t.xmdlplus.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 8.218.155.203, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is t.xmdlplus.com.
TLS certificate: Issued by E5 on June 18th 2024. Valid for: 3 months.

This is the only time t.xmdlplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete MDT865 with protection case.mp4 16 MB

Size: 16 MB (16424424 bytes, 53% done)

Downloaded from: https://v4client.oss-cn-hangzhou.aliyuncs.com/mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4?response-content-disposition=attachment%3B%20filename%3DMDT865%2520with%2520protection%2520case.mp4%3B%20filename%2A%3Dutf-8%27%27MDT865%2520with%2520protection%2520case.mp4&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=LlYpObU57HpV7z4bSg%2BpM2%2BePE8%3D&Expires=1721470865

Domain & IP information

	IP Address	AS Autonomous System
1 2	8.218.155.203 8.218.155.203	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	118.31.232.185 118.31.232.185	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	47.97.233.119 47.97.233.119	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
5	4

2 8.218.155.203 (Hong Kong, Hong Kong) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

t.xmdlplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 118.31.232.185 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.97.233.119 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

v4client.oss-cn-hangzhou.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	aliyuncs.com jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com v4client.oss-cn-hangzhou.aliyuncs.com — Cisco Umbrella Rank: 277195	37 KB
2	xmdlplus.com 1 redirects t.xmdlplus.com	3 KB
5	2

	Domain	Requested by
2	jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com	t.xmdlplus.com
2	t.xmdlplus.com	1 redirects
1	v4client.oss-cn-hangzhou.aliyuncs.com	t.xmdlplus.com
5	3

This site contains no links.

Subject Issuer	Validity	Valid
*.xmdlplus.com E5	`2024-06-18` - `2024-09-16`	3 months	crt.sh
cn-hangzhou.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-19` - `2025-03-22`	a year	crt.sh

This page contains 1 frames:

Frame: https://v4client.oss-cn-hangzhou.aliyuncs.com/mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4?response-content-disposition=attachment%3B%20filename%3DMDT865%2520with%2520protection%2520case.mp4%3B%20filename%2A%3Dutf-8%27%27MDT865%2520with%2520protection%2520case.mp4&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=LlYpObU57HpV7z4bSg%2BpM2%2BePE8%3D&Expires=1721470865
Frame ID: AC9A720750463E46AAF8D37F3EFE34B4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

loading...

Detected technologies

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

38 kB
Transfer

37 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D HTTP 302
https://v4client.oss-cn-hangzhou.aliyuncs.com/mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4?response-content-disposition=attachment%3B%20filename%3DMDT865%2520with%2520protection%2520case.mp4%3B%20filename%2A%3Dutf-8%27%27MDT865%2520with%2520protection%2520case.mp4&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=LlYpObU57HpV7z4bSg%2BpM2%2BePE8%3D&Expires=1721470865

Request Chain 3

https://t.xmdlplus.com/favicon.ico HTTP 0
http://t.xmdlplus.com/404

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request download Show response t.xmdlplus.com/fileRead/	850 B 1 KB	2259ms 481ms	Document text/html	8.218.155.203 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 8.218.155.203 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.24.0 / PHP/8.0.23 Resource Hash `aae2086a7051b2442d29b228135773fce404af5f99d8c0bec18f3c59828cff36` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Thu, 20 Jun 2024 12:26:22 GMT Server nginx/1.24.0 Transfer-Encoding chunked access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Language,xiaoman-os,xiaoman-version,xiaoman-pskey,xiaoman-user-id,xiaoman-client-id,x-xiaoman-platform-type,x-xsrf-token,x-xiaoman-app-version,b3,traceparent,uber-trace-id,x-b3-spanid,x-b3-traceid access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 content-encoding gzip vary Accept-Encoding x-b3-spanid 812309ac7912933c x-b3-traceid 5919560af5b65695812309ac7912933c x-envoy-upstream-service-time 22 x-powered-by PHP/8.0.23 x-xiaoman-client-id 64558 x-xiaoman-client-id-source redis x-xiaoman-service callback-fpm-prod x-xiaoman-service-version prod x-xiaoman-user-id 55505088
GET H/1.1	200 OK	cookie.min.js Show response jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/	2 KB 3 KB	1140ms 248ms	Script text/javascript	118.31.232.185 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/cookie.min.js Requested by Host: t.xmdlplus.com URL: https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 118.31.232.185 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash `c7e90eb3f0fd5d9a3dc217e00b8ee4b2aa9b10af01b18fee4756bdc133511a99` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://t.xmdlplus.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-oss-object-type Normal Date Thu, 20 Jun 2024 12:26:24 GMT x-oss-request-id 66741FF063EA8B3032AB23E4 Last-Modified Wed, 05 Jun 2019 03:07:27 GMT Server AliyunOSS Content-MD5 3QMgKiAeE6UZS0MMMXGxEg== ETag "DD03202A201E13A5194B430C3171B112" Content-Type text/javascript x-oss-storage-class Standard Connection keep-alive Accept-Ranges bytes x-oss-hash-crc64ecma 8846124588978033568 Content-Length 2526 x-oss-server-time 8
GET H/1.1	200 OK	fingerprint2.min.js Show response jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/	34 KB 34 KB	1150ms 258ms	Script text/javascript	118.31.232.185 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/fingerprint2.min.js Requested by Host: t.xmdlplus.com URL: https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 118.31.232.185 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash `973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://t.xmdlplus.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-oss-object-type Normal Date Thu, 20 Jun 2024 12:26:24 GMT x-oss-request-id 66741FF08873C53039C00D99 Last-Modified Wed, 05 Jun 2019 03:06:36 GMT Server AliyunOSS Content-MD5 02JAxeuppQUMSjCfhyEJLg== ETag "D36240C5EBA9A5050C4A309F8721092E" Content-Type text/javascript x-oss-storage-class Standard Connection keep-alive Accept-Ranges bytes x-oss-hash-crc64ecma 8087582169650658983 Content-Length 34376 x-oss-server-time 15
GET H/1.1	200 OK	mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4 v4client.oss-cn-hangzhou.aliyuncs.com/ Redirect Chain https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D https://v4client.oss-cn-hangzhou.aliyuncs.com/mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4?response-content-disposition=attachment%3B%20filena...	0 0	831ms 272ms	Document video/mp4	47.97.233.119 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://v4client.oss-cn-hangzhou.aliyuncs.com/mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4?response-content-disposition=attachment%3B%20filename%3DMDT865%2520with%2520protection%2520case.mp4%3B%20filename%2A%3Dutf-8%27%27MDT865%2520with%2520protection%2520case.mp4&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=LlYpObU57HpV7z4bSg%2BpM2%2BePE8%3D&Expires=1721470865 Requested by Host: t.xmdlplus.com URL: https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.97.233.119 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Cache-Control private, max-age=2592000 Connection keep-alive Content-Disposition attachment; filename=MDT865%20with%20protection%20case.mp4; filename=utf-8''MDT865%20with%20protection%20case.mp4 Content-Length* 16424424 Content-Type video/mp4 Date Thu, 20 Jun 2024 12:26:25 GMT ETag "95D4286708FA3E9FDE04E98F477BA00E-16" Last-Modified Wed, 19 Jun 2024 10:15:21 GMT Server AliyunOSS Vary Origin x-oss-hash-crc64ecma 13658172528006829557 x-oss-object-type Multipart x-oss-request-id 66741FF15878D23238691BC7 x-oss-server-time 39 x-oss-storage-class Standard x-oss-version-id CAEQYxiBgICB7Py_gRkiIDZhNjk3NDY3MGU0NTRjNmM4NjMyMDU2ZWYzZmU1NTNj Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Thu, 20 Jun 2024 12:26:24 GMT Server nginx/1.24.0 Transfer-Encoding chunked access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Language,xiaoman-os,xiaoman-version,xiaoman-pskey,xiaoman-user-id,xiaoman-client-id,x-xiaoman-platform-type,x-xsrf-token,x-xiaoman-app-version,b3,traceparent,uber-trace-id,x-b3-spanid,x-b3-traceid access-control-allow-methods GET, POST, OPTIONS access-control-max-age 86400 location https://v4client.oss-cn-hangzhou.aliyuncs.com/mail-attach%2Fmed%2F55505088%2Fd254914d9f9a88c1af40ba57e3c7c86db3397b7cd667eab16ce06ead7b0f03e2.mp4?response-content-disposition=attachment%3B%20filename%3DMDT865%2520with%2520protection%2520case.mp4%3B%20filename%2A%3Dutf-8%27%27MDT865%2520with%2520protection%2520case.mp4&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=LlYpObU57HpV7z4bSg%2BpM2%2BePE8%3D&Expires=1721470865 x-b3-spanid 31617e2739890e2a x-b3-traceid 8cc201ed156506e431617e2739890e2a x-envoy-upstream-service-time 32 x-powered-by PHP/8.0.23 x-xiaoman-client-id 64558 x-xiaoman-client-id-source redis x-xiaoman-service callback-fpm-prod x-xiaoman-service-version prod x-xiaoman-user-id 55505088
GET		404 t.xmdlplus.com/ Redirect Chain https://t.xmdlplus.com/favicon.ico http://t.xmdlplus.com/404	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.xmdlplus.com
URL: http://t.xmdlplus.com/404

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t.xmdlplus.com/	1969-12-31 23:59:59	Name: file_visitor_id Value: 5b3a2c64fd21b3f1d1c1a052b0f18a31

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D Message: Mixed Content: The page at 'https://t.xmdlplus.com/fileRead/download?s=A5miKeYG%2FWxi%2F10FhOlNGYH6%2F4WXV1KYGABdifnGxDbDHWjWyBwb3PSql5fDKrPINvUbioMnRdIZPq5cCoXUdqiWRqJHOr2ZIut%2FmHNKjdc%3D' was loaded over HTTPS, but requested an insecure favicon 'http://t.xmdlplus.com/404'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com
t.xmdlplus.com
v4client.oss-cn-hangzhou.aliyuncs.com
t.xmdlplus.com
118.31.232.185
47.97.233.119
8.218.155.203
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
aae2086a7051b2442d29b228135773fce404af5f99d8c0bec18f3c59828cff36
c7e90eb3f0fd5d9a3dc217e00b8ee4b2aa9b10af01b18fee4756bdc133511a99

t.xmdlplus.com Open in urlscan Pro 8.218.155.203 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

80 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

38 kBTransfer

37 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

t.xmdlplus.com Open in urlscan Pro
8.218.155.203 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

38 kB
Transfer

37 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions