urlscan.io logo urlscan.io
SecurityTrails logo

ddos405.rbnetidc.com Open in urlscan Pro
154.85.10.186  Public Scan

Go To Rescan Add Verdict Report
URL: http://ddos405.rbnetidc.com/
Submission: On August 31 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 154.85.10.186, located in Tokyo, Japan and belongs to RBNET RBNET Co.,Ltd., JP. The main domain is ddos405.rbnetidc.com.
This is the only time ddos405.rbnetidc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 154.85.10.186 59117 (RBNET RBN...)
2 61.147.124.17 137697 (CHINATELE...)
2 170.52.124.11 395965 (CARRY-TEL...)
8 203.205.137.254 132203 (TENCENT-N...)
1 61.147.124.144 137697 (CHINATELE...)
2 203.107.43.76 37963 (CNNIC-ALI...)
23 6
8    154.85.10.186 (Tokyo, Japan)

ASN59117 (RBNET RBNET Co.,Ltd., JP)
ddos405.rbnetidc.com
2    61.147.124.17 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)
count28.51yes.com
2    170.52.124.11 (Milton, Canada)

ASN395965 (CARRY-TELECOM, CA)
count12.51yes.com
8    203.205.137.254 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
static.meiqia.com
1    61.147.124.144 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)
counf12.51yes.com
2    203.107.43.76 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
new-api.meiqia.com
Domain Requested by
8 static.meiqia.com ddos405.rbnetidc.com
static.meiqia.com
8 ddos405.rbnetidc.com ddos405.rbnetidc.com
2 new-api.meiqia.com static.meiqia.com
2 count12.51yes.com ddos405.rbnetidc.com
2 count28.51yes.com ddos405.rbnetidc.com
count28.51yes.com
1 counf12.51yes.com count12.51yes.com
23 6
Subject Issuer Validity Valid
*.meiqia.com
RapidSSL RSA CA 2018		 2020-04-20 -
2022-07-20		 2 years crt.sh

This page contains 6 frames:

Primary Page: http://ddos405.rbnetidc.com/
Frame ID: 6E839A2345BA805A0F4D13D084795E40
Requests: 15 HTTP requests in this frame

Frame: http://count28.51yes.com/sa.htm?id=286856515&refe=&location=http%3A//ddos405.rbnetidc.com/&color=24x&resolution=1600x1200&returning=0&language=undefined&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36
Frame ID: B252B84A1B6A3CC99B9538B144CFD2F2
Requests: 1 HTTP requests in this frame

Frame: http://counf12.51yes.com/sa.htm?id=128291091&refe=&location=http%3A//ddos405.rbnetidc.com/&color=24x&resolution=1600x1200&returning=0&language=undefined&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36
Frame ID: D0FE839E183CB1111E4D4440058A4B17
Requests: 1 HTTP requests in this frame

Frame: https://static.meiqia.com/widget/sync-cookie.html?v=2
Frame ID: C91AB388C2442E126F9FBD952205C342
Requests: 1 HTTP requests in this frame

Frame: https://static.meiqia.com/widget/vendor-99e1dff855489cf8bac8.js
Frame ID: B802562F2A31B9F7EA40ADBEFB18D9EE
Requests: 2 HTTP requests in this frame

Frame: https://static.meiqia.com/widget/static/new-chat.ogg
Frame ID: E27F9FF040EC3B03250784BA35829AE1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

43 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

6
IPs

3
Countries

608 kB
Transfer

1736 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ddos405.rbnetidc.com/ 		390 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e51bd972e609bc5833c01dbb5ec3a611277322770d9032e73d6663c80e2dca9

Request headers

Host
ddos405.rbnetidc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 13:51:09 GMT
Accept-Ranges
bytes
ETag
"80c4fc1d797cd61:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Mon, 31 Aug 2020 03:23:30 GMT
Content-Length
104807
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
style.css
ddos405.rbnetidc.com/images/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ddos405.rbnetidc.com/images/style.css
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
25c5915e811bc176f098ec41bc76a23ea1a37d2101c372e0b0f500590e72f7fd

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Apr 2020 21:34:35 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c4a72081369d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1625
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
jquery18.js
ddos405.rbnetidc.com/images/ 		91 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ddos405.rbnetidc.com/images/jquery18.js
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
18e8f1a89dea882c6687d61e4077035e60ffa56f4024e71bacdb06930c047151

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jan 2015 11:57:35 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"dac3aa9af13ad01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
42208
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
float.js
ddos405.rbnetidc.com/images/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ddos405.rbnetidc.com/images/float.js
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
beccb3ea36b3a757626f609992b2304a939f25f0f0c7b4fea44c80c4851aeb94

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jan 2015 11:57:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"205a9d99f13ad01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1589
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
logo.png
ddos405.rbnetidc.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ddos405.rbnetidc.com/images/logo.png
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e21161419b25854161f8614c48b0dbb55b20ea20a335f2d05cc379499cf8d971

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:31 GMT
Last-Modified
Tue, 09 Aug 2016 16:51:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"026bd395ef2d11:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
21385
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
footer_img02.gif
ddos405.rbnetidc.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ddos405.rbnetidc.com/images/footer_img02.gif
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6030bbae085db07686730e5df16af11c513fedd167cc9213bccb722259049e58

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:31 GMT
Last-Modified
Fri, 03 Apr 2020 05:03:06 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"20683929759d61:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
8899
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
click.aspx
count28.51yes.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://count28.51yes.com/click.aspx?id=286856515&logo=12
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
61.147.124.17 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
4fd8b44d806915a6da8884fda5531054621af1300af20f22aef70e96dabf528b

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:11:03 GMT
Cache-Control
private
Server
Microsoft-IIS/6.0
X-AspNet-Version
1.1.4322
X-Powered-By
ASP.NET
Content-Length
1694
Content-Type
text/html; charset=gb2312
click.aspx
count12.51yes.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://count12.51yes.com/click.aspx?id=128291091&logo=8
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
170.52.124.11 Milton, Canada, ASN395965 (CARRY-TELECOM, CA),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
b2a99e00d46f66063c9c18a285f1c9f2d1550e1c8a75330a3163892276996795

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:16:37 GMT
Cache-Control
private
Server
Microsoft-IIS/6.0
X-AspNet-Version
1.1.4322
X-Powered-By
ASP.NET
Content-Length
1777
Content-Type
text/html; charset=gb2312
/
ddos405.rbnetidc.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ddos405.rbnetidc.com/
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Aug 2020 13:51:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80c4fc1d797cd61:0"
Vary
Accept-Encoding
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
104807
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
topbg11.png
ddos405.rbnetidc.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ddos405.rbnetidc.com/images/topbg11.png
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/images/style.css
Protocol
HTTP/1.1
Server
154.85.10.186 Tokyo, Japan, ASN59117 (RBNET RBNET Co.,Ltd., JP),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
429473f3b202aae0af66daeba9e255cdcbf8e3d72a34c09bc0a7322c51395467

Request headers

Referer
http://ddos405.rbnetidc.com/images/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:23:31 GMT
Last-Modified
Wed, 28 Jan 2015 11:57:48 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9ab3b6a2f13ad01:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3708
X-Via
1.1 localhost.localdomain (random:163996 Fikker/Webcache/3.7.8)
loader.js
static.meiqia.com/widget/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/loader.js
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
4f60e2a196fc0e904f1e75fe16ccf84b2dfe8a88f1849331e5ac32490ae4eb47

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 03:23:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
8adac31382e6633c556a69b48bcc349e
x-amz-request-id
80642C3021A7A6F3
x-cache-status
HIT
status
200
content-length
3349
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
server
NWS_Oversea_AP
etag
"e4da872bc957ec1149fe0d72effad2d0"
vary
Accept-Encoding
x-amz-version-id
9R4eR3Nv7smC4oELyU6ParhWVLRTrpwt
cache-control
max-age=300
x-daa-tunnel
hop_count=1
x-nws-log-uuid
55632e21-cda9-4654-992b-0807059dcd28
content-type
application/javascript
expires
Mon, 31 Aug 2020 03:28:33 GMT
sa.htm
count28.51yes.com/ Frame B252 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://count28.51yes.com/sa.htm?id=286856515&refe=&location=http%3A//ddos405.rbnetidc.com/&color=24x&resolution=1600x1200&returning=0&language=undefined&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36
Requested by
Host: count28.51yes.com
URL: http://count28.51yes.com/click.aspx?id=286856515&logo=12
Protocol
HTTP/1.1
Server
61.147.124.17 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash

Request headers

Host
count28.51yes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ddos405.rbnetidc.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ddos405.rbnetidc.com/

Response headers

Date
Mon, 31 Aug 2020 03:11:03 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
X-AspNet-Version
1.1.4322
Cache-Control
private
Content-Length
0
sa.htm
counf12.51yes.com/ Frame D0FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://counf12.51yes.com/sa.htm?id=128291091&refe=&location=http%3A//ddos405.rbnetidc.com/&color=24x&resolution=1600x1200&returning=0&language=undefined&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/83.0.4103.61%20Safari/537.36
Requested by
Host: count12.51yes.com
URL: http://count12.51yes.com/click.aspx?id=128291091&logo=8
Protocol
HTTP/1.1
Server
61.147.124.144 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash

Request headers

Host
counf12.51yes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ddos405.rbnetidc.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ddos405.rbnetidc.com/

Response headers

Date
Mon, 31 Aug 2020 03:17:56 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
X-AspNet-Version
1.1.4322
Cache-Control
private
Content-Length
0
count8.gif
count12.51yes.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://count12.51yes.com/count8.gif
Requested by
Host: ddos405.rbnetidc.com
URL: http://ddos405.rbnetidc.com/
Protocol
HTTP/1.1
Server
170.52.124.11 Milton, Canada, ASN395965 (CARRY-TELECOM, CA),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
a6241386a7819de40d267d9786aaf4700a1efa112cf90cbb16b470c3021ac2b9

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 03:16:37 GMT
Last-Modified
Wed, 15 Mar 2006 10:37:04 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
ETag
"08858661c48c61:94b97"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1162
entrypoint-v2020.08.27.1.js
static.meiqia.com/widget/ 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/entrypoint-v2020.08.27.1.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
c6455a9abb1e5b47f11840d46f48185c46c43f98e93820fc0c3792e85d2c32a1

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 03:23:34 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
b941b5bc8d6958a5a4c164431a10b54c
x-amz-request-id
FTFZ1XFQ8K8GEZCG
x-cache-status
MISS
status
200
content-length
39082
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
server
NWS_Oversea_AP
etag
"4b2fa021405c5c7801f543b5610c042d"
vary
Accept-Encoding
x-amz-version-id
vnNoSHXCuLf62MC4tuDULL8d2nQqkIIW
cache-control
max-age=315360000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
e843e534-a8c3-48ca-98a7-0ae54ce3ca9d
content-type
application/javascript
expires
Thu, 29 Aug 2030 03:23:33 GMT
sync-cookie.html
static.meiqia.com/widget/ Frame C91A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/sync-cookie.html?v=2
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.08.27.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash

Request headers

:method
GET
:authority
static.meiqia.com
:scheme
https
:path
/widget/sync-cookie.html?v=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ddos405.rbnetidc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ddos405.rbnetidc.com/

Response headers

status
200
date
Mon, 31 Aug 2020 03:23:35 GMT
content-type
text/html
content-length
2136
server
NWS_Oversea_AP
cache-control
max-age=315360000
expires
Thu, 29 Aug 2030 03:23:34 GMT
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
content-encoding
gzip
x-nws-log-uuid
eac818f4-e74e-4786-aef6-fe13f65c8ca5
x-cache-lookup
Hit From Disktank3 Gz
x-nws-uuid-verify
f9af65df08cfd61795a2e1cc2e6cec1d
vary
Accept-Encoding
x-amz-request-id
AC4B1740A7675658
etag
"183ecedd8abd2915fa3e74a7fa9e6173"
x-amz-version-id
jpOIKJJG1j0R6lmJY4GFAnL98LbsRWbU
x-cache-status
HIT
accept-ranges
bytes
vendor-99e1dff855489cf8bac8.js
static.meiqia.com/widget/ Frame B802 		700 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/vendor-99e1dff855489cf8bac8.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.08.27.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
6ef226a1d0ebb243b07c691f68b498da563715534ab8f6049a71576ea6590f24

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 03:23:35 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
451d89a50d1e2b2cc00cf26d7b40d270
x-amz-request-id
9E31AAFA5417BCA6
x-cache-status
HIT
status
200
content-length
238158
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
server
NWS_Oversea_AP
etag
"f6bf7c6c25ea2743ef059e11e084fdce"
vary
Accept-Encoding
x-amz-version-id
0MBb6MKirXLpnpFdZzGX4ymnjT6l2dIv
cache-control
max-age=315360000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
bdba50ba-8caf-4ffb-8f1c-144f9aa5f9fc
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 29 Aug 2030 03:23:34 GMT
app-v2020.08.27.1.js
static.meiqia.com/widget/ Frame B802 		341 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/app-v2020.08.27.1.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.08.27.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
d9e947bde19d4c37b26306991c935ddd4d5180ad427f38e73ecb10ef93078ab7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 03:23:36 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
b941b5bc8d6958a5a4c164431a10b54c
x-amz-request-id
BD54095C5F8142C2
x-cache-status
MISS
status
200
content-length
96469
last-modified
Thu, 27 Aug 2020 09:53:34 GMT
server
NWS_Oversea_AP
etag
"2a53a0db6ee6f6ffa1cbc6b3b36bbad3"
vary
Accept-Encoding
x-amz-version-id
MZQlofrOcfS6uELvMIlt_973zcwBzhPf
cache-control
max-age=315360000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
bd7ba377-48a4-4d02-ae5d-4b2dc90bda93
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 29 Aug 2030 03:23:35 GMT
get_base_config
new-api.meiqia.com/visit/ 		109 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/get_base_config?ent_id=218335
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.08.27.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.107.43.76 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
347f9230bd59c33f731122e635cdb9b69659a2219c8e3e353d86105bc75f614b

Request headers

Accept
application/json
Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://ddos405.rbnetidc.com
Date
Mon, 31 Aug 2020 03:23:38 GMT
Content-Encoding
gzip
Server
openresty
Content-Length
103
Vary
Accept-Encoding
Content-Type
application/json
new-chat.ogg
static.meiqia.com/widget/static/ Frame E27F 		13 KB
13 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/static/new-chat.ogg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
68b3165ec6baf7337b62f12b48d4e741dc31879d1be01386897fc3da0b6a215a

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Aug 2020 03:23:37 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
x-nws-uuid-verify
b603a2d1c1f7aa5f6b702a679699a39d
x-amz-request-id
538C72C77C62764E
x-cache-status
MISS
status
206
Content-Length
13154
Content-Range
bytes 0-13153/13154
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
server
NWS_Oversea_AP
etag
"000361055ba6323bd77b87a9b6c720e1"
x-amz-version-id
Z1KDjgw9MfSn41isa_...NXjL.vcZuEF
cache-control
max-age=315360000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
0e5295f5-bc9a-4bce-89df-4bc19b5fab8e
content-type
audio/ogg
expires
Thu, 29 Aug 2030 03:23:36 GMT
new-message.ogg
static.meiqia.com/widget/static/ Frame E27F 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/static/new-message.ogg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
24de5dcb61980c9fb74d909017a1e22afc1eab7b9557c114e3d31f310cb3a589

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Aug 2020 03:23:37 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
x-nws-uuid-verify
fdca9d98d36e20909ea7b491c06a38f9
x-amz-request-id
1M0HESBW3KASAWBT
x-cache-status
MISS
status
206
Content-Length
5891
Content-Range
bytes 0-5890/5891
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
server
NWS_Oversea_AP
etag
"20c917be9af04d47529a9b8d9bb97f86"
x-amz-version-id
ZZLBvDfAar.ceZ9MioWAEZWgBiCcxsSn
cache-control
max-age=315360000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
946d680c-39da-404b-a6c9-4016d27ee38d
content-type
audio/ogg
expires
Thu, 29 Aug 2030 03:23:36 GMT
sent-message.ogg
static.meiqia.com/widget/static/ Frame E27F 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/static/sent-message.ogg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.254 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
e8c5d4e9b26f6327cfc4d103bc6d5e8c5a641a5a24085b1b66129bee55ad1b4f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 31 Aug 2020 03:23:37 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
x-nws-uuid-verify
15e43310eacc637d4ebc3013fed5c61a
x-amz-request-id
2CD7489C9148C890
x-cache-status
MISS
status
206
Content-Length
8822
Content-Range
bytes 0-8821/8822
last-modified
Thu, 27 Aug 2020 09:53:38 GMT
server
NWS_Oversea_AP
etag
"bebdf32f64a0c27b36033871882647c8"
x-amz-version-id
NhjTBbbmycMeQJuckAwg1C2m2VphduYO
cache-control
max-age=315360000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
b48fd1b6-92fe-4d86-923b-e850b98235ed
content-type
audio/ogg
expires
Thu, 29 Aug 2030 03:23:36 GMT
init
new-api.meiqia.com/visit/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/init?ent_id=218335&track_id=&title=%E7%BB%BF%E8%89%B2%E7%BD%91%E5%9D%80%E5%AF%BC%E8%88%AA%20-%20%E5%A8%B1%E4%B9%90%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8%2C%E7%BA%BF%E4%B8%8A%E5%A8%B1%E4%B9%90%E4%BB%8E%E8%BF%99%E9%87%8C%E5%BC%80%E5%A7%8B%EF%BC%81&referrer_url=&url=http%3A%2F%2Fddos405.rbnetidc.com%2F&v=1598844218562&jsonp_cb=jsonp1598844218561
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.08.27.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.107.43.76 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://ddos405.rbnetidc.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| FloatClose number| left_top number| right_top object| float_list number| float_side object| jQuery1830948128358754003 function| _MEIQIA function| y_gVal function| y_g function| cc_k string| yesdata number| y_c3 object| __core-js_shared__ string| _agent_chat_type object| _widgetBundleName object| regeneratorRuntime object| core object| _CHAT_GLOBAL_API_CONFIG_ object| meiqia function| _LAIGU function| jsonp1598844218561

2 Cookies

Domain/Path Name / Value
ddos405.rbnetidc.com/ Name: cck_count
Value: 0
ddos405.rbnetidc.com/ Name: cck_lasttime
Value: 1598844213968

1 Console Messages

Source Level URL
Text
console-api log URL: https://static.meiqia.com/widget/app-v2020.08.27.1.js(Line 1)
Message:
{"data":{"status":403,"code":"enterprise_disabled_legal","message":"Enterprise disabled due to legal violation"},"status":403}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counf12.51yes.com
count12.51yes.com
count28.51yes.com
ddos405.rbnetidc.com
new-api.meiqia.com
static.meiqia.com
154.85.10.186
170.52.124.11
203.107.43.76
203.205.137.254
61.147.124.144
61.147.124.17
18e8f1a89dea882c6687d61e4077035e60ffa56f4024e71bacdb06930c047151
1e51bd972e609bc5833c01dbb5ec3a611277322770d9032e73d6663c80e2dca9
24de5dcb61980c9fb74d909017a1e22afc1eab7b9557c114e3d31f310cb3a589
25c5915e811bc176f098ec41bc76a23ea1a37d2101c372e0b0f500590e72f7fd
347f9230bd59c33f731122e635cdb9b69659a2219c8e3e353d86105bc75f614b
429473f3b202aae0af66daeba9e255cdcbf8e3d72a34c09bc0a7322c51395467
4f60e2a196fc0e904f1e75fe16ccf84b2dfe8a88f1849331e5ac32490ae4eb47
4fd8b44d806915a6da8884fda5531054621af1300af20f22aef70e96dabf528b
6030bbae085db07686730e5df16af11c513fedd167cc9213bccb722259049e58
68b3165ec6baf7337b62f12b48d4e741dc31879d1be01386897fc3da0b6a215a
6ef226a1d0ebb243b07c691f68b498da563715534ab8f6049a71576ea6590f24
a6241386a7819de40d267d9786aaf4700a1efa112cf90cbb16b470c3021ac2b9
b2a99e00d46f66063c9c18a285f1c9f2d1550e1c8a75330a3163892276996795
beccb3ea36b3a757626f609992b2304a939f25f0f0c7b4fea44c80c4851aeb94
c6455a9abb1e5b47f11840d46f48185c46c43f98e93820fc0c3792e85d2c32a1
d9e947bde19d4c37b26306991c935ddd4d5180ad427f38e73ecb10ef93078ab7
e21161419b25854161f8614c48b0dbb55b20ea20a335f2d05cc379499cf8d971
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c5d4e9b26f6327cfc4d103bc6d5e8c5a641a5a24085b1b66129bee55ad1b4f