urlscan.io logo urlscan.io
SecurityTrails logo

t.edmmail.lsmaps.com Open in urlscan Pro
103.71.230.253  Public Scan

Go To Rescan Add Verdict Report
URL: http://t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/Default.aspx
Submission: On April 07 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 103.71.230.253, located in Hong Kong and belongs to RSHL-AS Reasonable Software House Limited, HK. The main domain is t.edmmail.lsmaps.com.
This is the only time t.edmmail.lsmaps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf 3 MB application/pdf
MIME: PDF document, version 1.5
Size: 3 MB (3054067 bytes, 100% done)
Downloaded from: https://cbserp-sh.oss-cn-shanghai.aliyuncs.com/6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf

Domain & IP information

IP Address AS Autonomous System
1 3 103.71.230.253 133054 (RSHL-AS R...)
1 106.14.230.49 37963 (ALIBABA-C...)
3 2
Apex Domain
Subdomains		 Transfer
3 lsmaps.com
t.edmmail.lsmaps.com
29 KB
1 aliyuncs.com
cbserp-sh.oss-cn-shanghai.aliyuncs.com
3 2
Domain Requested by
3 t.edmmail.lsmaps.com 1 redirects t.edmmail.lsmaps.com
1 cbserp-sh.oss-cn-shanghai.aliyuncs.com t.edmmail.lsmaps.com
3 2

This site contains no links.

Subject Issuer Validity Valid
*.oss-cn-hangzhou.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-02-21 -
2023-03-25		 a year crt.sh

This page contains 1 frames:

Frame: https://cbserp-sh.oss-cn-shanghai.aliyuncs.com/6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf
Frame ID: CB955FE8F4998E0A8192CD16948E9DA0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

29 kB
Transfer

29 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://t.edmmail.lsmaps.com/tracking.aspx?subid=795561671&camid=1880702&linkid=6822717&DetectFakeClicks=1 HTTP 302
  • https://cbserp-sh.oss-cn-shanghai.aliyuncs.com/6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Default.aspx
t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/Default.aspx
Protocol
HTTP/1.1
Server
103.71.230.253 , Hong Kong, ASN133054 (RSHL-AS Reasonable Software House Limited, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f6d5d5baf0615cf1f8f0584a7fa6752c5d42b3e059eed2f24d60a8ab9ac2ef60

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
private
Content-Length
3265
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Apr 2022 09:20:54 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
arrows.jpg
t.edmmail.lsmaps.com/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.edmmail.lsmaps.com/arrows.jpg
Requested by
Host: t.edmmail.lsmaps.com
URL: http://t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/Default.aspx
Protocol
HTTP/1.1
Server
103.71.230.253 , Hong Kong, ASN133054 (RSHL-AS Reasonable Software House Limited, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
61f44ee00cac04ce59500561a3c3e292956844be0db078ab7d297d98ee87917b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/Default.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 07 Apr 2022 09:20:54 GMT
Last-Modified
Mon, 26 Jan 2015 02:14:56 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0d0a4e0d39d01:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
25921
6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf
cbserp-sh.oss-cn-shanghai.aliyuncs.com/
Redirect Chain
  • http://t.edmmail.lsmaps.com/tracking.aspx?subid=795561671&camid=1880702&linkid=6822717&DetectFakeClicks=1
  • https://cbserp-sh.oss-cn-shanghai.aliyuncs.com/6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cbserp-sh.oss-cn-shanghai.aliyuncs.com/6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf
Requested by
Host: t.edmmail.lsmaps.com
URL: http://t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/Default.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.14.230.49 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://t.edmmail.lsmaps.com/t.aspx/subid/795561671/camid/1880702/linkid/6822717/Default.aspx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
3054067
Content-MD5
tM0KnMiDb3tThrOTtVauCQ==
Content-Type
application/pdf
Date
Thu, 07 Apr 2022 09:20:55 GMT
ETag
"B4CD0A9CC8836F7B5386B393B556AE09"
Last-Modified
Sat, 02 Apr 2022 07:48:57 GMT
Server
AliyunOSS
x-oss-hash-crc64ecma
15774992215755857271
x-oss-object-type
Normal
x-oss-request-id
624EACF78BC80136351073A8
x-oss-server-time
45
x-oss-storage-class
Standard
x-oss-version-id
null

Redirect headers

Cache-Control
private
Content-Length
204
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Apr 2022 09:20:54 GMT
Location
https://cbserp-sh.oss-cn-shanghai.aliyuncs.com/6ddf3fa9-681d-4a5f-94cf-da6aa8b36c1c.pdf
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| autoCenter

3 Cookies

Domain/Path Name / Value
t.edmmail.lsmaps.com/ Name: ASP.NET_SessionId
Value: 3u0xgyvbqxy2rkz5h1r335eo
t.edmmail.lsmaps.com/ Name: Tracking_campaign1880702
Value: subid=795561671&linkid=6822717
t.edmmail.lsmaps.com/ Name: Tracking_campaigns
Value: 1880702=True

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbserp-sh.oss-cn-shanghai.aliyuncs.com
t.edmmail.lsmaps.com
103.71.230.253
106.14.230.49
61f44ee00cac04ce59500561a3c3e292956844be0db078ab7d297d98ee87917b
f6d5d5baf0615cf1f8f0584a7fa6752c5d42b3e059eed2f24d60a8ab9ac2ef60