urlscan.io logo urlscan.io
SecurityTrails logo

sso.xilingbm.com Open in urlscan Pro
47.105.44.61  Public Scan

Go To Rescan Add Verdict Report
URL: https://sso.xilingbm.com/
Submission: On July 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 47.105.44.61, located in Qingdao, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is sso.xilingbm.com.
TLS certificate: Issued by R11 on July 28th 2024. Valid for: 3 months.
This is the only time sso.xilingbm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 47.105.44.61 37963 (ALIBABA-C...)
2 47.104.37.180 37963 (ALIBABA-C...)
1 163.181.92.238 24429 (TAOBAO Zh...)
1 2 47.246.137.199 45102 (ALIBABA-C...)
7 4
Apex Domain
Subdomains		 Transfer
3 xilingbm.com
sso.xilingbm.com
4 KB
2 dingtalk.com
login.dingtalk.com — Cisco Umbrella Rank: 459010
253 B
2 axiling.com
oss.axiling.com
433 KB
1 alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 6569
2 KB
7 4
Domain Requested by
3 sso.xilingbm.com sso.xilingbm.com
2 login.dingtalk.com 1 redirects g.alicdn.com
2 oss.axiling.com sso.xilingbm.com
1 g.alicdn.com sso.xilingbm.com
7 4

This site contains no links.

Subject Issuer Validity Valid
sso.xilingbm.com
R11		 2024-07-28 -
2024-10-26		 3 months crt.sh
*.axiling.com
Xcc Trust OV SSL CA		 2024-02-02 -
2025-02-01		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2024-06-19 -
2025-07-21		 a year crt.sh
*.dingtalk.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-04-08 -
2025-05-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sso.xilingbm.com/
Frame ID: A6F6FB91C0B2E7C361949913E44E61C6
Requests: 6 HTTP requests in this frame

Frame: https://login.dingtalk.com/oauth2/challenge.htm?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent
Frame ID: C2B4A9FDDF7BC0551F68CCE6C8CDA985
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

喜领登陆

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

439 kB
Transfer

442 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://login.dingtalk.com/oauth2/auth?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent HTTP 302
  • https://login.dingtalk.com/oauth2/challenge.htm?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sso.xilingbm.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.xilingbm.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.105.44.61 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
dc702bca00690d6002f3ceb31cacf5d0892c5874a4cc016d5254c87e4ca8ec88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Sun, 28 Jul 2024 16:20:02 GMT
Server
nginx
Transfer-Encoding
chunked
login.css
sso.xilingbm.com/statics/css/ 		1 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.xilingbm.com/statics/css/login.css
Requested by
Host: sso.xilingbm.com
URL: https://sso.xilingbm.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.105.44.61 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
88dc358c6f8f7886b2f8b1f075451a211c8ce43a3488dfdfcdab4e544157aade

Request headers

Referer
https://sso.xilingbm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 16:20:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jun 2024 12:02:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
welcome.png
oss.axiling.com/applets/ssoServer/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oss.axiling.com/applets/ssoServer/welcome.png
Requested by
Host: sso.xilingbm.com
URL: https://sso.xilingbm.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.104.37.180 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
91fc68e06c0b0db167edf80f90ed00ab93898f874d69c2840bb393fed37010fb

Request headers

Referer
https://sso.xilingbm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Sun, 28 Jul 2024 16:20:04 GMT
x-oss-request-id
66A66FB4F8FFDD3734048CB9
Last-Modified
Thu, 16 May 2024 05:44:21 GMT
Server
AliyunOSS
Content-MD5
RC5ISHpjpVL+gxMKqD7JgA==
ETag
"442E48487A63A552FE83130AA83EC980"
Vary
Origin
Content-Type
image/png
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
12339863613649784188
Content-Length
3848
x-oss-server-time
17
ddlogin.js
g.alicdn.com/dingding/h5-dingtalk-login/0.21.0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/dingding/h5-dingtalk-login/0.21.0/ddlogin.js
Requested by
Host: sso.xilingbm.com
URL: https://sso.xilingbm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.238 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
23b072a286a161246713beb15c8cfcb79368c69138bef0e2f1a7aa1fcb3d77aa

Request headers

Referer
https://sso.xilingbm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 18:37:23 GMT
content-encoding
gzip
via
cache20.l2de2[0,0,200-0,H], cache9.l2de2[1,0], cache9.l2de2[1,0], ens-cache16.de5[0,0,200-0,H], ens-cache15.de5[1,0]
x-oss-request-id
66A53E6362E4833132CC3C93
content-md5
SwqCJ1ZVCMoTeW6vLOjNyw==
age
78159
x-swift-cachetime
49637
x-cache
HIT TCP_HIT dirn:11:337137934
x-swift-savetime
Sun, 28 Jul 2024 04:50:06 GMT
content-length
1051
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1722105443
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
5057367910553310142
eagleid
a3b55ca317221836026474895e
x-oss-server-time
21
login.js
sso.xilingbm.com/statics/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.xilingbm.com/statics/js/login.js
Requested by
Host: sso.xilingbm.com
URL: https://sso.xilingbm.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.105.44.61 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b5fa9f0eda0939a4c6d57e3b7d49c182f3271394ace0c745618dbdc7c91b6657

Request headers

Referer
https://sso.xilingbm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 16:20:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jun 2024 12:02:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
bg.png
oss.axiling.com/applets/ssoServer/ 		429 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oss.axiling.com/applets/ssoServer/bg.png
Requested by
Host: sso.xilingbm.com
URL: https://sso.xilingbm.com/statics/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.104.37.180 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
18cfbd8a621001524fe109804a6a8189b30aa8ceefb504d9a78335ce7ca7c805

Request headers

Referer
https://sso.xilingbm.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Sun, 28 Jul 2024 16:20:05 GMT
x-oss-request-id
66A66FB5F8FFDD37346C8CB9
Last-Modified
Thu, 16 May 2024 05:44:21 GMT
Server
AliyunOSS
Content-MD5
PEQaj0rj+S41px7H73qs2w==
ETag
"3C441A8F4AE3F92E35A71EC7EF7AACDB"
Vary
Origin
Content-Type
image/png
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14634204266183789264
Content-Length
438837
x-oss-server-time
2
challenge.htm
login.dingtalk.com/oauth2/ Frame C2B4
Redirect Chain
  • https://login.dingtalk.com/oauth2/auth?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent
  • https://login.dingtalk.com/oauth2/challenge.htm?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.dingtalk.com/oauth2/challenge.htm?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/dingding/h5-dingtalk-login/0.21.0/ddlogin.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.137.199 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sso.xilingbm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-language
zh-CN
content-type
text/html;charset=UTF-8
date
Sun, 28 Jul 2024 16:20:07 GMT
server
Tengine

Redirect headers

cache-control
no-cache
content-language
zh-CN
content-length
0
content-type
application/json;charset=UTF-8
date
Sun, 28 Jul 2024 16:20:06 GMT
location
https://login.dingtalk.com/oauth2/challenge.htm?iframe=true&redirect_uri=https%3A%2F%2Fsso.xilingbm.com%2Flogin%2Fauth&response_type=code&client_id=dingvrmaixwf62yptev5&scope=openid&prompt=consent
server
Tengine

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| DTFrameLogin string| redirectUrl string| transpond string| appId function| userCallback function| showModalAndCloseAfter function| closeModal function| callAnotherMethod function| DDMessage

0 Cookies