1p.meinan.cyou - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 154.201.77.18, located in United States and belongs to Africa-on-Cloud-AS, ZA. The main domain is 1p.meinan.cyou.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.

This is the only time 1p.meinan.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	154.201.77.18 154.201.77.18	328608 (Africa-on...) (Africa-on-Cloud-AS)
3	121.196.33.46 121.196.33.46	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1		() ()
6	4

1 154.201.77.18 (United States)

ASN328608 (Africa-on-Cloud-AS, ZA)

1p.meinan.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 121.196.33.46 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

challenge.rivers.chaitin.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

1p.meinan.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	chaitin.cn challenge.rivers.chaitin.cn	27 KB
2	meinan.cyou 1p.meinan.cyou	1 KB
6	2

	Domain	Requested by
3	challenge.rivers.chaitin.cn	1p.meinan.cyou challenge.rivers.chaitin.cn
2	1p.meinan.cyou	challenge.rivers.chaitin.cn
6	2

This site contains links to these domains. Also see Links.

Domain
waf-ce.chaitin.cn

Subject Issuer	Validity	Valid
1p.meinan.cyou R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.rivers.chaitin.cn R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://1p.meinan.cyou/
Frame ID: B41FFCD016A0087C462B12C47F65B0C6
Requests: 5 HTTP requests in this frame

Frame: blob://https://1p.meinan.cyou/20928a09-4cf8-4f62-aa14-9be5ca5f9f18
Frame ID: 8E2A0E3E270E6550FD03616A4B76C1A3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: FE988604CCAE3531ABB1844AA4B8A9E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

28 kB
Transfer

80 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://waf-ce.chaitin.cn/
Title: Chaitin SafeLine WAF

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1p.meinan.cyou/ 801 B
1 KB 494ms
156ms Document
text/html 154.201.77.18
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1p.meinan.cyou/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

154.201.77.18 , United States, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

Tengine /

Resource Hash

e8718d4592e79d7afaf21701ff284aa6e5832865a14927030a4fe6dbcbc3661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-length: 801
content-type: text/html
date: Thu, 06 Jun 2024 15:31:32 GMT
server: Tengine
strict-transport-security: max-age=5184000

GET
H/1.1 200
OK index.html Show response
challenge.rivers.chaitin.cn/captcha/api/ 656 B
655 B 2027ms
214ms XHR
text/html 121.196.33.46
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://challenge.rivers.chaitin.cn/captcha/api/index.html?0.04064887586099042
Requested by: Host: 1p.meinan.cyou
URL: https://1p.meinan.cyou/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.196.33.46 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 45018709835a62d94f35eea92b43c8c3554ed823a484a7ceacde1b352c63d315

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://1p.meinan.cyou/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 15:31:35 GMT
Content-Encoding: gzip
Server: nginx/1.21.6
Transfer-Encoding: chunked
X-Ca-Trace: 57b1ef81-7cdd-4523-9aab-635745de9d3f
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK sdk.js Show response
challenge.rivers.chaitin.cn/captcha/api/ 77 KB
26 KB 800ms
399ms Script
application/javascript 121.196.33.46
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://challenge.rivers.chaitin.cn/captcha/api/sdk.js
Requested by: Host: 1p.meinan.cyou
URL: https://1p.meinan.cyou/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.196.33.46 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 49bfd15cace28687bcb3e8d276a63f97b06263078ade309cd26e378146bc49d0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://1p.meinan.cyou/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 15:31:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2024 11:20:27 GMT
Server: nginx/1.21.6
Etag: W/"66449a7b-134df"
Transfer-Encoding: chunked
X-Ca-Trace: 0c589b2a-7639-4dea-a645-fd52a6339e75
Content-Type: application/javascript
Cache-Control: no-cache, no-store
Connection: keep-alive

GET
H/1.1 200
OK seed Show response
challenge.rivers.chaitin.cn/captcha/api/ 49 B
300 B 213ms
213ms XHR
application/json 121.196.33.46
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://challenge.rivers.chaitin.cn/captcha/api/seed?once_id=1efb175cd51645d8a955556f57cc254a_14&v=1.0.0&hints=permHook,globalThis,languages,vendor,webdriver,headless,webDriverValue
Requested by: Host: challenge.rivers.chaitin.cn
URL: https://challenge.rivers.chaitin.cn/captcha/api/sdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.196.33.46 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e516dace3edc27c3dd92428f3aef83b373700134a5b2f27fc2b1dae8476bdf8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://1p.meinan.cyou/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 06 Jun 2024 15:31:36 GMT
Server: nginx/1.21.6
Connection: keep-alive
Content-Length: 49
X-Ca-Trace: e2f56282-83b9-484c-a5b0-594831c34e26
Content-Type: application/json; charset=utf-8

GET
BLOB 200
OK 20928a09-4cf8-4f62-aa14-9be5ca5f9f18 Show response
https://1p.meinan.cyou/ Frame 8E2A 2 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1p.meinan.cyou/20928a09-4cf8-4f62-aa14-9be5ca5f9f18
Requested by: Host: challenge.rivers.chaitin.cn
URL: https://challenge.rivers.chaitin.cn/captcha/api/sdk.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83e3416117cb409825258f3ec2e3d7ef4ebc0cee84419279042fb792775381d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Length: 1601
Content-Type: text/html

GET
DATA 200
OK truncated Show response
/ Frame FE98 158 B
158 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d6f921b6fc1f7ec2d5c4d366bcc5a4cc21af3ec253d0e2db5e298ad77b2772b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: text/html

POST inspect
challenge.rivers.chaitin.cn/captcha/api/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: challenge.rivers.chaitin.cn
URL: https://challenge.rivers.chaitin.cn/captcha/api/inspect?seed=KJVUL58p

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| captcha function| run object| $Recap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			1p.meinan.cyou/	1970-01-20 21:09:34	Name: sl-session Value: 6OHlY9QnY2YMWLK6J5BpNg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=5184000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1p.meinan.cyou
challenge.rivers.chaitin.cn
challenge.rivers.chaitin.cn

121.196.33.46
154.201.77.18
1d6f921b6fc1f7ec2d5c4d366bcc5a4cc21af3ec253d0e2db5e298ad77b2772b
45018709835a62d94f35eea92b43c8c3554ed823a484a7ceacde1b352c63d315
49bfd15cace28687bcb3e8d276a63f97b06263078ade309cd26e378146bc49d0
83e3416117cb409825258f3ec2e3d7ef4ebc0cee84419279042fb792775381d7
e516dace3edc27c3dd92428f3aef83b373700134a5b2f27fc2b1dae8476bdf8a
e8718d4592e79d7afaf21701ff284aa6e5832865a14927030a4fe6dbcbc3661d

1p.meinan.cyou Open in urlscan Pro 154.201.77.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

4 IPs

2 Countries

28 kBTransfer

80 kBSize

1 Cookies

1 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

1p.meinan.cyou Open in urlscan Pro
154.201.77.18 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

28 kB
Transfer

80 kB
Size

1
Cookies

6 HTTP transactions
1 data transactions