oia.xiaohongshu.com Open in urlscan Pro
101.33.27.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://oia.xiaohongshu.com/oia
Submission Tags: falconsandbox
Submission: On March 06 via api (March 6th 2024, 3:17:14 am UTC) from US — Scanned from SG

Summary HTTP 8 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 8 HTTP transactions. The main IP is 101.33.27.26, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is oia.xiaohongshu.com.
TLS certificate: Issued by DigiCert Secure Site CN CA G3 on January 25th 2024. Valid for: a year.

This is the only time oia.xiaohongshu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete xiaohongshu.apk 45 MB

Size: 45 MB (47251893 bytes, 10% done)

Downloaded from: https://dc.xiaohongshu.com/file/pkgs/base/xiaohongshu.apk

Domain & IP information

	IP Address	AS Autonomous System
1	101.33.27.26 101.33.27.26	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	104.18.31.133 104.18.31.133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	43.142.215.98 43.142.215.98	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	104.18.12.84 104.18.12.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	101.33.26.190 101.33.26.190	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
8	6

1 101.33.27.26 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

oia.xiaohongshu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.31.133 (None, )

ASN13335 (CLOUDFLARENET, US)

fe-static.xhscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.142.215.98 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

spider-tracker.xiaohongshu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.84 (None, )

ASN13335 (CLOUDFLARENET, US)

ci.xiaohongshu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.33.26.190 (Singapore, Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

dc.xiaohongshu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	xiaohongshu.com oia.xiaohongshu.com spider-tracker.xiaohongshu.com — Cisco Umbrella Rank: 16784 ci.xiaohongshu.com — Cisco Umbrella Rank: 22874 dc.xiaohongshu.com	17 KB
3	xhscdn.com fe-static.xhscdn.com — Cisco Umbrella Rank: 22965	32 KB
8	2

	Domain	Requested by
3	fe-static.xhscdn.com	oia.xiaohongshu.com
2	spider-tracker.xiaohongshu.com	fe-static.xhscdn.com
1	dc.xiaohongshu.com	fe-static.xhscdn.com
1	ci.xiaohongshu.com	oia.xiaohongshu.com
1	oia.xiaohongshu.com
8	5

This site contains links to these domains. Also see Links.

Domain
www.xiaohongshu.com
agree.xiaohongshu.com

Subject Issuer	Validity	Valid
*.xiaohongshu.com DigiCert Secure Site CN CA G3	`2024-01-25` - `2025-02-22`	a year	crt.sh
*.xhscdn.com GeoTrust RSA CN CA G2	`2023-05-29` - `2024-06-27`	a year	crt.sh

This page contains 1 frames:

Frame: https://dc.xiaohongshu.com/file/pkgs/base/xiaohongshu.apk
Frame ID: 3DA4FE62DB447D607784973D04C7AB67
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

打开小红书

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

6
IPs

3
Countries

49 kB
Transfer

122 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xiaohongshu.com/mobile/permission
Title: 应用权限

Search URL Search Domain Scan URL

URL: https://agree.xiaohongshu.com/h5/terms/ZXXY20220509001/-1
Title: 隐私政策

Search URL Search Domain Scan URL

URL: https://www.xiaohongshu.com/activity/advertise/production
Title: 产品功能

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request oia Show response oia.xiaohongshu.com/	26 KB 17 KB	251ms 126ms	Document text/html	101.33.27.26 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://oia.xiaohongshu.com/oia Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.33.27.26 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `62d9febc566cf99019137a13d6d81b9d3c386bc422c8b5f7e17a8d66d842ccbe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html date Wed, 06 Mar 2024 03:17:09 GMT etag W/"65c09e0c-67ee" last-modified Mon, 05 Feb 2024 08:36:28 GMT server nginx x-cache-lookup Cache Miss Cache Miss Cache Miss x-nws-log-uuid 5241701940356766136 xhs_real_ip 223.109.42.207
GET H2	200	runtime-main.7575880.js Show response fe-static.xhscdn.com/formula-static/oia/public/js/	1 KB 1 KB	60ms 19ms	Script application/javascript	104.18.31.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fe-static.xhscdn.com/formula-static/oia/public/js/runtime-main.7575880.js Requested by Host: oia.xiaohongshu.com URL: https://oia.xiaohongshu.com/oia Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.31.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1904d758ae9ed340fb7dc766ad48c664b91512b9328ee4a287fa6391585453fb` Request headers Referer https://oia.xiaohongshu.com/ Origin https://oia.xiaohongshu.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 03:17:09 GMT via 1.1 google content-encoding gzip cf-cache-status HIT x-cos-trace-id OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ= age 7710800 x-cos-request-id NjU2ZmU4ODhfMjMzZDEyMDlfMTYxMjRfNmNiMDJjMA== x-cos-version-id MTg0NDUwNDg3MDE2MTY2OTM1MDE x-cos-hash-crc64ecma 10717194217248873582 last-modified Fri, 22 Sep 2023 08:41:32 GMT server cloudflare etag W/"77ad669926d27a2403975925946cfd22" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 85ff30f16cc14619-SIN expires Wed, 06 Mar 2024 07:17:09 GMT
GET H2	200	vendor-main.5729ca4.js Show response fe-static.xhscdn.com/formula-static/oia/public/js/	55 KB 20 KB	63ms 22ms	Script application/javascript	104.18.31.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fe-static.xhscdn.com/formula-static/oia/public/js/vendor-main.5729ca4.js Requested by Host: oia.xiaohongshu.com URL: https://oia.xiaohongshu.com/oia Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.31.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2d0d35e55539224ab5ac3f64f70e595cba16d50ca274b6d687cdda510788acf` Request headers Referer https://oia.xiaohongshu.com/ Origin https://oia.xiaohongshu.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 03:17:09 GMT via 1.1 google content-encoding gzip cf-cache-status HIT x-cos-trace-id OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ= age 8401137 x-cos-request-id NjU2Njk4MDZfOWI1NWI1MDlfZDI3ZF8xMDA0ZmY4OQ== x-cos-version-id MTg0NDUwNDg3MDE2MTY2ODE2ODc x-cos-hash-crc64ecma 15744175854978405706 last-modified Fri, 22 Sep 2023 08:41:32 GMT server cloudflare etag W/"b324528b750d6799f75f5d9f4a7dae8d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 85ff30f16cc24619-SIN expires Wed, 06 Mar 2024 07:17:09 GMT
GET H2	200	main.8e5cc25.js Show response fe-static.xhscdn.com/formula-static/oia/public/js/	32 KB 10 KB	41ms 21ms	Script application/javascript	104.18.31.133 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fe-static.xhscdn.com/formula-static/oia/public/js/main.8e5cc25.js Requested by Host: oia.xiaohongshu.com URL: https://oia.xiaohongshu.com/oia Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.31.133 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8ee30133b13437073e5b748e3ab0d8b2529f62e7f3d1173a915626670a4c93e` Request headers Referer https://oia.xiaohongshu.com/ Origin https://oia.xiaohongshu.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 03:17:09 GMT via 1.1 google content-encoding gzip cf-cache-status HIT x-cos-trace-id OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ= age 10300405 x-cos-request-id NjU0MWZkMTNfMTg0NjY4MDlfMTI5YmRfNjEwNDE0Mg== x-cos-version-id MTg0NDUwNDg3MDE2MTY3NTMxMTk x-cos-hash-crc64ecma 7755086253534188492 last-modified Fri, 22 Sep 2023 08:41:32 GMT server cloudflare etag W/"8b788790b929f91b427ae3b2c02e56ee" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 85ff30f16cc54619-SIN expires Wed, 06 Mar 2024 07:17:09 GMT
OPTIONS H2	200	data spider-tracker.xiaohongshu.com/api/	0 0	1420ms 371ms	Preflight text/json	43.142.215.98 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://spider-tracker.xiaohongshu.com/api/data Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.142.215.98 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers biz-type,content-type Access-Control-Request-Method POST Origin https://oia.xiaohongshu.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Client-Build,X-Client-Platform,X-Client-Version,X-Mx-ReqToken,X-Requested-With,X-Sign,Batch,request-from,Biz-Type access-control-allow-methods GET,POST,OPTIONS,HEAD access-control-allow-origin * content-length 4 content-type text/json; charset=utf-8 date Wed, 06 Mar 2024 03:17:11 GMT
POST H2	200	data Show response spider-tracker.xiaohongshu.com/api/	41 B 396 B	731ms 730ms	XHR text/json	43.142.215.98 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://spider-tracker.xiaohongshu.com/api/data Requested by Host: fe-static.xhscdn.com URL: https://fe-static.xhscdn.com/formula-static/oia/public/js/main.8e5cc25.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.142.215.98 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software / Resource Hash `8c0d77e8b4e6582068c985d9aca2cfe1579a59179034b94cd150857cc7164a8d` Request headers Biz-Type b2 Referer https://oia.xiaohongshu.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-type application/json Response headers access-control-allow-origin * date Wed, 06 Mar 2024 03:17:11 GMT access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Client-Build,X-Client-Platform,X-Client-Version,X-Mx-ReqToken,X-Requested-With,X-Sign,Batch,request-from,Biz-Type content-length 41 access-control-allow-methods GET,POST,OPTIONS,HEAD content-type text/json; charset=utf-8
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a3f27d4013bb036df97305997cac6462439deb2339c2898d47fbd8917dbf887d` Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type image/png
GET H2	404	e8e8fca5-acc7-4b8f-8aa9-a60735cd0f1a@r_750w_750h_ss1.jpg ci.xiaohongshu.com/	0 0	325ms 199ms	Image application/xml	104.18.12.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ci.xiaohongshu.com/e8e8fca5-acc7-4b8f-8aa9-a60735cd0f1a@r_750w_750h_ss1.jpg Requested by Host: oia.xiaohongshu.com URL: https://oia.xiaohongshu.com/oia Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.84 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oia.xiaohongshu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers
GET H2	200	xiaohongshu.apk dc.xiaohongshu.com/file/pkgs/base/	0 0	127ms 15ms	Document application/vnd.android.package-archive	101.33.26.190 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://dc.xiaohongshu.com/file/pkgs/base/xiaohongshu.apk Requested by Host: fe-static.xhscdn.com URL: https://fe-static.xhscdn.com/formula-static/oia/public/js/main.8e5cc25.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.33.26.190 Singapore, Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software openresty / Resource Hash Request headers Referer https://oia.xiaohongshu.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid access-control-max-age 2592000 cache-control public, max-age=31536000 content-disposition attachment; filename="xiaohongshu.apk"; filename=utf-8''xiaohongshu.apk content-length* 47251893 content-md5 T7j4M5SRxNShj2Pcy2XLoQ== content-transfer-encoding binary content-type application/vnd.android.package-archive date Sat, 04 Nov 2023 11:58:23 GMT etag "ln-3n5tm_n0traWepzC2VDJEX1JJ" last-modified Fri, 30 Dec 2022 03:41:46 GMT server openresty x-cache-lookup Cache Hit x-log X-Log x-nws-log-uuid 6701423379400513483 x-private 1 x-qiniu-zone 0 x-reqid XVEAAABsudahaZQX x-svr IO

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oia.xiaohongshu.com/	1970-01-20 18:54:56	Name: acw_tc Value: 6fb0267859a4e0c4611b8d2d000ea273f117af54a505dd2fc75735b161a4e7f0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ci.xiaohongshu.com/e8e8fca5-acc7-4b8f-8aa9-a60735cd0f1a@r_750w_750h_ss1.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ci.xiaohongshu.com
dc.xiaohongshu.com
fe-static.xhscdn.com
oia.xiaohongshu.com
spider-tracker.xiaohongshu.com
101.33.26.190
101.33.27.26
104.18.12.84
104.18.31.133
43.142.215.98
1904d758ae9ed340fb7dc766ad48c664b91512b9328ee4a287fa6391585453fb
62d9febc566cf99019137a13d6d81b9d3c386bc422c8b5f7e17a8d66d842ccbe
8c0d77e8b4e6582068c985d9aca2cfe1579a59179034b94cd150857cc7164a8d
a3f27d4013bb036df97305997cac6462439deb2339c2898d47fbd8917dbf887d
b2d0d35e55539224ab5ac3f64f70e595cba16d50ca274b6d687cdda510788acf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8ee30133b13437073e5b748e3ab0d8b2529f62e7f3d1173a915626670a4c93e

oia.xiaohongshu.com Open in urlscan Pro 101.33.27.26 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

6 IPs

3 Countries

49 kBTransfer

122 kBSize

1 Cookies

3 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

oia.xiaohongshu.com Open in urlscan Pro
101.33.27.26 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

6
IPs

3
Countries

49 kB
Transfer

122 kB
Size

1
Cookies

8 HTTP transactions
1 data transactions