redbankit.com Open in urlscan Pro
164.88.168.230 Public Scan

URL:
http://redbankit.com/
Submission: On January 23 via api (January 23rd 2021, 9:17:43 am UTC) from US

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 164.88.168.230, located in South Africa and belongs to CLAYERLIMITED-AS-AP Clayer Limited, HK. The main domain is redbankit.com.

This is the only time redbankit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	164.88.168.230 164.88.168.230	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
6	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2 2	103.112.3.151 103.112.3.151	137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited)
1	107.154.192.67 107.154.192.67	19551 (INCAPSULA) (INCAPSULA)
9	3

2 164.88.168.230 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

redbankit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.112.3.151 (United States) 2 redirects

ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)

www.ybvip4354.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.192.67 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.192.67.ip.incapdns.net

www.yabovip77.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	baidu.com hm.baidu.com	44 KB
2	ybvip4354.com 2 redirects www.ybvip4354.com	620 B
2	redbankit.com redbankit.com	2 KB
1	yabovip77.com www.yabovip77.com
9	4

	Domain	Requested by
6	hm.baidu.com	redbankit.com
2	www.ybvip4354.com	2 redirects
2	redbankit.com	redbankit.com
1	www.yabovip77.com	redbankit.com
9	4

This site contains links to these domains. Also see Links.

Domain
www.bt.cn

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
yabovip24.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-07` - `2021-12-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://redbankit.com/
Frame ID: C07348F12102C155A6C7AB99157E4100
Requests: 8 HTTP requests in this frame

Frame: https://www.yabovip77.com/register?i_code=3509045
Frame ID: F28DC267A9B3B324C591C6AAD7365E12
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

46 kB
Transfer

119 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bt.cn/
Title: 宝塔官网(www.bt.cn)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.ybvip4354.com/ HTTP 301
https://www.ybvip4354.com/ HTTP 302
https://www.yabovip77.com/register?i_code=3509045

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
redbankit.com/ 854 B
892 B 910ms
458ms Document
text/html 164.88.168.230
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: http://redbankit.com/
Protocol: HTTP/1.1
Server: 164.88.168.230 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx / PHP/7.3.21
Resource Hash: 8fa0d54d4dad1ee43fde64716d911cc568292f9740bdccf62cfa798f802b3e02

Request headers

Host: redbankit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Sat, 23 Jan 2021 09:16:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.21
Content-Encoding: gzip

GET
H/1.1 200
OK js.js Show response
redbankit.com/ 1 KB
1011 B 233ms
233ms Script
application/javascript 164.88.168.230
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: http://redbankit.com/js.js
Requested by: Host: redbankit.com
URL: http://redbankit.com/
Protocol: HTTP/1.1
Server: 164.88.168.230 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: b4c73fbf1b652366acf1e9d491fad8aadf03ff5c4882ef572260ef9cd3f78eb2

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 09:16:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 03:25:11 GMT
Server: nginx
ETag: W/"5fffb997-524"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1316ms
529ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5636c1296ff1d2b02d71759f1326be2c

Requested by

Host: redbankit.com
URL: http://redbankit.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

12156ab2ab853c53ccd45c5034983fcfd04cbbdd2ea5c4a18758f75b8668a58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 09:17:09 GMT
Content-Encoding: gzip
Server: apache
Etag: 730cf08fa1713dec1456bcd5a373fbb4
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14038

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1098ms
535ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?52b545c30908980c941e410eab153e6d

Requested by

Host: redbankit.com
URL: http://redbankit.com/js.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9772643cde4abe15d22c36e39749b3f790c1d103efbaf5c643ce3e331dfa1731

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 09:17:09 GMT
Content-Encoding: gzip
Server: apache
Etag: b810c97bba2a48d21da6c1d89db3c4cb
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14042

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1886ms
543ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?d52d35568bcc431af0041b7ba0bef5a4

Requested by

Host: redbankit.com
URL: http://redbankit.com/js.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

5a3ce69cafb1b08f1f5e56906344a3d64443e2d669a1443996bac35cf776c1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 23 Jan 2021 09:17:09 GMT
Content-Encoding: gzip
Server: apache
Etag: 48a5945fa921fc481ad018e3be7fe9a9
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14047

GET
H2

403

http://www.ybvip4354.com/
https://www.ybvip4354.com/
https://www.yabovip77.com/register?i_code=3509045

0
0

462ms
25ms

Document
text/html

107.154.192.67
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yabovip77.com/register?i_code=3509045

Requested by

Host: redbankit.com
URL: http://redbankit.com/js.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.192.67 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.192.67.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: www.yabovip77.com
:scheme: https
:path: /register?i_code=3509045
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://redbankit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://redbankit.com/

Response headers

content-type: text/html
cache-control: no-cache
content-length: 834
x-iinfo: 4-28915876-0 0NNN RT(1611393430236 0) q(0 -1 -1 0) r(0 -1) B16 U18
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: visid_incap_2215639=Xhkoaq+bQM6ue26ILcvtAZbpC2AAAAAAQUIPAAAAAACCcm7+rBs+EmGKecA58TXo; expires=Sat, 22 Jan 2022 18:25:39 GMT; HttpOnly; path=/; Domain=.yabovip77.com; Secure; SameSite=None incap_ses_536_2215639=AzsXQyBDCTBK/Wo5akFwB5bpC2AAAAAAHrGaQ/qvpX5UHE0yoKffSA==; path=/; Domain=.yabovip77.com; Secure; SameSite=None

Redirect headers

Date: Sat, 23 Jan 2021 09:17:10 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: waf_cookie=a9ee0483-40f6-44fe6f679823abf6fa46c909b75b0ac5b2e5; Expires=1611400629; Path=/; Secure; HttpOnly
Location: https://www.yabovip77.com/register?i_code=3509045
Via: 1.1 google
X-Request-Id: bd747f5374be4331cfef7021c0c815ac
Server: WAF/2.4-12.1

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 360ms
360ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1324424119&si=5636c1296ff1d2b02d71759f1326be2c&v=1.2.80&lv=1&sn=18850&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fredbankit.com%2F&tt=%E6%81%AD%E5%96%9C%EF%BC%8C%E7%AB%99%E7%82%B9%E5%88%9B%E5%BB%BA%E6%88%90%E5%8A%9F%EF%BC%81

Requested by

Host: redbankit.com
URL: http://redbankit.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 09:17:10 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 364ms
363ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=165479671&si=52b545c30908980c941e410eab153e6d&v=1.2.80&lv=1&sn=18850&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fredbankit.com%2F&tt=%E6%81%AD%E5%96%9C%EF%BC%8C%E7%AB%99%E7%82%B9%E5%88%9B%E5%BB%BA%E6%88%90%E5%8A%9F%EF%BC%81

Requested by

Host: redbankit.com
URL: http://redbankit.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 09:17:10 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 347ms
347ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=669925301&si=d52d35568bcc431af0041b7ba0bef5a4&v=1.2.80&lv=1&sn=18851&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fredbankit.com%2F&tt=%E6%81%AD%E5%96%9C%EF%BC%8C%E7%AB%99%E7%82%B9%E5%88%9B%E5%BB%BA%E6%88%90%E5%8A%9F%EF%BC%81

Requested by

Host: redbankit.com
URL: http://redbankit.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://redbankit.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Jan 2021 09:17:11 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
redbankit.com
www.yabovip77.com
www.ybvip4354.com
103.112.3.151
103.235.46.191
107.154.192.67
164.88.168.230
12156ab2ab853c53ccd45c5034983fcfd04cbbdd2ea5c4a18758f75b8668a58a
5a3ce69cafb1b08f1f5e56906344a3d64443e2d669a1443996bac35cf776c1be
8fa0d54d4dad1ee43fde64716d911cc568292f9740bdccf62cfa798f802b3e02
9772643cde4abe15d22c36e39749b3f790c1d103efbaf5c643ce3e331dfa1731
b4c73fbf1b652366acf1e9d491fad8aadf03ff5c4882ef572260ef9cd3f78eb2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

redbankit.com Open in urlscan Pro 164.88.168.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

78 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

46 kBTransfer

119 kBSize

0 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

redbankit.com Open in urlscan Pro
164.88.168.230 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

46 kB
Transfer

119 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions