taiji18.com Open in urlscan Pro
204.246.56.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meilu.xyz/
Effective URL:
http://taiji18.com/domain.html
Submission: On August 30 via api (August 30th 2019, 6:45:24 pm UTC) from DE

Summary HTTP 9 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 9 HTTP transactions. The main IP is 204.246.56.80, located in United States and belongs to GEARHOST - GearHost, Inc., US. The main domain is taiji18.com.

This is the only time taiji18.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	204.246.56.80 204.246.56.80	40728 (GEARHOST) (GEARHOST - GearHost)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
1	89.207.16.72 89.207.16.72	25751 (VALUECLICK) (VALUECLICK - Conversant)
1	216.200.199.154 216.200.199.154	6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth)
1 2	2606:4700:20:... 2606:4700:20::6819:2a07	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	116.211.183.234 116.211.183.234	58563 (CHINATELE...) (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network)
9	7

2 204.246.56.80 (United States)

ASN40728 (GEARHOST - GearHost, Inc., US)

meilu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
taiji18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.72 (Sweden)

ASN25751 (VALUECLICK - Conversant, Inc., US)

www.kqzyfj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.199.154 (United States)

ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 216.200.199.154.bpath.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:2a07 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.bitcoadz.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.211.183.234 (China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)

s13.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bitcoadz.io 1 redirects www.bitcoadz.io	8 KB
1	cnzz.com s13.cnzz.com	4 KB
1	bidvertiser.com bdv.bidvertiser.com	10 KB
1	kqzyfj.com www.kqzyfj.com	1 KB
1	imgur.com i.imgur.com	133 KB
1	taiji18.com taiji18.com	5 KB
1	meilu.xyz meilu.xyz	701 B
0	infolinks.com Failed resources.infolinks.com Failed
0	jdoqocy.com Failed www.jdoqocy.com Failed
9	9

	Domain	Requested by
2	www.bitcoadz.io	1 redirects taiji18.com
1	s13.cnzz.com	taiji18.com
1	bdv.bidvertiser.com	taiji18.com
1	www.kqzyfj.com	taiji18.com
1	i.imgur.com	taiji18.com
1	taiji18.com
1	meilu.xyz
0	resources.infolinks.com Failed	taiji18.com
0	www.jdoqocy.com Failed	taiji18.com
9	9

This site contains links to these domains. Also see Links.

Domain
go.oclaserver.com
t.cn
mbsy.co
www.bluehost.com

Subject Issuer	Validity	Valid
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
ssl381679.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-28` - `2020-02-03`	6 months	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-03-05` - `2020-03-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://taiji18.com/domain.html
Frame ID: 071E62AA778C5A68952AD85A5E93470F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://meilu.xyz/ Page URL
http://taiji18.com/domain.html Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

9
Requests

33 %
HTTPS

17 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

162 kB
Transfer

208 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://go.oclaserver.com/afu.php?zoneid=1576990

Search URL Search Domain Scan URL

URL: http://t.cn/RDEUsL3
Title: 【1Penny for the first month!】Unlimited StorageTransferEmail-20 Websites-Free SSL

Search URL Search Domain Scan URL

URL: https://mbsy.co/mprvH
Title: DreamHost:load fast,stay secure&are up100%of the time.We guarantee it!$2.59/mo

Search URL Search Domain Scan URL

URL: https://www.bluehost.com/track/winninghost/
Title: The Best Web Hosting$3.95/month*FREE Domain&SSL 1-ClickInstall!30-day money-back

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meilu.xyz/ Page URL
http://taiji18.com/domain.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.bitcoadz.io/display/items.php?4055&1145&728&90&4 HTTP 301
https://www.bitcoadz.io/display/items.php?4055&1145&728&90&4

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response meilu.xyz/	289 B 701 B	658ms 274ms	Document text/html	204.246.56.80 GearHost
General Check archive.org Show headers Download Go to Full URL http://meilu.xyz/ Protocol HTTP/1.1 Server 204.246.56.80 , United States, ASN40728 (GEARHOST - GearHost, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `fb697a5b2daadf9297358a2aa8ccc5f3585a89b56577063b0af3b6fae1c653ae` Request headers Host meilu.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 293 Content-Type text/html Content-Encoding gzip Last-Modified Thu, 22 Aug 2019 09:30:27 GMT Accept-Ranges bytes ETag "9475613bcc58d51:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Set-Cookie ARRAffinity=da11a041849b04c88a2c04934efbc961327d752c290b20bbce5507beee2fe33a;Path=/;Domain=meilu.xyz Date Fri, 30 Aug 2019 18:45:08 GMT
GET H/1.1	200 OK	Primary Request Cookie set domain.html Show response taiji18.com/	10 KB 5 KB	1422ms 141ms	Document text/html	204.246.56.80 GearHost
General Check archive.org Show headers Download Go to Full URL http://taiji18.com/domain.html Protocol HTTP/1.1 Server 204.246.56.80 , United States, ASN40728 (GEARHOST - GearHost, Inc., US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `8f2fd5de8b31a94edb1adc1d46aa3a72b83f5c4f81c16fbf2dfc3973cd10400d` Request headers Host taiji18.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://meilu.xyz/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://meilu.xyz/ Response headers Content-Length 4548 Content-Type text/html Content-Encoding gzip Last-Modified Fri, 26 Jul 2019 07:41:56 GMT Accept-Ranges bytes ETag "5d0dc998543d51:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Set-Cookie ARRAffinity=55fa8de92414fc6f9182090a6b12abde4a11c0e8ad8d30e1ed5834a0eb4049d6;Path=/;Domain=taiji18.com Date Fri, 30 Aug 2019 18:45:09 GMT
GET H2	200	3iRMMwH.gif i.imgur.com/	132 KB 133 KB	127ms 41ms	Image image/gif	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/3iRMMwH.gif Requested by Host: taiji18.com URL: http://taiji18.com/domain.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash `f090f8ad777488cce1c08e0fc4bdd47746076ddd8b2effb0977647f04ae7e2ea` Request headers Sec-Fetch-Mode no-cors Referer http://taiji18.com/domain.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 30 Aug 2019 18:45:10 GMT age 822730 x-cache HIT, HIT status 200 content-length 135604 x-served-by cache-bwi5150-BWI, cache-hhn4024-HHN last-modified Thu, 11 Jan 2018 09:15:19 GMT server cat factory 1.0 x-timer S1567190711.518590,VS0,VE1 etag "88bc22e7360aa6cb86e8932a153cf6b6" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-storage-class STANDARD_IA x-cache-hits 1, 1
GET H/1.1	200 OK	placeholder-28782419 Show response www.kqzyfj.com/	977 B 1 KB	197ms 32ms	Script text/javascript	89.207.16.72 Conversant
General Check archive.org Show headers Download Go to Full URL http://www.kqzyfj.com/placeholder-28782419?target=_top&mouseover=N Requested by Host: taiji18.com URL: http://taiji18.com/domain.html Protocol HTTP/1.1 Security , , Server 89.207.16.72 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US), Reverse DNS Software Resin/3.1.14 / Resource Hash `8299c256e616483129e329f96441a66b3ca399fe6e7fad32a4c2d21e16936723` Request headers Referer http://taiji18.com/domain.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Aug 2019 18:45:10 GMT Server Resin/3.1.14 P3P policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT" Cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type text/javascript; charset=utf-8 Content-Length 977 Expires Fri, 30 Aug 2019 18:45:10 GMT
GET		placeholder-28782445 www.jdoqocy.com/	0 0

GET H/1.1	200 OK	BidVertiser.dbm Show response bdv.bidvertiser.com/	10 KB 10 KB	336ms 170ms	Script text/javascript	216.200.199.154 Zayo Bandwidth
General Check archive.org Show headers Download Go to Full URL http://bdv.bidvertiser.com/BidVertiser.dbm?pid=786970&bid=1910299 Requested by Host: taiji18.com URL: http://taiji18.com/domain.html Protocol HTTP/1.1 Security , , Server 216.200.199.154 , United States, ASN6461 (ZAYO-6461 - Zayo Bandwidth, US), Reverse DNS 216.200.199.154.bpath.com Software / Resource Hash `33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01` Request headers Referer http://taiji18.com/domain.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Expires -1 Cache-Control no-store Connection close Content-Length 10318 Content-Type text/javascript
GET H2	200	items.php Show response www.bitcoadz.io/display/ Redirect Chain http://www.bitcoadz.io/display/items.php?4055&1145&728&90&4 https://www.bitcoadz.io/display/items.php?4055&1145&728&90&4	44 KB 7 KB	109ms 74ms	Script application/javascript	2606:4700:20::6819:2a07 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.bitcoadz.io/display/items.php?4055&1145&728&90&4 Requested by Host: taiji18.com URL: http://taiji18.com/domain.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:2a07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ad8c6e815c35577fb629265dc5bdba60c6e2c292183d42af660f51c77ffa0017` Request headers Referer http://taiji18.com/domain.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers cf-ray 50e8eb948e9dcb98-VIE pragma no-cache date Fri, 30 Aug 2019 18:45:10 GMT content-encoding br last-modified Fri, 30 Aug 2019 18:45:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type application/javascript expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 30 Aug 2019 18:45:10 GMT Server cloudflare Vary Accept-Encoding Location https://www.bitcoadz.io/display/items.php?4055&1145&728&90&4 Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive CF-RAY 50e8eb943e07cbc0-VIE Expires Fri, 30 Aug 2019 19:45:10 GMT
GET		infolinks_main.js resources.infolinks.com/js/	0 0

GET H2	200	z_stat.php Show response s13.cnzz.com/	11 KB 4 KB	1852ms 275ms	Script application/javascript	116.211.183.234 CHINATELECOM-HUBE...
General Check archive.org Show headers Download Go to Full URL https://s13.cnzz.com/z_stat.php?id=1264705897&web_id=1264705897 Requested by Host: taiji18.com URL: http://taiji18.com/domain.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 116.211.183.234 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `ad8f8cc14f3e2fd7d0776c3fa2d7ea279b33675cb0515eed8f9cd484346f4de4` Request headers Sec-Fetch-Mode no-cors Referer http://taiji18.com/domain.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 30 Aug 2019 18:08:02 GMT content-encoding gzip age 2230 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:12:429384349 status 200 x-swift-cachetime 5400 x-swift-savetime Fri, 30 Aug 2019 18:08:02 GMT content-length 4053 last-modified Fri, 30 Aug 2019 18:08:02 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1567188482 content-type application/javascript via cache47.l2cn628[28,200-0,M], cache12.l2cn628[30,0], cache20.cn533[0,200-0,H], cache20.cn533[0,0] cache-control max-age=5400,s-maxage=5400 timing-allow-origin * eagleid 74d3b72815671907121301076e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.jdoqocy.com
URL: http://www.jdoqocy.com/placeholder-28782445?target=_top&mouseover=N

Domain: resources.infolinks.com
URL: http://resources.infolinks.com/js/infolinks_main.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| url object| url_list number| url_rand function| submitCJ10438312X594

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.meilu.xyz/	1969-12-31 23:59:59	Name: ARRAffinity Value: da11a041849b04c88a2c04934efbc961327d752c290b20bbce5507beee2fe33a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdv.bidvertiser.com
i.imgur.com
meilu.xyz
resources.infolinks.com
s13.cnzz.com
taiji18.com
www.bitcoadz.io
www.jdoqocy.com
www.kqzyfj.com
resources.infolinks.com
www.jdoqocy.com
116.211.183.234
151.101.112.193
204.246.56.80
216.200.199.154
2606:4700:20::6819:2a07
89.207.16.72
33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01
8299c256e616483129e329f96441a66b3ca399fe6e7fad32a4c2d21e16936723
8f2fd5de8b31a94edb1adc1d46aa3a72b83f5c4f81c16fbf2dfc3973cd10400d
ad8c6e815c35577fb629265dc5bdba60c6e2c292183d42af660f51c77ffa0017
ad8f8cc14f3e2fd7d0776c3fa2d7ea279b33675cb0515eed8f9cd484346f4de4
f090f8ad777488cce1c08e0fc4bdd47746076ddd8b2effb0977647f04ae7e2ea
fb697a5b2daadf9297358a2aa8ccc5f3585a89b56577063b0af3b6fae1c653ae

taiji18.com Open in urlscan Pro 204.246.56.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

33 %HTTPS

17 %IPv6

9 Domains

9 Subdomains

7 IPs

4 Countries

162 kBTransfer

208 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

taiji18.com Open in urlscan Pro
204.246.56.80 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

33 %
HTTPS

17 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

162 kB
Transfer

208 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions