oauth.51yunzhimei.com Open in urlscan Pro
119.3.197.4  Malicious Activity! Public Scan

URL: https://oauth.51yunzhimei.com/
Submission: On October 08 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 119.3.197.4, located in China and belongs to HWCSNET Huawei Cloud Service data center, CN. The main domain is oauth.51yunzhimei.com.
TLS certificate: Issued by R11 on October 7th 2024. Valid for: 3 months.
This is the only time oauth.51yunzhimei.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
14 119.3.197.4 55990 (HWCSNET H...)
17 2
Apex Domain
Subdomains
Transfer
14 51yunzhimei.com
oauth.51yunzhimei.com
949 KB
17 1
Domain Requested by
14 oauth.51yunzhimei.com oauth.51yunzhimei.com
17 1

This site contains no links.

Subject Issuer Validity Valid
oauth.51yunzhimei.com
R11
2024-10-07 -
2025-01-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://oauth.51yunzhimei.com/
Frame ID: 9C4AD40A761F933059E321F6C5A78AED
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

云知美授权平台

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

949 kB
Transfer

2794 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
oauth.51yunzhimei.com/
361 B
514 B
Document
General
Full URL
https://oauth.51yunzhimei.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
ba845b2871ed84bf785a853b971aa37d1a0fe16b720069123e694afd78baa36e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
361
content-type
text/html
date
Tue, 08 Oct 2024 00:41:34 GMT
etag
"62de0068-169"
last-modified
Mon, 25 Jul 2022 02:31:04 GMT
server
nginx
strict-transport-security
max-age=31536000
index.js
oauth.51yunzhimei.com/config/
3 KB
1 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
310861c867db2c5c52cdd35b032224991422d394adf41fdbcb6f7ce25eb3593d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de0068-ba6"
date
Tue, 08 Oct 2024 00:41:34 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:04 GMT
server
nginx
vary
Accept-Encoding
app.css
oauth.51yunzhimei.com/202207121030/static/css/
222 KB
45 KB
Stylesheet
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/css/app.css
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
0bbc38f524beaff852539adacb826d55650127d9adf9410a67e340c2bcd3724c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de00af-3786e"
date
Tue, 08 Oct 2024 00:41:34 GMT
content-type
text/css
last-modified
Mon, 25 Jul 2022 02:32:15 GMT
server
nginx
vary
Accept-Encoding
echarts.common.min.js
oauth.51yunzhimei.com/202207121030/static/plugins/echarts-3.8.5/
392 KB
151 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/plugins/echarts-3.8.5/echarts.common.min.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
cd3b9b0c431f47bd298a313c7aa3b97d1f8268e3ddfceed32935c3d378956060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de00af-61e00"
date
Tue, 08 Oct 2024 00:41:34 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:32:15 GMT
server
nginx
vary
Accept-Encoding
ueditor.config.js
oauth.51yunzhimei.com/202207121030/static/plugins/ueditor-1.4.3.3/
22 KB
9 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/plugins/ueditor-1.4.3.3/ueditor.config.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
c7a6cb2889104960598e1346a20301ace99986325f47e77059c71757ebe66dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de0098-597a"
date
Tue, 08 Oct 2024 00:41:35 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:52 GMT
server
nginx
vary
Accept-Encoding
ueditor.all.min.js
oauth.51yunzhimei.com/202207121030/static/plugins/ueditor-1.4.3.3/
374 KB
118 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/plugins/ueditor-1.4.3.3/ueditor.all.min.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
350e7ae962612e5bd9628b40270485d3bc305c23e5d5719418cce3fbf51deac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de0098-5d872"
date
Tue, 08 Oct 2024 00:41:35 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:52 GMT
server
nginx
vary
Accept-Encoding
zh-cn.js
oauth.51yunzhimei.com/202207121030/static/plugins/ueditor-1.4.3.3/lang/zh-cn/
29 KB
10 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/plugins/ueditor-1.4.3.3/lang/zh-cn/zh-cn.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
e927f62418a08af0f41d7025065ae48d03e7e665d53587163bc1c4abd935781f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de00af-72a7"
date
Tue, 08 Oct 2024 00:41:36 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:32:15 GMT
server
nginx
vary
Accept-Encoding
manifest.js
oauth.51yunzhimei.com/202207121030/static/js/
1 KB
953 B
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/js/manifest.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
ffeabc8afe2141b2816f331fdaed7018e9a055501e3093803e910ac3ab75bfe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de0090-575"
date
Tue, 08 Oct 2024 00:41:36 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:44 GMT
server
nginx
vary
Accept-Encoding
vendor.js
oauth.51yunzhimei.com/202207121030/static/js/
1 MB
496 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/js/vendor.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
451fdd03082ebc5f1c08c20fbed5d8476dd4782f5b97248394a15e24279a60f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de0094-172ea2"
date
Tue, 08 Oct 2024 00:41:36 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:48 GMT
server
nginx
vary
Accept-Encoding
app.js
oauth.51yunzhimei.com/202207121030/static/js/
129 KB
48 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/js/app.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/config/index.js?t=1728348094196
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
f95d79d878fa06da62bf848087894ee7e1e5d8eb1dbaa8fbe444dba7d8f22566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de0098-204ca"
date
Tue, 08 Oct 2024 00:41:37 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:52 GMT
server
nginx
vary
Accept-Encoding
nav
oauth.51yunzhimei.com/v1/api/sys/menu/
50 B
166 B
XHR
General
Full URL
https://oauth.51yunzhimei.com/v1/api/sys/menu/nav?t=1728348097333
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/202207121030/static/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
b893f2db392a9dd5fa12950902d119448ed76edf0ec0d2723b637bbabb296fcf

Request headers

Referer
https://oauth.51yunzhimei.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
token
null

Response headers

x-cache
MISS
content-length
50
date
Tue, 08 Oct 2024 00:41:37 GMT
content-type
application/json;charset=utf-8
server
nginx
access-control-allow-credentials
true
favicon.ico
oauth.51yunzhimei.com/202207121030/static/img/
66 KB
66 KB
Other
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
a11446f076ac3450f47c2f33d0fdf705a34c14f6c1ceb9a921ca7d3cdb1fe383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
etag
"62de008d-1083e"
accept-ranges
bytes
content-length
67646
date
Tue, 08 Oct 2024 00:41:37 GMT
content-type
image/x-icon
last-modified
Mon, 25 Jul 2022 02:31:41 GMT
server
nginx
3.js
oauth.51yunzhimei.com/202207121030/static/js/
5 KB
2 KB
Script
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/js/3.js
Requested by
Host: oauth.51yunzhimei.com
URL: https://oauth.51yunzhimei.com/202207121030/static/js/manifest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
d8c8f1946aa52b41fa4c0fec74bb6093da3e6f640e5961365108d227dd22915a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"62de008e-14b5"
date
Tue, 08 Oct 2024 00:41:37 GMT
content-type
application/javascript
last-modified
Mon, 25 Jul 2022 02:31:42 GMT
server
nginx
vary
Accept-Encoding
bj.2a850a8.jpg
oauth.51yunzhimei.com/202207121030/static/img/
0
0

logo.2b339d3.png
oauth.51yunzhimei.com/202207121030/static/img/
0
0

captcha.jpg
oauth.51yunzhimei.com/v1/api/
0
0

favicon.ico
oauth.51yunzhimei.com/202207121030/static/img/
66 KB
0
Other
General
Full URL
https://oauth.51yunzhimei.com/202207121030/static/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.3.197.4 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-119-3-197-4.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
a11446f076ac3450f47c2f33d0fdf705a34c14f6c1ceb9a921ca7d3cdb1fe383

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://oauth.51yunzhimei.com/

Response headers

accept-ranges
bytes
content-length
67646
date
Tue, 08 Oct 2024 00:41:37 GMT
etag
"62de008d-1083e"
content-type
image/x-icon
last-modified
Mon, 25 Jul 2022 02:31:41 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oauth.51yunzhimei.com
URL
https://oauth.51yunzhimei.com/202207121030/static/img/bj.2a850a8.jpg
Domain
oauth.51yunzhimei.com
URL
https://oauth.51yunzhimei.com/202207121030/static/img/logo.2b339d3.png
Domain
oauth.51yunzhimei.com
URL
https://oauth.51yunzhimei.com/v1/api/captcha.jpg?uuid=fdf0246f-728d-44fb-8c8d-f920bd1da264

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| SITE_CONFIG object| echarts object| UEDITOR_CONFIG object| UE object| baidu object| $EDITORUI function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SVG_SPRITE__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000