 5d458bbfece17bfeafa9153a08e25d67 last-modified Sun, 25 Jun 2023 10:58:57 GMT server Lego Server etag W/"64981df1-8934" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 x-nws-log-uuid 14897941622751049497 accept-ranges bytes expires Tue, 25 Jul 2023 11:03:25 GMT
GET H2	200	dll.redux_legacy.js Show response 1.staticec.com/common/js/	26 KB 6 KB	4424ms 220ms	Script application/javascript	36.249.92.207 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://1.staticec.com/common/js/dll.redux_legacy.js?b69548f25c8be4dcc0f4 Requested by Host: html.ecqun.com URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=4214176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 36.249.92.207 Quanzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software Lego Server / qcloudlnmp-3 Resource Hash 6190adfad6fe7f75aec4291629211bb638b20cf5d7f7cbc0b440d6a7236436ac Request headers Referer https://html.ecqun.com/ Origin https://html.ecqun.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Fri, 23 Jun 2023 06:18:54 GMT content-encoding br x-cache-lookup Cache Hit age 2184242 x-powered-by qcloudlnmp-3 content-length 5877 x-request-id 85f9f6ec3808051e951907b9fd13343a last-modified Wed, 13 Jan 2021 11:10:51 GMT server Lego Server etag "5ffed53b-6792" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 x-nws-log-uuid 770411732450818159 accept-ranges bytes expires Sun, 23 Jul 2023 06:18:54 GMT
GET H2	200	dll.react_legacy.js Show response 1.staticec.com/common/js/	211 KB 43 KB	4425ms 221ms	Script application/javascript	36.249.92.207 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://1.staticec.com/common/js/dll.react_legacy.js?f799e588df70ac29755b Requested by Host: html.ecqun.com URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=4214176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 36.249.92.207 Quanzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software Lego Server / qcloudlnmp-6 Resource Hash b1d31d66426a15e54d02d16afa7251e103335be0d498de2cc669a462da8b1496 Request headers Referer https://html.ecqun.com/ Origin https://html.ecqun.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 05 Jun 2023 18:21:04 GMT content-encoding gzip x-cache-lookup Cache Hit age 1210720 x-powered-by qcloudlnmp-6 content-length 43957 x-request-id 0d92807c70beddfb7fbae940f4ed10fb last-modified Wed, 13 Jan 2021 11:10:51 GMT server Lego Server etag "5ffed53b-34c75" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 x-nws-log-uuid 1284544280982077601 accept-ranges bytes expires Wed, 05 Jul 2023 18:21:04 GMT
GET H2	200	ec_cs_session.js Show response 1.staticec.com/kf/sdk/js/	874 KB 288 KB	4632ms 428ms	Script application/javascript	36.249.92.207 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://1.staticec.com/kf/sdk/js/ec_cs_session.js?39c7a4101d59a7e7116c Requested by Host: html.ecqun.com URL: https://html.ecqun.com/kf/sdk/openwin.html?corpid=4214176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 36.249.92.207 Quanzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software Lego Server / qcloudlnmp-2 Resource Hash 4c6eb542b377dd31e5d4a709532895deb8b07b2018c47249a42f881048e9ef2b Request headers Referer https://html.ecqun.com/ Origin https://html.ecqun.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Tue, 18 Jul 2023 19:51:49 GMT content-encoding gzip x-cache-lookup Cache Hit age 0 x-powered-by qcloudlnmp-2 content-length 293887 x-request-id 82b57c1825214612ae1c783164dac42c last-modified Tue, 04 Jul 2023 11:05:33 GMT server Lego Server etag "64a3fcfd-da6a0" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=600 x-nws-log-uuid 3684096110258115940 accept-ranges bytes expires Tue, 18 Jul 2023 20:01:49 GMT
GET H2	200	init Show response kf.ecqun.com/index/talk/	98 B 1 KB	1080ms 303ms	Script text/javascript	101.35.76.214 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://kf.ecqun.com/index/talk/init?CorpID=4214176&corpid=4214176&groupid=&deviceType=0&cstype=rand&referUrl=&cskey=&scheme=0&storage=&guid=&origin=1&callback=getJSON_16901205202200_2669115909922868 Requested by Host: 1.staticec.com URL: https://1.staticec.com/kf/sdk/js/ec_cs_session.js?39c7a4101d59a7e7116c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 101.35.76.214 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software / qcloudlnmp-4 Resource Hash dfe81f3f9f217607337e11bd57d6f54b39e338272b1fa25debb7b19634be1a95 Request headers accept-language de-DE,de;q=0.9 Referer https://html.ecqun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers pragma no-cache, no-cache date Sun, 23 Jul 2023 13:55:21 GMT content-encoding gzip x-powered-by qcloudlnmp-4 content-type text/javascript; charset=UTF-8 p3p CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR cache-control no-store, no-cache, must-revalidate, private, must-revalidate x-request-id 613c4f70cdda6411db87f7978b3d45c0 expires Thu, 19 Nov 1981 08:52:00 GMT, -1

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| isMobile number| unescapeResetTimes object| PVAPI function| _unescape function| ECPVsuperCall object| ECBridge number| originWindowHeight function| preventDefault function| redux_legacy_de1f3db62338a4791c43 function| react_legacy_c5c0ff7d16a1dee74b4c function| SparkMD5 object| Base64 function| imgMsgError function| imgMsgLoaded function| audioMetaDataLoaded object| msgCache object| webim function| ajax function| getLocalText string| ec_storage string| ec_cskey string| ec_scheme string| accsid string| ec_source undefined| isPreview object| previewData object| appData function| onImgError object| getJSON_16901205202200_2669115909922868 object| getJSON_16901205202200_17740220882783664 object| badjsLogger object| localKeys object| ec_localkeys number| ec_languageType object| reactCookie object| publicActs

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kf.ecqun.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fbikd7akiu87ni8q9sd6eouev08311qd
			.ecqun.com/	1970-01-20 13:28:41	Name: XSRF-TOKEN Value: eyJpdiI6IkN0YzhpSnE4WWkzaWlFZUUzcWVtRXc9PSIsInZhbHVlIjoiclp0ckgxU3hQOUJucFljOGxBa05nVGRBNHdYMU9SWlp3SzhzOFZxY2lqdTlvMWF5UG81bDVKTUUxZSs1TUpxWnl1TWhXc2RVOFlybFdQQmdnM3o0VGc9PSIsIm1hYyI6IjZiMjAxMGI5M2MxOTNlN2RmNWU0NzQwNmNjNmZhNDBjYWZhMWJhYTMxMDBmNGU4NTJhZWNlNzM0NTRmNGVkYWMifQ%3D%3D
			.ecqun.com/	1970-01-20 13:28:41	Name: ecweb_session Value: eyJpdiI6IkNpRnRuUnpoamxZVTdxUGdkZ1VYM3c9PSIsInZhbHVlIjoiVXl3RjdTY0JvcG9WYjRsUjVYNHZrOXZcL1hEblFPeUI4NGJXeGpGZVVOWG9EbFwvU051NFAxUWxSeXd6Z2pmakZPNUNCdTB5UHVTcTdrN2xMY1UzR25JZz09IiwibWFjIjoiMWE3N2VjZTg2MzZlNjJhOWExNWY4NTQ3Y2E5NGUyYWRmNDk4ZTc3N2M0ZDM5NjRlNzFlZDE2ZjEwNzIwNGMwYiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.staticec.com
html.ecqun.com
kf.ecqun.com
101.35.76.214
36.249.92.207
4c6eb542b377dd31e5d4a709532895deb8b07b2018c47249a42f881048e9ef2b
5c7a3753cd0b3c27007e9f86f131fa456a540e5093682fd74dfd532043ce9e59
6190adfad6fe7f75aec4291629211bb638b20cf5d7f7cbc0b440d6a7236436ac
aa6810c0467faea5aa5de19b425fb3444fd4048c620380693a3b109029bdaafd
b1d31d66426a15e54d02d16afa7251e103335be0d498de2cc669a462da8b1496
dfe81f3f9f217607337e11bd57d6f54b39e338272b1fa25debb7b19634be1a95