Submitted URL: https://oauth2.e6c.cc/
Effective URL: https://oauth2.e6c.cc/login
Submission: On July 28 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 43.128.48.242, located in Hong Kong, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is oauth2.e6c.cc.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on July 28th 2023. Valid for: a year.
This is the only time oauth2.e6c.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 43.128.48.242 132203 (TENCENT-N...)
1 185.199.110.154 54113 (FASTLY)
6 3
Apex Domain
Subdomains
Transfer
6 e6c.cc
oauth2.e6c.cc
36 KB
1 githubassets.com
github.githubassets.com — Cisco Umbrella Rank: 7991
7 KB
6 2
Domain Requested by
6 oauth2.e6c.cc 1 redirects oauth2.e6c.cc
1 github.githubassets.com oauth2.e6c.cc
6 2

This site contains no links.

Subject Issuer Validity Valid
oauth2.e6c.cc
Encryption Everywhere DV TLS CA - G1
2023-07-28 -
2024-07-27
a year crt.sh
*.githubassets.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-05 -
2023-10-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://oauth2.e6c.cc/login
Frame ID: 826981F89A354DBBA6F6F4AC295E7C92
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

统一认证平台

Page URL History Show full URLs

  1. https://oauth2.e6c.cc/ HTTP 302
    https://oauth2.e6c.cc/login Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

43 kB
Transfer

42 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oauth2.e6c.cc/ HTTP 302
    https://oauth2.e6c.cc/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
oauth2.e6c.cc/
Redirect Chain
  • https://oauth2.e6c.cc/
  • https://oauth2.e6c.cc/login
11 KB
11 KB
Document
General
Full URL
https://oauth2.e6c.cc/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.128.48.242 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
26a78dab9f8efc07f1da9260a064309c46d5090c5280dcc838c4e26b00c805e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Fri, 28 Jul 2023 16:10:35 GMT
Expires
0
Pragma
no-cache
Server
nginx/1.24.0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 28 Jul 2023 16:10:35 GMT
Expires
0
Location
https://oauth2.e6c.cc/login
Pragma
no-cache
Server
nginx/1.24.0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
0
style.css
oauth2.e6c.cc/assets/css/
5 KB
6 KB
Stylesheet
General
Full URL
https://oauth2.e6c.cc/assets/css/style.css
Requested by
Host: oauth2.e6c.cc
URL: https://oauth2.e6c.cc/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.128.48.242 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
a8b6f1b5930d5a84f6ea490f3dba27c4408763e80dd47eb0ab956d60c9fa0314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth2.e6c.cc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jul 2023 16:10:36 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 22 Jul 2023 12:51:48 GMT
Server
nginx/1.24.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5382
X-XSS-Protection
0
Expires
0
logo.png
oauth2.e6c.cc/assets/img/
5 KB
6 KB
Image
General
Full URL
https://oauth2.e6c.cc/assets/img/logo.png
Requested by
Host: oauth2.e6c.cc
URL: https://oauth2.e6c.cc/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.128.48.242 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
620b9fd730fb53038ef2f1a4cd79c6df4b8a8a8e86c2a8bc8621d31563f71081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth2.e6c.cc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jul 2023 16:10:36 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 17 Jun 2023 04:32:40 GMT
Server
nginx/1.24.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5350
X-XSS-Protection
0
Expires
0
GitHub-Mark.png
github.githubassets.com/images/modules/logos_page/
7 KB
7 KB
Image
General
Full URL
https://github.githubassets.com/images/modules/logos_page/GitHub-Mark.png
Requested by
Host: oauth2.e6c.cc
URL: https://oauth2.e6c.cc/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-154.github.com
Software
AmazonS3 /
Resource Hash
6d6ef7bede0416b6ebee2014be5852576dbce89235fe16ea5c44ed01bd522132
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth2.e6c.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-fastly-request-id
0cf56d4e522b33f84004ff82f36dba61a636282c
date
Fri, 28 Jul 2023 16:10:36 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
1541
x-cache
HIT, HIT
content-length
7249
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 05 Dec 2022 12:57:22 GMT
server
AmazonS3
etag
"bb04d77a846e6beca811c4be1d8e3442"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
image/png
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
108993, 2
wechat_login.png
oauth2.e6c.cc/assets/img/
9 KB
10 KB
Image
General
Full URL
https://oauth2.e6c.cc/assets/img/wechat_login.png
Requested by
Host: oauth2.e6c.cc
URL: https://oauth2.e6c.cc/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.128.48.242 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
0c8a3b398945bb745d1aaee9cb16f1c432c256c09b49fb702c1ff6cae716b082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth2.e6c.cc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jul 2023 16:10:36 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sun, 23 Jul 2023 07:45:31 GMT
Server
nginx/1.24.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9394
X-XSS-Protection
0
Expires
0
getCaptcha
oauth2.e6c.cc/
3 KB
3 KB
Fetch
General
Full URL
https://oauth2.e6c.cc/getCaptcha
Requested by
Host: oauth2.e6c.cc
URL: https://oauth2.e6c.cc/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
43.128.48.242 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
7f4e04ad4cf21cd4a2b1660a57b57a6deba734916ab29d560e568667508f1f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oauth2.e6c.cc/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jul 2023 16:10:36 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Server
nginx/1.24.0
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json
X-Frame-Options
DENY
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
X-XSS-Protection
0
Expires
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f96c7d0cfdada4980db35c6973ed739fe7fdd36e5d5231ce3f592a3416702e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showSmsCaptchaPage function| showPasswordPage function| leave function| getVerifyCode function| getSmsCaptcha function| resetBtn function| showError function| closeError

1 Cookies

Domain/Path Name / Value
oauth2.e6c.cc/ Name: JSESSIONID
Value: 1CD52F278656A409F6A108814C81B678

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0