tu.baixing.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 139.198.13.24, located in Beijing, China and belongs to YUNIFY-NET Yunify Technologies Inc., CN. The main domain is tu.baixing.com.

This is the only time tu.baixing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	139.198.13.24 139.198.13.24	59078 (YUNIFY-NE...) (YUNIFY-NET Yunify Technologies Inc.)
2	111.174.61.131 111.174.61.131	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	119.146.74.34 119.146.74.34	58543 (CHINATELE...) (CHINATELECOM-GUANGDONG-IDC Guangdong)
4	3

1 139.198.13.24 (Beijing, China)

ASN59078 (YUNIFY-NET Yunify Technologies Inc., CN)

tu.baixing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.174.61.131 (Wuhan, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

bd-s.baixing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.146.74.34 (Guangzhou, China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)

cpro.baidustatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	baixing.net bd-s.baixing.net	12 KB
1	baidustatic.com cpro.baidustatic.com	440 B
1	baixing.com tu.baixing.com	717 B
4	3

	Domain	Requested by
2	bd-s.baixing.net	tu.baixing.com bd-s.baixing.net
1	cpro.baidustatic.com	bd-s.baixing.net
1	tu.baixing.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://tu.baixing.com/widget/i/zl-hdcs197.html
Frame ID: (D6783AF7C1F475A7134481729FEEB50)
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

13 kB
Transfer

32 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set zl-hdcs197.html Show response tu.baixing.com/widget/i/	303 B 717 B	679ms 340ms	Document text/html	139.198.13.24 YUNIFY-NET Yunify...
General Check archive.org Show headers Download Go to Full URL http://tu.baixing.com/widget/i/zl-hdcs197.html Protocol HTTP/1.1 Server 139.198.13.24 Beijing, China, ASN59078 (YUNIFY-NET Yunify Technologies Inc., CN), Reverse DNS Software / Resource Hash `29877b13eb36790562a9f04809448c24c231356ce560380498a4beafbac78d16` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host tu.baixing.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 05 Feb 2018 00:48:01 GMT Content-Encoding gzip Set-Cookie __admx_track_id=6--Gto74CxqQ5mc6oxoTgA; path=/; expires=Thu, 03 Feb 2028 00:48:01 GMT; domain=.baixing.com; httponly __admx_track_id.sig=fODnUmeUOLp_xtjKN-QzjiPDRi4; path=/; expires=Thu, 03 Feb 2028 00:48:01 GMT; domain=.baixing.com; httponly Transfer-Encoding chunked X-Request-Id 3bf7f859-f9f2-43fb-b1cb-83a960a7ff28 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	ezribroib.js Show response bd-s.baixing.net/	2 KB 2 KB	492ms 259ms	Script text/javascript	111.174.61.131 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://bd-s.baixing.net/ezribroib.js Requested by Host: tu.baixing.com URL: http://tu.baixing.com/widget/i/zl-hdcs197.html Protocol HTTP/1.1 Server 111.174.61.131 Wuhan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software yunjiasu-nginx / Resource Hash `a55c8191237a9775944e29e9d8af7a890907281e459078d1b546f89e73c7b11b` Request headers Referer http://tu.baixing.com/widget/i/zl-hdcs197.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 05 Feb 2018 00:48:02 GMT Content-Encoding gzip Last-Modified Fri, 02 Feb 2018 08:51:40 GMT Server yunjiasu-nginx YJS-ID 6402fa97dec7271c-100 P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control max-age=14400 Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 1118 Expires Mon, 05 Feb 2018 04:48:02 GMT
GET H/1.1	200 OK	jdhlyho.js Show response bd-s.baixing.net/	30 KB 10 KB	259ms 258ms	Script text/javascript	111.174.61.131 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://bd-s.baixing.net/jdhlyho.js Requested by Host: bd-s.baixing.net URL: http://bd-s.baixing.net/ezribroib.js Protocol HTTP/1.1 Server 111.174.61.131 Wuhan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software yunjiasu-nginx / Resource Hash `31e2ebe9ce28278963767d7bc76eb1dff93b497c9eed66948bd483863a8f50bd` Request headers Referer http://tu.baixing.com/widget/i/zl-hdcs197.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 05 Feb 2018 00:48:02 GMT Content-Encoding gzip Last-Modified Fri, 02 Feb 2018 08:51:40 GMT Server yunjiasu-nginx YJS-ID 6402fa99def6271c-100 P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control max-age=3600 Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 9944 Expires Mon, 05 Feb 2018 01:48:02 GMT
GET H/1.1	200 OK	pr.js Show response cpro.baidustatic.com/cpro/ui/	33 B 440 B	406ms 202ms	Script application/x-javascript	119.146.74.34 CHINATELECOM-GUAN...
General Check archive.org Show headers Download Go to Full URL http://cpro.baidustatic.com/cpro/ui/pr.js Requested by Host: bd-s.baixing.net URL: http://bd-s.baixing.net/jdhlyho.js Protocol HTTP/1.1 Server 119.146.74.34 Guangzhou, China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash `8b5fbdda402789610f1cb3d44e671d74caa40655db2c4abf9d853b35148567d3` Request headers Referer http://tu.baixing.com/widget/i/zl-hdcs197.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 05 Feb 2018 00:48:03 GMT Content-Encoding gzip Ohc-Response-Time 1 0 0 0 0 0 Last-Modified Fri, 02 Feb 2018 08:27:23 GMT Server JSP3/2.0.14 Age 1690 ETag "5a7420eb-3b" Content-Type application/x-javascript Cache-Control max-age=3600 Connection close Accept-Ranges bytes Content-Length 59 Expires Mon, 05 Feb 2018 01:19:53 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __delivery_global_ object| ___delivery___global___counter___ object| __baidu_dup_jobruner

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baidu.com/	1970-01-18 22:22:07	Name: BAIDUID Value: C037A4877F0AD4572A922E82A5BAE10E:FG=1
.baixing.com/	1970-01-22 05:12:31	Name: __admx_track_id.sig Value: fODnUmeUOLp_xtjKN-QzjiPDRi4
.baixing.com/	1970-01-22 05:12:31	Name: __admx_track_id Value: 6--Gto74CxqQ5mc6oxoTgA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bd-s.baixing.net
cpro.baidustatic.com
tu.baixing.com
111.174.61.131
119.146.74.34
139.198.13.24
29877b13eb36790562a9f04809448c24c231356ce560380498a4beafbac78d16
31e2ebe9ce28278963767d7bc76eb1dff93b497c9eed66948bd483863a8f50bd
8b5fbdda402789610f1cb3d44e671d74caa40655db2c4abf9d853b35148567d3
a55c8191237a9775944e29e9d8af7a890907281e459078d1b546f89e73c7b11b

tu.baixing.com Open in urlscan Pro 139.198.13.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

13 kBTransfer

32 kBSize

3 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

Indicators

tu.baixing.com Open in urlscan Pro
139.198.13.24 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

13 kB
Transfer

32 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions