urlscan.io logo urlscan.io
SecurityTrails logo

t.xmdlplus.com Open in urlscan Pro
8.218.155.203  Public Scan

Go To Rescan Add Verdict Report
URL: https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHer...
Submission: On May 08 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 8.218.155.203, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is t.xmdlplus.com.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.
This is the only time t.xmdlplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete RE_ External Email_ Agency Agreement Draft.rar 187 MB
Size: 187 MB (195799111 bytes, 0% done)
Downloaded from: https://v4client-oss-new.xiaoman.cn/mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar?response-content-disposition=attachment%3B%20filename%3DRE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar%3B%20filename%2A%3Dutf-8%27%27RE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=68%2Fp7%2F80ODm33Y4tpaKJJbEtKWw%3D&Expires=1717510193

Domain & IP information

IP Address AS Autonomous System
1 2 8.218.155.203 45102 (ALIBABA-C...)
2 118.31.232.185 37963 (ALIBABA-C...)
1 47.97.233.119 37963 (ALIBABA-C...)
5 4
Domain Requested by
2 jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com t.xmdlplus.com
2 t.xmdlplus.com 1 redirects
1 v4client-oss-new.xiaoman.cn t.xmdlplus.com
5 3

This site contains no links.

Subject Issuer Validity Valid
*.xmdlplus.com
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
cn-hangzhou.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-19 -
2025-03-22		 a year crt.sh
*.xiaoman.cn
GlobalSign RSA OV SSL CA 2018		 2023-05-09 -
2024-06-09		 a year crt.sh

This page contains 1 frames:

Frame: https://v4client-oss-new.xiaoman.cn/mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar?response-content-disposition=attachment%3B%20filename%3DRE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar%3B%20filename%2A%3Dutf-8%27%27RE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=68%2Fp7%2F80ODm33Y4tpaKJJbEtKWw%3D&Expires=1717510193
Frame ID: 0FD898BB55955FA5ABAD816F8F9671E7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

loading...

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

38 kB
Transfer

37 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup HTTP 302
  • https://v4client-oss-new.xiaoman.cn/mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar?response-content-disposition=attachment%3B%20filename%3DRE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar%3B%20filename%2A%3Dutf-8%27%27RE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=68%2Fp7%2F80ODm33Y4tpaKJJbEtKWw%3D&Expires=1717510193
Request Chain 3
  • https://t.xmdlplus.com/favicon.ico HTTP 0
  • http://t.xmdlplus.com/404

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request download
t.xmdlplus.com/fileRead/ 		840 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
8.218.155.203 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.24.0 / PHP/8.0.23
Resource Hash
59e9a2c1ad6e31dd0d20a66a612de1e80d649df696434a26d14b6e221922a7ce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 May 2024 14:28:39 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Language,xiaoman-os,xiaoman-version,xiaoman-pskey,xiaoman-user-id,xiaoman-client-id,x-xiaoman-platform-type,x-xsrf-token,x-xiaoman-app-version,b3,traceparent,uber-trace-id,x-b3-spanid,x-b3-traceid
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
content-encoding
gzip
vary
Accept-Encoding
x-envoy-upstream-service-time
18
x-powered-by
PHP/8.0.23
x-xiaoman-client-id
6610
x-xiaoman-client-id-source
redis
x-xiaoman-service
callback-fpm-prod
x-xiaoman-service-version
prod
x-xiaoman-user-id
56034123
cookie.min.js
jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/cookie.min.js
Requested by
Host: t.xmdlplus.com
URL: https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.31.232.185 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c7e90eb3f0fd5d9a3dc217e00b8ee4b2aa9b10af01b18fee4756bdc133511a99

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://t.xmdlplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
Date
Wed, 08 May 2024 14:28:40 GMT
x-oss-request-id
663B8C17C505B33334731FCB
Last-Modified
Wed, 05 Jun 2019 03:07:27 GMT
Server
AliyunOSS
Content-MD5
3QMgKiAeE6UZS0MMMXGxEg==
ETag
"DD03202A201E13A5194B430C3171B112"
Content-Type
text/javascript
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
8846124588978033568
Content-Length
2526
x-oss-server-time
5
fingerprint2.min.js
jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jinyuncrmproduct.oss-cn-hangzhou.aliyuncs.com/fingerprint2.min.js
Requested by
Host: t.xmdlplus.com
URL: https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.31.232.185 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://t.xmdlplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
Date
Wed, 08 May 2024 14:28:40 GMT
x-oss-request-id
663B8C1845A0B739385D9F8D
Last-Modified
Wed, 05 Jun 2019 03:06:36 GMT
Server
AliyunOSS
Content-MD5
02JAxeuppQUMSjCfhyEJLg==
ETag
"D36240C5EBA9A5050C4A309F8721092E"
Content-Type
text/javascript
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
8087582169650658983
Content-Length
34376
x-oss-server-time
11
mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar
v4client-oss-new.xiaoman.cn/
Redirect Chain
  • https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
  • https://v4client-oss-new.xiaoman.cn/mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar?response-content-disposition=attachment%3B%20filename%3DRE_%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://v4client-oss-new.xiaoman.cn/mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar?response-content-disposition=attachment%3B%20filename%3DRE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar%3B%20filename%2A%3Dutf-8%27%27RE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=68%2Fp7%2F80ODm33Y4tpaKJJbEtKWw%3D&Expires=1717510193
Requested by
Host: t.xmdlplus.com
URL: https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.97.233.119 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
private, max-age=2592000
Connection
keep-alive
Content-Disposition
attachment; filename=RE_%20External%20Email_%20Agency%20%20Agreement%20Draft.rar; filename*=utf-8''RE_%20External%20Email_%20Agency%20%20Agreement%20Draft.rar
Content-Length
195799111
Content-Type
application/x-rar-compressed
Date
Wed, 08 May 2024 14:28:42 GMT
ETag
"C9B080476C0BBBB1571C5EF650BF7613-187"
Last-Modified
Sun, 05 May 2024 14:09:09 GMT
Server
AliyunOSS
Vary
Origin
x-oss-hash-crc64ecma
4836293464761905196
x-oss-object-type
Multipart
x-oss-request-id
663B8C1945A0B732366AB88D
x-oss-server-time
297
x-oss-storage-class
Standard
x-oss-version-id
CAEQbBiBgMDjzKyk.hgiIDBlNjUzYTg4ODcwZTQ4MTQ5NGJkYzUxMWM2ZDcxNmM2

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 May 2024 14:28:40 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Language,xiaoman-os,xiaoman-version,xiaoman-pskey,xiaoman-user-id,xiaoman-client-id,x-xiaoman-platform-type,x-xsrf-token,x-xiaoman-app-version,b3,traceparent,uber-trace-id,x-b3-spanid,x-b3-traceid
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
location
https://v4client-oss-new.xiaoman.cn/mail-attach%2Fzip%2F56034123%2F847ab1821355197211ef2906db997f4c11e0c46e0cccb71cd336fd08b584f32c.rar?response-content-disposition=attachment%3B%20filename%3DRE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar%3B%20filename%2A%3Dutf-8%27%27RE_%2520External%2520Email_%2520Agency%2520%2520Agreement%2520Draft.rar&OSSAccessKeyId=LTAI5tCRVsUWyca4YrKZMPQP&Signature=68%2Fp7%2F80ODm33Y4tpaKJJbEtKWw%3D&Expires=1717510193
x-envoy-upstream-service-time
26
x-powered-by
PHP/8.0.23
x-xiaoman-client-id
6610
x-xiaoman-client-id-source
redis
x-xiaoman-service
callback-fpm-prod
x-xiaoman-service-version
prod
x-xiaoman-user-id
56034123
404
t.xmdlplus.com/
Redirect Chain
  • https://t.xmdlplus.com/favicon.ico
  • http://t.xmdlplus.com/404
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.xmdlplus.com
URL
http://t.xmdlplus.com/404

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| cookie function| Fingerprint2 function| jump undefined| uid

1 Cookies

Domain/Path Name / Value
t.xmdlplus.com/ Name: file_visitor_id
Value: b8e33a47f13a916b9701f4ce92c36523

1 Console Messages

Source Level URL
Text
security error URL: https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup
Message:
Mixed Content: The page at 'https://t.xmdlplus.com/fileRead/download?s=vcyfi3rTsvqXMvbuMzVHz0x0OL63wEzwyv%2Bs%2B%2FY6v4KYx2boT8fYudf%2FHz0bhw%2FHergGlnudMtfhCWQdOEn%2FHlf8zRf2pJup' was loaded over HTTPS, but requested an insecure favicon 'http://t.xmdlplus.com/404'. This request has been blocked; the content must be served over HTTPS.