libs.baidu.com Open in urlscan Pro
39.156.66.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx
Effective URL:
http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email&utm_campaign=%e6%8a...
Submission: On March 14 via api (March 14th 2024, 1:07:29 pm UTC) from HK — Scanned from DE

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 39.156.66.111, located in China and belongs to CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN. The main domain is libs.baidu.com. The Cisco Umbrella rank of the primary domain is 228985.

This is the only time libs.baidu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.95.58.248 103.95.58.248	133054 (RSHL-AS R...) (RSHL-AS Reasonable Software House Limited)
1	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
3	2

3 103.95.58.248 (Hong Kong) 1 redirects

ASN133054 (RSHL-AS Reasonable Software House Limited, HK)
PTR: mail58248.reasonables8.com

t.newletter-sanyoubio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	newletter-sanyoubio.com 1 redirects t.newletter-sanyoubio.com	30 KB
1	baidu.com libs.baidu.com — Cisco Umbrella Rank: 228985	17 KB
3	2

	Domain	Requested by
3	t.newletter-sanyoubio.com	1 redirects t.newletter-sanyoubio.com
1	libs.baidu.com	t.newletter-sanyoubio.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email&utm_campaign=%e6%8a%97%e4%bd%93%e8%9b%8b%e7%99%bd%e4%ba%a7%e5%93%81_EN240314
Frame ID: 342F577E203C712B5D22F4B718BCD17B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx Page URL
http://t.newletter-sanyoubio.com/tracking.aspx?subid=258968438&camid=3034260&linkid=3405023&DetectFakeClicks=1 HTTP 302
http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email... Page URL

Page Statistics

3
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

46 kB
Transfer

126 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx Page URL
http://t.newletter-sanyoubio.com/tracking.aspx?subid=258968438&camid=3034260&linkid=3405023&DetectFakeClicks=1 HTTP 302
http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email&utm_campaign=%e6%8a%97%e4%bd%93%e8%9b%8b%e7%99%bd%e4%ba%a7%e5%93%81_EN240314 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Default.aspx t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/	3 KB 4 KB	1335ms 353ms	Document text/html	103.95.58.248 RSHL-AS Reasonabl...
General Check archive.org Show headers Download Go to Full URL http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx Protocol HTTP/1.1 Server 103.95.58.248 , Hong Kong, ASN133054 (RSHL-AS Reasonable Software House Limited, HK), Reverse DNS mail58248.reasonables8.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private Content-Length 3275 Content-Type text/html; charset=utf-8 Date Thu, 14 Mar 2024 13:07:20 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET
GET H/1.1	200 OK	arrows.jpg t.newletter-sanyoubio.com/	25 KB 26 KB	322ms 322ms	Image image/jpeg	103.95.58.248 RSHL-AS Reasonabl...
General Check archive.org Show headers Download Go to Show image Full URL http://t.newletter-sanyoubio.com/arrows.jpg Requested by Host: t.newletter-sanyoubio.com URL: http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx Protocol HTTP/1.1 Server 103.95.58.248 , Hong Kong, ASN133054 (RSHL-AS Reasonable Software House Limited, HK), Reverse DNS mail58248.reasonables8.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Thu, 14 Mar 2024 13:07:21 GMT Last-Modified Mon, 26 Jan 2015 17:14:57 GMT Server Microsoft-IIS/10.0 ETag "baa3d69b8b39d01:0" X-Powered-By ASP.NET Content-Type image/jpeg Accept-Ranges bytes Content-Length 25921
GET H/1.1	200 OK	Primary Request bootstrap.min.css Show response libs.baidu.com/bootstrap/3.0.3/css/ Redirect Chain http://t.newletter-sanyoubio.com/tracking.aspx?subid=258968438&camid=3034260&linkid=3405023&DetectFakeClicks=1 http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email&utm_campaign=%e6%8a%97%e4%bd%93%e8%9b%8b%e7%99%bd%e4%ba%a7%e5%93%81_EN240314	97 KB 17 KB	1782ms 327ms	Document text/css	39.156.66.111 CHINAMOBILE-CN Ch...
General Check archive.org Show headers Download Go to Full URL http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email&utm_campaign=%e6%8a%97%e4%bd%93%e8%9b%8b%e7%99%bd%e4%ba%a7%e5%93%81_EN240314 Requested by Host: t.newletter-sanyoubio.com URL: http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx Protocol HTTP/1.1 Server 39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN), Reverse DNS Software Apache / Resource Hash `81e40cfd9268d77c245692bfe869d56836f557c91b494785b0cf068e875b9892` Request headers Referer http://t.newletter-sanyoubio.com/t.aspx/subid/258968438/camid/3034260/linkid/3405023/Default.aspx Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=2592000 Connection keep-alive Content-Encoding gzip Content-Type text/css Date Thu, 14 Mar 2024 13:07:24 GMT Expires Sat, 13 Apr 2024 13:07:24 GMT Last-Modified Mon, 01 Dec 2014 10:42:08 GMT P3p CP=" OTI DSP COR IVA OUR IND COM " Server Apache Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Cache-Control private Content-Length 300 Content-Type text/html; charset=utf-8 Date Thu, 14 Mar 2024 13:07:21 GMT Location http://libs.baidu.com/bootstrap/3.0.3/css/bootstrap.min.css?utm_source=reasonable&utm_medium=email&utm_campaign=%e6%8a%97%e4%bd%93%e8%9b%8b%e7%99%bd%e4%ba%a7%e5%93%81_EN240314 Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.newletter-sanyoubio.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gnz03xtisuxwucq20kvzfplf
t.newletter-sanyoubio.com/	1969-12-31 23:59:59	Name: Tracking_campaign3034260 Value: subid=258968438&linkid=3405023
t.newletter-sanyoubio.com/	1969-12-31 23:59:59	Name: Tracking_campaigns Value: 3034260=True
.baidu.com/	1970-01-21 04:43:01	Name: BAIDUID Value: 207B191BB1B803648F738097A40A75AE:FG=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

libs.baidu.com
t.newletter-sanyoubio.com
103.95.58.248
39.156.66.111
81e40cfd9268d77c245692bfe869d56836f557c91b494785b0cf068e875b9892

libs.baidu.com Open in urlscan Pro 39.156.66.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

46 kBTransfer

126 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Indicators

libs.baidu.com Open in urlscan Pro
39.156.66.111 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

46 kB
Transfer

126 kB
Size

4
Cookies

3 HTTP transactions
0 data transactions