id.turingstar.com.cn
Open in
urlscan Pro
163.181.130.169
Public Scan
Effective URL: https://id.turingstar.com.cn/login?client_id=discoursech&redirect_uri=https%3A%2F%2Fdiscourse.xinyoudui.com%2Fauth%2Foauth2_b...
Submission Tags: phishingrod
Submission: On May 17 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on June 5th 2023. Valid for: a year.
This is the only time id.turingstar.com.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 47.96.170.176 47.96.170.176 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
14 | 163.181.130.169 163.181.130.169 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 163.181.130.170 163.181.130.170 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 163.181.130.167 163.181.130.167 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
18 | 4 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
discourse.xinyoudui.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
id.turingstar.com.cn |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static.production.xjoi.net |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
id-api.turingstar.com.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
turingstar.com.cn
id.turingstar.com.cn id-api.turingstar.com.cn |
4 MB |
2 |
xjoi.net
static.production.xjoi.net |
28 KB |
2 |
xinyoudui.com
2 redirects
discourse.xinyoudui.com |
2 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
921 B |
18 | 4 |
Domain | Requested by | |
---|---|---|
14 | id.turingstar.com.cn |
id.turingstar.com.cn
|
2 | static.production.xjoi.net | |
2 | discourse.xinyoudui.com | 2 redirects |
1 | id-api.turingstar.com.cn |
id.turingstar.com.cn
|
1 | fonts.googleapis.com |
id.turingstar.com.cn
|
18 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
x-camp.academy |
beian.miit.gov.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
id.turingstar.com.cn Encryption Everywhere DV TLS CA - G1 |
2023-06-05 - 2024-06-05 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
static.production.xjoi.net Encryption Everywhere DV TLS CA - G2 |
2024-05-05 - 2025-05-04 |
a year | crt.sh |
id-api.turingstar.com.cn Encryption Everywhere DV TLS CA - G1 |
2023-06-05 - 2024-06-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://id.turingstar.com.cn/login?client_id=discoursech&redirect_uri=https%3A%2F%2Fdiscourse.xinyoudui.com%2Fauth%2Foauth2_basic%2Fcallback&response_type=code&state=d940bcc13cfd2190a6ccaf5370be9802bb4030af7743f033
Frame ID: 0ECA8B73193860A2007B00BAA168224C
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Login - Identity ServicePage URL History Show full URLs
-
https://discourse.xinyoudui.com/
HTTP 302
https://discourse.xinyoudui.com/auth/oauth2_basic HTTP 302
https://id.turingstar.com.cn/login?client_id=discoursech&redirect_uri=https%3A%2F%2Fdiscourse.xinyoudui.c... Page URL
Detected technologies
Ant Design (JavaScript Frameworks) ExpandDetected patterns
- <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
React (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+data-react
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: About Us
Search URL Search Domain Scan URL
Title: Zhejiang ICP Record Number 2020039208-3
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://discourse.xinyoudui.com/
HTTP 302
https://discourse.xinyoudui.com/auth/oauth2_basic HTTP 302
https://id.turingstar.com.cn/login?client_id=discoursech&redirect_uri=https%3A%2F%2Fdiscourse.xinyoudui.com%2Fauth%2Foauth2_basic%2Fcallback&response_type=code&state=d940bcc13cfd2190a6ccaf5370be9802bb4030af7743f033 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
id.turingstar.com.cn/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webUpdateNoticeInjectStyle.efdbdf2b.css
id.turingstar.com.cn/pluginWebUpdateNotice/ |
1016 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webUpdateNoticeInjectScript.global.7e9d8536.js
id.turingstar.com.cn/pluginWebUpdateNotice/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.37b8f5a9.js
id.turingstar.com.cn/assets/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.760ba681.css
id.turingstar.com.cn/assets/ |
584 KB 585 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web_version_by_plugin.json
id.turingstar.com.cn/pluginWebUpdateNotice/ |
26 B 156 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.bc45e379.js
id.turingstar.com.cn/assets/ |
244 KB 244 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 921 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xyd_icon.fece286c.png
id.turingstar.com.cn/assets/ |
33 KB 34 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emoticon-1.gif
static.production.xjoi.net/images/ |
27 KB 28 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get
id-api.turingstar.com.cn/user/ |
40 B 470 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.553bea62.js
id.turingstar.com.cn/assets/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.b700b8d1.css
id.turingstar.com.cn/assets/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Layout.787df098.js
id.turingstar.com.cn/assets/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Layout.69788249.css
id.turingstar.com.cn/assets/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-camp.c70559d9.js
id.turingstar.com.cn/assets/ |
80 B 198 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emoticon-1.gif
static.production.xjoi.net/images/ |
27 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-camp.91bd5ed7.png
id.turingstar.com.cn/assets/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| pluginWebUpdateNotice_ function| __checkUpdateSetup__ string| pluginWebUpdateNotice_version string| qiankunName object| id-web-app object| regeneratorRuntime2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
discourse.xinyoudui.com/ | Name: destination_url Value: https%3A%2F%2Fdiscourse.xinyoudui.com%2F |
|
discourse.xinyoudui.com/ | Name: _forum_session Value: %2F5GkwSKcSDfWAhrv4cN1kuzXWDoUzXjuP32K0rLzY6CCpW71eIWHgksZo51i8iYRgpKue9uWU0rjlYs1xki1WF3bwTh97yxTVJJHPr9nvlvjQcJdqQ692bG0azhp5FcsxE38Dk6jln1GK599z9F3v3yqMj%2FqQP13%2BPayhTvJf3Z6fVztSCQeTZhzm2uaPkn9AIlj5hDviLxlbDGHhlZSavVFrnypI310sFA8nARah%2FjP6X4i5S6LsSJkePt1bp9HsUCC6xSBOE1lcTOqF1qlsPKPIu1jMl4cRHper7ZbViMVzOT%2BSNmyaMaBSvuGl3ehiM3hYTkoOz%2BMVC7a2E2EqmzxWetIOPUi2d6GhFvVyftpS2caDZ46d4Fe--jkZKFWiYxSJF5NnR--j%2FxojROB9n7Z%2BJBC0IXAPQ%3D%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
discourse.xinyoudui.com
fonts.googleapis.com
id-api.turingstar.com.cn
id.turingstar.com.cn
static.production.xjoi.net
163.181.130.167
163.181.130.169
163.181.130.170
2a00:1450:4001:802::200a
47.96.170.176
046fd6e54f663e20e07f000cafb21b1062e5a43a796c6dbca920a54713dab7eb
147b144689968e872520217065fc3cc28159cbfa358c5598a11c0115a21f0e61
15ceb6175afc5592068433973649a63a44eb57875201b3f1b7b3746ee1ab547e
23c499cac23bd2973d58747be6f9c7dbbd4ebdc23b28da5c02513ceec5098888
32074e639fe1d203652589a64fe3f30f62493a4d48f8ff97944a826a5dcb6d46
404b9609364013ae01b6a47422621e7fabf8f60c2bdc24554458af3ec8fc1957
557a81553a5a89a477e8e46f9e561cbbb2ce94ae2d12404639c791d7a0efcac8
57dc7307e8799e4caa0fbb6123afe1ee95527d23104a2a0676f6055aeed19c0d
91bd5ed7606c6fb76f41cc70fc611a35ffa7800a20994ce713deda8a0eb52fef
9ad42a1c751e878f071c9241c47e7614d671bb3f0e4b79f668722cb132bd9a3b
b7a2cad658ed53d4f419ae97912e83db5eadb08e1ba4382047db010ffe32077e
bcac9449e5e4f5ec4d5612ea4445c92e5d63ffdda3e892c9a128f0a6a79d9a1c
dda40c7902ac4b0089aa037ac3d5b67b66c5df3bf7eab42ead579cb0f4c778d8
dfd5e62ea9092ccd4c1c9c2559067043694adb967741e1e4462c3935b2c090ed
e5e8e243c6bab9f3270dba72adb80397702cad05575a61cecbbe72312daff7f7
f35b301bd436e8efdf59eeff4a5020726a0bd1774c2391d5169e1ef7412b3611
fece286ccc50fa3b2e54c5d6b790a980bf81eef32a3fc99de113768b8add8509