open.work.weixin.qq.com

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 43.154.240.235, located in Hong Kong, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is open.work.weixin.qq.com. The Cisco Umbrella rank of the primary domain is 59450.
TLS certificate: Issued by DigiCert Secure Site CN CA G3 on August 8th 2023. Valid for: a year.

This is the only time open.work.weixin.qq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	43.154.240.243 43.154.240.243	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	43.154.240.235 43.154.240.235	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
4	211.93.212.245 211.93.212.245	() ()
1	36.249.64.217 36.249.64.217	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
7	4

1 43.154.240.243 (Hong Kong, Hong Kong) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

service.exmail.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.154.240.235 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

open.work.weixin.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 211.93.212.245 (None, )

ASN- ()

wwcdn.weixin.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 36.249.64.217 (Quanzhou, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

imgcache.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	qq.com 1 redirects service.exmail.qq.com open.work.weixin.qq.com — Cisco Umbrella Rank: 59450 wwcdn.weixin.qq.com imgcache.qq.com — Cisco Umbrella Rank: 35797	174 KB
0	cdn-go.cn Failed tam.cdn-go.cn Failed
7	2

	Domain	Requested by
4	wwcdn.weixin.qq.com	open.work.weixin.qq.com
1	imgcache.qq.com	open.work.weixin.qq.com
1	open.work.weixin.qq.com
1	service.exmail.qq.com	1 redirects
0	tam.cdn-go.cn Failed	open.work.weixin.qq.com
7	5

This site contains no links.

Subject Issuer	Validity	Valid
work.weixin.qq.com DigiCert Secure Site CN CA G3	`2023-08-08` - `2024-08-07`	a year	crt.sh
weixin.qq.com DigiCert Secure Site CN CA G3	`2022-09-09` - `2023-10-10`	a year	crt.sh
imgcache.qq.com DigiCert Secure Site CN CA G3	`2023-01-31` - `2024-03-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Frame ID: D99ECC9D3FF5B82E4C53D464777EBF2E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://service.exmail.qq.com/cgi-bin/help HTTP 301
https://open.work.weixin.qq.com/help2/pc/14554?person_id=1 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

4
IPs

2
Countries

174 kB
Transfer

701 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://service.exmail.qq.com/cgi-bin/help HTTP 301
https://open.work.weixin.qq.com/help2/pc/14554?person_id=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 14554 Show response
open.work.weixin.qq.com/help2/pc/
Redirect Chain

http://service.exmail.qq.com/cgi-bin/help
https://open.work.weixin.qq.com/help2/pc/14554?person_id=1

183 KB
28 KB

2947ms
514ms

Document
text/html

43.154.240.235
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL

https://open.work.weixin.qq.com/help2/pc/14554?person_id=1

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

43.154.240.235 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),

Reverse DNS

Software

Wwebsvr /

Resource Hash

f0f347a8b5a06c54634105d9316343dff54c2e0dd5663499ecf0bc9fcfe5ac53

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' tam.cdn-go.cn cdn-go.cn hm.baidu.com .google-analytics.com https://apis.google.com .gtimg.com .gtimg.cn .qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: script-src 'self' tam.cdn-go.cn cdn-go.cn hm.baidu.com *.google-analytics.com https://apis.google.com *.gtimg.com *.gtimg.cn *.qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 14:08:33 GMT
etag: W/"2dd54-w2GJbs7q4C9uChcu6gfe2FhiEGU"
origin-agent-cluster: ?0
server: Wwebsvr
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 11 Sep 2023 14:08:30 GMT
Location: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Server: nginx

GET
H2 200 editormd$539a2076.css
wwcdn.weixin.qq.com/node/wwopen/wwopenmng/js/3rd/editormd/css/ 62 KB
15 KB 34498ms
537ms Stylesheet
text/css 211.93.212.245

General

Check archive.org

Show headers Download Go to

Full URL: https://wwcdn.weixin.qq.com/node/wwopen/wwopenmng/js/3rd/editormd/css/editormd$539a2076.css
Requested by: Host: open.work.weixin.qq.com
URL: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.93.212.245 -, , ASN (),
Reverse DNS
Software: nws_static_mid /
Resource Hash: bc8133ee21a7a73d863a81a48c8c91d7061941fc25de0e2fc1ff16886a1299b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.work.weixin.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 10:01:49 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
age: 12110837
x-verify-code: ed37798f33e769e2801da6ae9b929e28
content-length: 14775
last-modified: Thu, 17 Feb 2022 11:46:20 GMT
server: nws_static_mid
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 1573879852978760159
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2033 10:01:49 GMT

GET
H2 200 TcPlayer-2.3.2.js Show response
imgcache.qq.com/open/qcloud/video/vcplayer/ 96 KB
30 KB 2888ms
292ms Script
application/x-javascript 36.249.64.217
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://imgcache.qq.com/open/qcloud/video/vcplayer/TcPlayer-2.3.2.js
Requested by: Host: open.work.weixin.qq.com
URL: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 36.249.64.217 Quanzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 825e2751fa36e2fec4d89b63c72dcdd477bc85b39c77a1ba60c486892a1acf78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://open.work.weixin.qq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-datasrc: 9
date: Mon, 11 Sep 2023 14:08:36 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
age: 455
content-length: 29915
x-reqgue: 0
last-modified: Sun, 13 Nov 2022 23:39:54 GMT
server: Lego Server
vary: Origin
content-type: application/x-javascript
access-control-allow-origin: https://open.work.weixin.qq.com
access-control-expose-headers: Content-Length,Content-Type,server_ip,x-nws-log-uuid
cache-control: max-age=600
access-control-allow-credentials: true
x-nws-log-uuid: 6874980046873877285
accept-ranges: bytes
timing-allow-origin: https://open.work.weixin.qq.com

GET
H2 200 global$0d2fd18a.js
wwcdn.weixin.qq.com/node/wwopen/wwopenmng/js/var/ 57 KB
0 34537ms
858ms Script
application/javascript 211.93.212.245

General

Check archive.org

Show headers Download Go to

Full URL: https://wwcdn.weixin.qq.com/node/wwopen/wwopenmng/js/var/global$0d2fd18a.js
Requested by: Host: open.work.weixin.qq.com
URL: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.93.212.245 -, , ASN (),
Reverse DNS
Software: nws_static_mid /
Resource Hash

Request headers

Referer: https://open.work.weixin.qq.com/
Origin: https://open.work.weixin.qq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 13:46:29 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
age: 1358
x-verify-code: ef6718c408298c482adbfa9f0c3026fd
content-length: 342025
last-modified: Mon, 11 Sep 2023 09:23:51 GMT
server: nws_static_mid
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 13893155329438711988
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2033 13:46:29 GMT

GET
H2 200 _$$_bundle$da345a81.js,vue$927909f1.js Show response
wwcdn.weixin.qq.com/node/wwopen/wwopenmng/js/3rd/sentry/ 64 KB
20 KB 34221ms
542ms Script
application/x-javascript 211.93.212.245

General

Check archive.org

Show headers Download Go to

Full URL: https://wwcdn.weixin.qq.com/node/wwopen/wwopenmng/js/3rd/sentry/_$$_bundle$da345a81.js,vue$927909f1.js
Requested by: Host: open.work.weixin.qq.com
URL: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.93.212.245 -, , ASN (),
Reverse DNS
Software: nws_static_mid /
Resource Hash: d1d01c565b82b39c0bfecd7353e70e6377f05ffad6fbe7e9de9b47fb137cdff3

Request headers

Referer: https://open.work.weixin.qq.com/
Origin: https://open.work.weixin.qq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 09:33:51 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
age: 8397316
x-verify-code: 590de29ded0a1e29e877728a32e776fc
content-length: 19983
last-modified: Wed, 30 Dec 2020 09:22:49 GMT
server: nws_static_mid
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 3989444907324211704
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jun 2033 09:33:51 GMT

GET aegis.min.js
tam.cdn-go.cn/aegis-sdk/1.39.10/ 0
0

GET
H2 200 seajs.config$fa0097c7.js Show response
wwcdn.weixin.qq.com/node/wwopen/wwopenmng/_$$_js/3rd/babel-polyfill$fe30eb34.js,js/modules/jquery/jquery/1.11.3/jquery.min$8bd37c69.js,comm/3rd/mail.seajs/sea$5219cd6b.js,js/developer/raw/ 239 KB
81 KB 34225ms
546ms Script
application/x-javascript 211.93.212.245

General

Check archive.org

Show headers Download Go to

Full URL: https://wwcdn.weixin.qq.com/node/wwopen/wwopenmng/_$$_js/3rd/babel-polyfill$fe30eb34.js,js/modules/jquery/jquery/1.11.3/jquery.min$8bd37c69.js,comm/3rd/mail.seajs/sea$5219cd6b.js,js/developer/raw/seajs.config$fa0097c7.js
Requested by: Host: open.work.weixin.qq.com
URL: https://open.work.weixin.qq.com/help2/pc/14554?person_id=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.93.212.245 -, , ASN (),
Reverse DNS
Software: nws_static_mid /
Resource Hash: 1c0e0004c8f0b209fe431b9e24a0fd508e9b3e94cd86162775026b26e611a988

Request headers

Referer: https://open.work.weixin.qq.com/
Origin: https://open.work.weixin.qq.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 08:24:41 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
age: 3476665
x-verify-code: 1d70b341980d36a75347e11193aa11e2
content-length: 83027
last-modified: Fri, 07 Jul 2023 11:28:25 GMT
server: nws_static_mid
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 14722397874236754316
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jul 2033 08:24:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tam.cdn-go.cn
URL: https://tam.cdn-go.cn/aegis-sdk/1.39.10/aegis.min.js?max_age=3600

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __wxgspeeds

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.work.weixin.qq.com/	1969-12-31 23:59:59	Name: wwrtx.ref Value: direct
			.work.weixin.qq.com/	1970-01-20 15:23:53	Name: wwrtx.i18n_lan Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' tam.cdn-go.cn cdn-go.cn hm.baidu.com .google-analytics.com https://apis.google.com .gtimg.com .gtimg.cn .qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imgcache.qq.com
open.work.weixin.qq.com
service.exmail.qq.com
tam.cdn-go.cn
wwcdn.weixin.qq.com
tam.cdn-go.cn
211.93.212.245
36.249.64.217
43.154.240.235
43.154.240.243
1c0e0004c8f0b209fe431b9e24a0fd508e9b3e94cd86162775026b26e611a988
825e2751fa36e2fec4d89b63c72dcdd477bc85b39c77a1ba60c486892a1acf78
bc8133ee21a7a73d863a81a48c8c91d7061941fc25de0e2fc1ff16886a1299b9
d1d01c565b82b39c0bfecd7353e70e6377f05ffad6fbe7e9de9b47fb137cdff3
f0f347a8b5a06c54634105d9316343dff54c2e0dd5663499ecf0bc9fcfe5ac53

open.work.weixin.qq.com Open in urlscan Pro 43.154.240.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

4 IPs

2 Countries

174 kBTransfer

701 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

open.work.weixin.qq.com Open in urlscan Pro
43.154.240.235 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

4
IPs

2
Countries

174 kB
Transfer

701 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions