urlscan.io logo urlscan.io
SecurityTrails logo

sso.mtianshitong.com Open in urlscan Pro
60.205.173.7  Public Scan

Go To Rescan Add Verdict Report
URL: https://sso.mtianshitong.com/
Submission: On August 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 60.205.173.7, located in Beijing, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is sso.mtianshitong.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on May 24th 2024. Valid for: 3 months.
This is the only time sso.mtianshitong.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 60.205.173.7 37963 (ALIBABA-C...)
1 43.152.29.38 139341 (ACE-AS-AP...)
9 2
Apex Domain
Subdomains		 Transfer
6 tjqzqkj.com
h5.pay.tjqzqkj.com
sso.tjqzqkj.com
175 KB
2 mtianshitong.com
sso.mtianshitong.com
20 KB
1 sohu.com
pv.sohu.com — Cisco Umbrella Rank: 23859
309 B
9 3
Domain Requested by
5 h5.pay.tjqzqkj.com sso.mtianshitong.com
h5.pay.tjqzqkj.com
2 sso.mtianshitong.com
1 pv.sohu.com h5.pay.tjqzqkj.com
1 sso.tjqzqkj.com sso.mtianshitong.com
9 4

This site contains no links.

Subject Issuer Validity Valid
sso.mtianshitong.com
Encryption Everywhere DV TLS CA - G2		 2024-05-24 -
2024-08-22		 3 months crt.sh
h5.pay.tjqzqkj.com
TrustAsia RSA DV TLS CA G3		 2024-06-06 -
2025-06-06		 a year crt.sh
sso.tjqzqkj.com
TrustAsia RSA DV TLS CA G3		 2024-06-06 -
2025-06-06		 a year crt.sh
*.sohu.com
DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1		 2024-07-26 -
2025-08-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sso.mtianshitong.com/
Frame ID: 16FC6239F853D13D77BB66BAF1E1620F
Requests: 8 HTTP requests in this frame

Frame: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/html/main.html?1=1&esSdkUrl=https%3A%2F%2Fh5.pay.tjqzqkj.com%2Fstatic%2Fsdk%2F2.0.0%2Fjs%2Fes_sdk2_union.min.js&appUri=https%3A%2F%2Fsso.mtianshitong.com
Frame ID: 38DA3DFE44346E3572DFDA4EA596973A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

宜搜用户中心

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

195 kB
Transfer

560 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sso.mtianshitong.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.mtianshitong.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
8dc7803a2798569d666dedfa214d8f4d6db4180be70c3bfc6d85958a69d3fd12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type,*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 19 Aug 2024 07:57:16 GMT
Transfer-Encoding
chunked
vary
accept-encoding
es_sdk2_shell_union.min.js
h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/ 		318 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Requested by
Host: sso.mtianshitong.com
URL: https://sso.mtianshitong.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
beb19e123f47ff471f7945662d40dc406cfa6fd8e4ddbc2dda17ab64b3c4709c

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 07:49:20 GMT
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=600, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,*
index.min.js
sso.tjqzqkj.com/static/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.tjqzqkj.com/static/js/index.min.js
Requested by
Host: sso.mtianshitong.com
URL: https://sso.mtianshitong.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
3b8d2bcd6505489b0ac45adb1278ae55c6b0fb9dc3a8d6a98bf6cac3e04dc136

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 06:38:30 GMT
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=600, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,*
cityjson
pv.sohu.com/ 		72 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.sohu.com/cityjson?ie=utf-8
Requested by
Host: h5.pay.tjqzqkj.com
URL: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.29.38 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
OverSea_E0 /
Resource Hash
f5d09365810dd11ef1204b35bfede3158a07d5592a9c9cfa449dd534f9964aa9

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:20 GMT
X-Cache-Lookup
Return Directly
Server
OverSea_E0
Connection
keep-alive
X-NWS-LOG-UUID
13060559525269191767
Content-Length
72
Content-Type
application/json;charset=utf-8
jquery-1.7.2.min.js
h5.pay.tjqzqkj.com/static/sdk/common/js/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.pay.tjqzqkj.com/static/sdk/common/js/jquery-1.7.2.min.js
Requested by
Host: h5.pay.tjqzqkj.com
URL: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 07:49:20 GMT
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=600, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,*
main.css
h5.pay.tjqzqkj.com/static/sdk/2.0.0/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/css/main.css
Requested by
Host: h5.pay.tjqzqkj.com
URL: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
c7c0bedf1b2f8a93d52cf05f86fa830be939a0fbe178a082fe04e48c36ca2f1a

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 07:49:20 GMT
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=600, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,*
tdrag.js
h5.pay.tjqzqkj.com/static/sdk/common/js/ 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.pay.tjqzqkj.com/static/sdk/common/js/tdrag.js
Requested by
Host: h5.pay.tjqzqkj.com
URL: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
25a7ba74aa96636b3567a4c5e10d6d15f3cad702d5fc9ba04371d3b9b23ef900

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 07:49:20 GMT
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=600, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,*
main.html
h5.pay.tjqzqkj.com/static/sdk/2.0.0/html/ Frame 38DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/html/main.html?1=1&esSdkUrl=https%3A%2F%2Fh5.pay.tjqzqkj.com%2Fstatic%2Fsdk%2F2.0.0%2Fjs%2Fes_sdk2_union.min.js&appUri=https%3A%2F%2Fsso.mtianshitong.com
Requested by
Host: h5.pay.tjqzqkj.com
URL: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sso.mtianshitong.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type,*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
max-age=600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Aug 2024 07:57:20 GMT
Last-Modified
Tue, 30 Jan 2024 07:49:20 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
favicon.ico
sso.mtianshitong.com/ 		18 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sso.mtianshitong.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.173.7 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
8f814288743763d30e712400d70fd0a0a71164ef154af131d7a48c4829a7566a

Request headers

Referer
https://sso.mtianshitong.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 07:57:23 GMT
Last-Modified
Tue, 30 Jan 2024 06:38:40 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,*
Content-Length
18817

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| a0_0x169f function| a0_0x12e5 function| _0x259daa function| _0x3b76e9 object| JsUtil function| MD5 object| PayHandle object| SdkapiHandle object| EsSdkShell string| encode_version string| xzezq object| __0x994e5 function| _0x2f6e function| isPc function| isIPhone function| isAndroid function| initSdk function| $ function| jQuery object| returnCitySN string| facgw object| __0x64088 function| _0x4e89

2 Cookies

Domain/Path Name / Value
sso.mtianshitong.com/ Name: acw_tc
Value: 2760820117240542361361939e2d319f4b86d2672b8e5a3cc23c57cebfc1e7
sso.mtianshitong.com/ Name: JSESSIONID
Value: C78E8F7510D1FCEEBB4E9E284A6E1A82

1 Console Messages

Source Level URL
Text
security error URL: https://h5.pay.tjqzqkj.com/static/sdk/2.0.0/js/es_sdk2_shell_union.min.js
Message:
Mixed Content: The page at 'https://sso.mtianshitong.com/' was loaded over HTTPS, but requested an insecure frame 'http://sso.mtianshitong.com/123'. This request has been blocked; the content must be served over HTTPS.