urlscan.io logo urlscan.io
SecurityTrails logo

admin-qa.xiaobangtouzi.com Open in urlscan Pro
192.144.196.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin-insurance-qa.xiaobangtouzi.com/
Effective URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2...
Submission: On November 23 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 2 domains to perform 16 HTTP transactions. The main IP is 192.144.196.119, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is admin-qa.xiaobangtouzi.com.
TLS certificate: Issued by WoTrus DV Server CA [Run by the Issuer] on February 23rd 2024. Valid for: a year.
This is the only time admin-qa.xiaobangtouzi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 192.144.196.119 45090 (TENCENT-N...)
5 116.153.64.124 4837 (CHINA169-...)
1 43.152.135.101 139341 (ACE-AS-AP...)
1 43.152.182.31 139341 (ACE-AS-AP...)
4 43.129.138.120 132203 (TENCENT-N...)
1 43.154.240.235 132203 (TENCENT-N...)
16 7
5    192.144.196.119 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
admin-insurance-qa.xiaobangtouzi.com
admin-qa.xiaobangtouzi.com
5    116.153.64.124 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
static.xiaobangtouzi.com
1    43.152.135.101 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
wwcdn.weixin.qq.com
1    43.152.182.31 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
res.wx.qq.com
4    43.129.138.120 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
aegis.qq.com
1    43.154.240.235 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
open.work.weixin.qq.com
Apex Domain
Subdomains		 Transfer
10 xiaobangtouzi.com
admin-insurance-qa.xiaobangtouzi.com
admin-qa.xiaobangtouzi.com
static.xiaobangtouzi.com
410 KB
7 qq.com
wwcdn.weixin.qq.com — Cisco Umbrella Rank: 66239
res.wx.qq.com — Cisco Umbrella Rank: 9948
aegis.qq.com — Cisco Umbrella Rank: 21342
open.work.weixin.qq.com — Cisco Umbrella Rank: 78952
21 KB
16 2
Domain Requested by
5 static.xiaobangtouzi.com admin-qa.xiaobangtouzi.com
4 aegis.qq.com static.xiaobangtouzi.com
4 admin-qa.xiaobangtouzi.com admin-qa.xiaobangtouzi.com
1 open.work.weixin.qq.com wwcdn.weixin.qq.com
1 res.wx.qq.com admin-qa.xiaobangtouzi.com
1 wwcdn.weixin.qq.com admin-qa.xiaobangtouzi.com
1 admin-insurance-qa.xiaobangtouzi.com 1 redirects
16 7

This site contains no links.

Subject Issuer Validity Valid
*.xiaobangtouzi.com
WoTrus DV Server CA [Run by the Issuer]		 2024-02-23 -
2025-02-22		 a year crt.sh
work.weixin.qq.com
DigiCert Secure Site CN CA G3		 2024-04-17 -
2025-05-18		 a year crt.sh
res.wx.qq.com
DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1		 2024-08-22 -
2025-09-06		 a year crt.sh
*.aegis.qq.com
DigiCert Secure Site CN CA G3		 2024-03-15 -
2025-03-15		 a year crt.sh

This page contains 2 frames:

Primary Page: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Frame ID: 64D0BF127AF36FCA2FE9C80F3A281717
Requests: 17 HTTP requests in this frame

Frame: https://open.work.weixin.qq.com/wwopen/sso/qrConnect?login_type=jssdk&appid=wwf1143b4d1547c208&agentid=1000030&state=JTdCJTIyY29ycElkJTIyJTNBJTIyd3dmMTE0M2I0ZDE1NDdjMjA4JTIyJTJDJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=&redirect_uri=https://admin-qa.xiaobangtouzi.com/account/login-wxwork-recall&version=1.2.4
Frame ID: 95A269D1D6CB1A331E8DE061F972BA65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

小帮规划

Page URL History Show full URLs

  1. https://admin-insurance-qa.xiaobangtouzi.com/ HTTP 302
    https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMk... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

7
IPs

3
Countries

433 kB
Transfer

1422 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin-insurance-qa.xiaobangtouzi.com/ HTTP 302
    https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
admin-qa.xiaobangtouzi.com/account/
Redirect Chain
  • https://admin-insurance-qa.xiaobangtouzi.com/
  • https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.144.196.119 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
138f0912ffa883fc7120c1ee87a656c3bced7b4f17038eb2d3e63b80b714c88d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Nov 2024 06:53:54 GMT
server
istio-envoy
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
37
x-readtime
36
x-response-app
hero
x-xss-protection
1; mode=block

Redirect headers

content-length
377
content-type
text/html; charset=utf-8
date
Sat, 23 Nov 2024 06:53:53 GMT
location
https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
server
istio-envoy
x-download-options
noopen
x-envoy-upstream-service-time
148
x-readtime
142
x-response-app
hero
x-xss-protection
1; mode=block
index.page-a717380af3e76dac726a.css
admin-qa.xiaobangtouzi.com/dist/client-dash/pages/account/login/ 		12 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin-qa.xiaobangtouzi.com/dist/client-dash/pages/account/login/index.page-a717380af3e76dac726a.css
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.144.196.119 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
bd406c718e24a358636cc923865534fce0bf6c423604b4c60b387c10809a0c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=

Response headers

content-md5
3DVxgLxm4ANgse5whVkEuA==
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"3DVxgLxm4ANgse5whVkEuA=="
x-envoy-upstream-service-time
3
x-readtime
0
accept-ranges
bytes
date
Sat, 23 Nov 2024 06:53:54 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
istio-envoy
last-modified
Mon, 21 Oct 2024 07:06:10 GMT
logo.jpg
static.xiaobangtouzi.com/config/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xiaobangtouzi.com/config/logo.jpg
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.153.64.124 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b8c6b1c467631ee5872c6a3a176886d985ed0308d9bd551d686b2fe4307f9ded

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

x-nws-log-uuid
15209735475005954415
timing-allow-origin
*
etag
116460c6d364ad89f398577f2bbb2666
accept-ranges
bytes
access-control-allow-origin
*
content-length
19871
date
Sat, 23 Nov 2024 06:53:57 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 30 Sep 2020 08:02:44 GMT
content-type
image/jpeg
server
Lego Server
eruda.min.js
static.xiaobangtouzi.com/packages/eruda/2.4.1/ 		536 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xiaobangtouzi.com/packages/eruda/2.4.1/eruda.min.js
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.153.64.124 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
673d8b09ae493ffa53bd066023ae1efe71f85a9f38336acb1946f602dac6b4f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
2d9076980fd32e900ee56b26f4f5442b
x-nws-log-uuid
444347141078764759
accept-ranges
bytes
access-control-allow-origin
*
content-length
141051
date
Sat, 23 Nov 2024 06:53:57 GMT
x-cache-lookup
Cache Refresh Hit
last-modified
Wed, 07 Apr 2021 03:30:24 GMT
content-type
application/javascript
server
Lego Server
wwLogin-1.2.4.js
wwcdn.weixin.qq.com/node/wework/wwopen/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwcdn.weixin.qq.com/node/wework/wwopen/js/wwLogin-1.2.4.js
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.135.101 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Wwebsvr /
Resource Hash
9e20b658f3488deb506fc81260c98734d199bf9fd595ef42831425ebad29dfe4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

x-w-no
10086
cache-control
max-age=315360000
x-nws-log-uuid
12131226139386056165
content-encoding
gzip
etag
W/"64d1e271-742"
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
968
date
Sun, 27 Oct 2024 18:57:31 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 08 Aug 2023 06:36:33 GMT
content-type
application/x-javascript
server
Wwebsvr
vary
Accept-Encoding
main.js
static.xiaobangtouzi.com/insurance-h5/static/hunter/0.3.4/ 		196 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xiaobangtouzi.com/insurance-h5/static/hunter/0.3.4/main.js
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.153.64.124 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a69562a81d0a69cb69d1766c29f97cba3cedeea3fd73e270f8d5ab42b3f91cf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
99d7b7f509ed21a64d7761c3cac404f4
x-nws-log-uuid
12970606699295225666
accept-ranges
bytes
access-control-allow-origin
*
content-length
59931
date
Sat, 23 Nov 2024 06:53:57 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 06 Dec 2021 09:54:34 GMT
content-type
application/javascript
server
Lego Server
jweixin-1.0.0.js
res.wx.qq.com/wwopen/js/jsapi/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/wwopen/js/jsapi/jweixin-1.0.0.js
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.182.31 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
0ade9f7a4d1adcb626e48a8c87ae4037a4509b9e22262846bd15d3f19ee0cda2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

Etag
"637b3d44-4885"
Expires
Thu, 27 Apr 2034 00:39:14 GMT
Date
Mon, 29 Apr 2024 00:39:14 GMT
Last-Modified
Mon, 21 Nov 2022 08:56:36 GMT
Vary
Origin
Content-Type
application/x-javascript
X-Daa-Tunnel
hop_count=1
Cache-Control
max-age=315360000
X-NWS-LOG-UUID
11062046166079546257
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18565
X-Cache-Lookup
Cache Hit
X-Verify-Code
66f926f9ff9777d3b5c759713153f9c8
Server
nginx/1.8.1
index.chunk-b627b6f75e2cb9b489c1.js
admin-qa.xiaobangtouzi.com/dist/client-dash/chunks/vendor/ 		524 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-qa.xiaobangtouzi.com/dist/client-dash/chunks/vendor/index.chunk-b627b6f75e2cb9b489c1.js
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.144.196.119 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
1c7ea9d78d6cda4455347f30eb663daffb25bc55a739cc3dc07831f807550a56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=

Response headers

content-md5
+glGXcM8Pl4t75gKBebDnw==
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"+glGXcM8Pl4t75gKBebDnw=="
x-envoy-upstream-service-time
4
x-readtime
0
accept-ranges
bytes
date
Sat, 23 Nov 2024 06:53:55 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
istio-envoy
last-modified
Mon, 21 Oct 2024 07:04:00 GMT
index.page-94d3d472d277d950d7f8.js
admin-qa.xiaobangtouzi.com/dist/client-dash/pages/account/login/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-qa.xiaobangtouzi.com/dist/client-dash/pages/account/login/index.page-94d3d472d277d950d7f8.js
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.144.196.119 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
istio-envoy /
Resource Hash
b6346e88599ac24d3fe557814ca6dda034a8c78eabc249dd30e072b51ce42d75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=

Response headers

content-md5
8RyuV8N3tas+NoE1mkOgFQ==
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"8RyuV8N3tas+NoE1mkOgFQ=="
x-envoy-upstream-service-time
5
x-readtime
0
accept-ranges
bytes
date
Sat, 23 Nov 2024 06:53:55 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
istio-envoy
last-modified
Mon, 21 Oct 2024 07:06:10 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7103c446b85074c5b5bd331d3718561ac674229c79461f5088f283bb96aa13b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a76b5962f0557e2777082f5f3328d4fafdc6aa458e4844cdb70c5affe09d3873

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://admin-qa.xiaobangtouzi.com
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
logo.jpg
static.xiaobangtouzi.com/config/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xiaobangtouzi.com/config/logo.jpg
Requested by
Host: admin-qa.xiaobangtouzi.com
URL: https://admin-qa.xiaobangtouzi.com/account/login?encodeState=JTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.153.64.124 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b8c6b1c467631ee5872c6a3a176886d985ed0308d9bd551d686b2fe4307f9ded

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

x-nws-log-uuid
15209735475005954415
timing-allow-origin
*
etag
116460c6d364ad89f398577f2bbb2666
accept-ranges
bytes
access-control-allow-origin
*
content-length
19871
date
Sat, 23 Nov 2024 06:53:57 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 30 Sep 2020 08:02:44 GMT
content-type
image/jpeg
server
Lego Server
pv
aegis.qq.com/collect/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/collect/pv?id=PR8Q4VBmZva6A3gmKO&uin=&version=1.39.2&aid=380d872a-ac35-4c84-8513-884dcd4a693a&env=production&platform=5&netType=4&vp=1600%20*%201200&sr=1600%20*%201200&sessionId=session-1732344839219&from=https%3A%2F%2Fadmin-qa.xiaobangtouzi.com%2Faccount%2Flogin%3FencodeState%3DJTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q%3D&referer=
Requested by
Host: static.xiaobangtouzi.com
URL: https://static.xiaobangtouzi.com/packages/eruda/2.4.1/eruda.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.138.120 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 23 Nov 2024 06:54:00 GMT
Content-Type
text/plain
X-Powered-By
Express
Connection
keep-alive
qrConnect
open.work.weixin.qq.com/wwopen/sso/ Frame 95A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://open.work.weixin.qq.com/wwopen/sso/qrConnect?login_type=jssdk&appid=wwf1143b4d1547c208&agentid=1000030&state=JTdCJTIyY29ycElkJTIyJTNBJTIyd3dmMTE0M2I0ZDE1NDdjMjA4JTIyJTJDJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q=&redirect_uri=https://admin-qa.xiaobangtouzi.com/account/login-wxwork-recall&version=1.2.4
Requested by
Host: wwcdn.weixin.qq.com
URL: https://wwcdn.weixin.qq.com/node/wework/wwopen/js/wwLogin-1.2.4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.154.240.235 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Wwebsvr /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' tam.cdn-go.cn cdn-go.cn hm.baidu.com *.google-analytics.com https://apis.google.com *.gtimg.com *.gtimg.cn *.qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp

Request headers

Referer
https://admin-qa.xiaobangtouzi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
script-src 'self' tam.cdn-go.cn cdn-go.cn hm.baidu.com *.google-analytics.com https://apis.google.com *.gtimg.com *.gtimg.cn *.qq.com *.qqmail.com http://pub.idqqimg.com blob: 'unsafe-inline' 'unsafe-eval'; report-uri https://work.weixin.qq.com/wework_admin/customReport/csp
content-type
text/html; charset=utf-8
date
Sat, 23 Nov 2024 06:54:00 GMT
etag
W/"1a3e-Q9Bf/01mhFO3A93nAkeFXe+TdAA"
origin-agent-cluster
?0
server
Wwebsvr
vary
Accept-Encoding
x-w-no
65
pv
aegis.qq.com/collect/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/collect/pv?id=PR8Q4VBmZva6A3gmKO&uin=&version=1.39.2&aid=380d872a-ac35-4c84-8513-884dcd4a693a&env=production&platform=5&netType=4&vp=1600%20*%201200&sr=1600%20*%201200&sessionId=session-1732344839219&from=https%3A%2F%2Fadmin-qa.xiaobangtouzi.com%2Faccount%2Flogin%3FencodeState%3DJTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q%3D%23%2F&referer=
Requested by
Host: static.xiaobangtouzi.com
URL: https://static.xiaobangtouzi.com/packages/eruda/2.4.1/eruda.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.138.120 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 23 Nov 2024 06:54:00 GMT
Content-Type
text/plain
X-Powered-By
Express
Connection
keep-alive
whitelist
aegis.qq.com/collect/ 		58 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/collect/whitelist?id=PR8Q4VBmZva6A3gmKO&uin=&version=1.39.2&aid=380d872a-ac35-4c84-8513-884dcd4a693a&env=production&platform=5&netType=4&vp=1600%20*%201200&sr=1600%20*%201200&sessionId=session-1732344839219&from=https%3A%2F%2Fadmin-qa.xiaobangtouzi.com%2Faccount%2Flogin%3FencodeState%3DJTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q%3D%23%2F&referer=
Requested by
Host: static.xiaobangtouzi.com
URL: https://static.xiaobangtouzi.com/packages/eruda/2.4.1/eruda.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.138.120 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/ Express
Resource Hash
bb221a7e60f804731d8965873f7826f750f4def4abbe5b3bf132a9ce4b5e636e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
58
Date
Sat, 23 Nov 2024 06:54:00 GMT
ETag
W/"3a-Mq+Z0YrSSADKAkwAZ0tpR8ztW14"
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Connection
keep-alive
favicon.png
static.xiaobangtouzi.com/config/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.xiaobangtouzi.com/config/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.153.64.124 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4a3ef57383dc0afa2aaefe92aa02475a7090f7eaf83d225fa677c1973ee5d29c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

x-nws-log-uuid
4644498147024337191
timing-allow-origin
*
etag
ceb98e08d9d955f2be3ec20227d77ec6
accept-ranges
bytes
access-control-allow-origin
*
content-length
3998
date
Sat, 23 Nov 2024 06:54:02 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 23 Oct 2019 08:48:44 GMT
content-type
image/png
server
Lego Server
performance
aegis.qq.com/speed/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/speed/performance?dnsLookup=0&tcp=0&ssl=0&ttfb=299&contentDownload=5&domParse=4962&resourceDownload=3118&firstScreenTiming=7462&id=PR8Q4VBmZva6A3gmKO&uin=&version=1.39.2&aid=380d872a-ac35-4c84-8513-884dcd4a693a&env=production&platform=5&netType=4&vp=1600%20*%201200&sr=1600%20*%201200&sessionId=session-1732344839219&from=https%3A%2F%2Fadmin-qa.xiaobangtouzi.com%2Faccount%2Flogin%3FencodeState%3DJTdCJTIydGFyZ2V0VXJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhZG1pbi1pbnN1cmFuY2UtcWEueGlhb2Jhbmd0b3V6aS5jb20lMkYlMjIlN0Q%3D%23%2F&referer=
Requested by
Host: static.xiaobangtouzi.com
URL: https://static.xiaobangtouzi.com/packages/eruda/2.4.1/eruda.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.138.120 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-qa.xiaobangtouzi.com/

Response headers

Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
Date
Sat, 23 Nov 2024 06:54:05 GMT
Content-Type
application/json
Vary
Origin
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| setImmediate function| clearImmediate object| eruda object| el function| WwLogin object| APP_ACCOUNT object| APP_CONFIG string| APP_ENV object| APP_STATE function| gio function| Hunter object| JSON3 object| SensorsDataWebJSSDKPlugin object| sensorsDataAnalytic201505 object| __Hunter__ function| sensorsdata_app_call_js function| sensorsdata_app_js_bridge_call_js object| jWeixin object| wx object| wwperf object| regeneratorRuntime object| webVitals object| Axios object| React object| ReactDOM

3 Cookies

Domain/Path Name / Value
.xiaobangtouzi.com/ Name: xba_udid_qa
Value: ad22bd0b-3670-46ae-a24c-ccc81e5b0c73
.xiaobangtouzi.com/ Name: sajssdk_2015_cross_new_user
Value: 1
.xiaobangtouzi.com/ Name: sensorsdata2015jssdkcross
Value: %7B%22distinct_id%22%3A%2219357cc7977bf-0fb1c29dbe66f6-17462c6e-1920000-19357cc7978a3c%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22%24device_id%22%3A%2219357cc7977bf-0fb1c29dbe66f6-17462c6e-1920000-19357cc7978a3c%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block