8888xy0.icu Open in urlscan Pro
154.12.88.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://8888xy0.icu/
Effective URL:
https://8888xy0.icu/
Submission: On May 23 via api (May 23rd 2024, 1:30:43 pm UTC) from BE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 17 HTTP transactions. The main IP is 154.12.88.38, located in Mong Kok, Hong Kong and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is 8888xy0.icu.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.

This is the only time 8888xy0.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	154.12.88.38 154.12.88.38	142032 (HFTCL-AS-...) (HFTCL-AS-AP High Family Technology Co.)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.91.91.15 154.91.91.15	399077 (TERAEXCH) (TERAEXCH)
2	43.198.73.176 43.198.73.176	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.113.202.42 45.113.202.42	137697 (CHINATELE...) (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province)
1	2606:4700:303... 2606:4700:3035::6815:5ab8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:443a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.91.91.9 154.91.91.9	399077 (TERAEXCH) (TERAEXCH)
1	45.248.9.69 45.248.9.69	137697 (CHINATELE...) (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province)
1	159.138.159.92 159.138.159.92	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
17	12

2 154.12.88.38 (Mong Kok, Hong Kong)

ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK)

8888xy0.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn06.mtv01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.91.91.15 (Seychelles)

ASN399077 (TERAEXCH, US)

adjs.mianyaojsj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.198.73.176 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-198-73-176.ap-east-1.compute.amazonaws.com

js.0322cfmtl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

code28.dou01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.113.202.42 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)

www.88lm15.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5ab8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.tkads.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:443a (United States)

ASN13335 (CLOUDFLARENET, US)

aba.hdjthzg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.91.91.9 (Seychelles)

ASN399077 (TERAEXCH, US)

adck.ttfdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.248.9.69 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)

www.88lm12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.138.159.92 (Hong Kong, Hong Kong)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-159-138-159-92.compute.hwclouds-dns.com

star.xfztgxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	0322cfmtl.cc js.0322cfmtl.cc	15 KB
2	8888xy0.icu 8888xy0.icu	2 KB
1	xfztgxt.com star.xfztgxt.com — Cisco Umbrella Rank: 606914	891 B
1	88lm12.com www.88lm12.com	703 B
1	ttfdc.net adck.ttfdc.net	672 B
1	hdjthzg.cn aba.hdjthzg.cn	27 KB
1	tkads.tk js.tkads.tk	511 B
1	88lm15.com www.88lm15.com	48 KB
1	dou01.com code28.dou01.com	489 B
1	mianyaojsj.com adjs.mianyaojsj.com	13 KB
1	mtv01.com cdn06.mtv01.com	525 B
0	jybaoxian.com Failed ewe.iew2l.jybaoxian.com Failed
0	srbzw.cn Failed c.zjcm.com.srbzw.cn Failed ksk.srbzw.cn Failed
17	13

	Domain	Requested by
2	js.0322cfmtl.cc	8888xy0.icu js.0322cfmtl.cc
2	8888xy0.icu
1	star.xfztgxt.com	aba.hdjthzg.cn
1	www.88lm12.com	www.88lm15.com
1	adck.ttfdc.net	adjs.mianyaojsj.com
1	aba.hdjthzg.cn	8888xy0.icu
1	js.tkads.tk	8888xy0.icu
1	www.88lm15.com	8888xy0.icu
1	code28.dou01.com	8888xy0.icu
1	adjs.mianyaojsj.com	8888xy0.icu
1	cdn06.mtv01.com	8888xy0.icu
0	ewe.iew2l.jybaoxian.com Failed	8888xy0.icu
0	ksk.srbzw.cn Failed	8888xy0.icu
0	c.zjcm.com.srbzw.cn Failed	8888xy0.icu
17	14

This site contains no links.

Subject Issuer	Validity	Valid
888wo.icu R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
mtv01.com GTS CA 1P5	`2024-05-11` - `2024-08-09`	3 months	crt.sh
adjs.mianyaojsj.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
js.1119ddfkjdk.cc R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
dou01.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
88lm15.com TrustAsia RSA DV TLS CA G3	`2024-05-04` - `2024-08-02`	3 months	crt.sh
tkads.tk E1	`2024-04-14` - `2024-07-13`	3 months	crt.sh
hdjthzg.cn GTS CA 1P5	`2024-03-25` - `2024-06-23`	3 months	crt.sh
adck.ttfdc.net R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
88lm12.com TrustAsia RSA DV TLS CA G2	`2024-04-23` - `2025-04-23`	a year	crt.sh
*.xfztgxt.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-08` - `2024-10-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://8888xy0.icu/
Frame ID: BD874817ACC38E5535F9D7D0F9BB9DAD
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

广告联盟

Page URL History Show full URLs

http://8888xy0.icu/ HTTP 307
https://8888xy0.icu/ Page URL

Page Statistics

17
Requests

65 %
HTTPS

18 %
IPv6

13
Domains

14
Subdomains

12
IPs

5
Countries

108 kB
Transfer

231 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://8888xy0.icu/ HTTP 307
https://8888xy0.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
8888xy0.icu/
Redirect Chain

http://8888xy0.icu/
https://8888xy0.icu/

2 KB
1 KB

1750ms
331ms

Document
text/html

154.12.88.38
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL

https://8888xy0.icu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.12.88.38 Mong Kok, Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

bcbe0c6ea9b99945495b2d9fdb0cb105d285d60605bf3eca386ab2a49059c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 23 May 2024 13:30:28 GMT
etag: W/"66407811-892"
last-modified: Sun, 12 May 2024 08:04:33 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Location: https://8888xy0.icu/
Non-Authoritative-Reason: HttpsUpgrades

GET jsym.php
c.zjcm.com.srbzw.cn/ 0
0

GET jhc.php
ksk.srbzw.cn/ 0
0

GET
H3 200 o.php Show response
cdn06.mtv01.com/ 54 B
525 B 430ms
343ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn06.mtv01.com/o.php?id=9037
Requested by: Host: 8888xy0.icu
URL: https://8888xy0.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 751a72fd9891fc735dcce104e0ff93a4cfbe48ef1cb698ddf64b79b1b5d5181e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8LlMfedZp4zo1oICsHz4O04eTNBhj8gCBZpZ22q4H1f9lyp%2BrBIqznJQqIshB4Xji2h4O20w5sf5JPhRh1T4SHnhUxpkF%2BprrotEvSwpSNqDsGleyaH7%2BoQH3s%2FywEj5U4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 88856698bf789f14-FRA
alt-svc: h3=":443"; ma=86400

GET slot
ewe.iew2l.jybaoxian.com/ 0
0

GET
H2 200 slot Show response
adjs.mianyaojsj.com/ 47 KB
13 KB 3416ms
285ms Script
text/plain 154.91.91.15
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.mianyaojsj.com/slot?1857953001038183338-856

Requested by

Host: 8888xy0.icu
URL: https://8888xy0.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.91.91.15 , Seychelles, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

bda225f68b9be1faf3e30c8af354e2152cb00aeb30c71c3a98cb8d7577b03704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:31 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
x-cache: DYNAMIC
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
access-control-allow-origin
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

GET
H2 200 slot Show response
js.0322cfmtl.cc/ 45 KB
14 KB 1501ms
558ms Script
text/plain 43.198.73.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.0322cfmtl.cc/slot?7255774253627174051-12154
Requested by: Host: 8888xy0.icu
URL: https://8888xy0.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.198.73.176 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-198-73-176.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cb6ec8fccaf256ebcf00a6d5078d035d2e338614498d79f8e11f991b50f05a69

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: text/plain; charset=utf-8
access-control-allow-origin
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

GET
H2 200 m.php Show response
code28.dou01.com/ 24 B
489 B 419ms
334ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code28.dou01.com/m.php?id=undefined
Requested by: Host: 8888xy0.icu
URL: https://8888xy0.icu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: fcb84c495c67b292466d8df436bba2f2b273ae8a013ffa8f5f3ee4211bd64897

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20icKmYMXT3xavTj1t3%2B%2BbRAxmu8EmSfxkR8o6aULscKuCM6NP0OC4CWmF9g16W2fDp%2BER49WJP6ty1vEHdQJmYPsw9F1xu7m3FIDWCA0L2VFJQehKp8vjayC%2BTbS%2F24uvVF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 88856698be2b1d94-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 slot Show response
www.88lm15.com/ 47 KB
48 KB 3651ms
1341ms Script
text/plain 45.113.202.42
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.88lm15.com:866/slot?8225462100335650212-4309
Requested by: Host: 8888xy0.icu
URL: https://8888xy0.icu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.113.202.42 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: /
Resource Hash: 09f26223031a3431685a87f9d40e20eeed95dc1305e7981d853b60855bd78c73

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin
date: Thu, 23 May 2024 13:30:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: text/plain; charset=utf-8

GET
H3 200 vs.php Show response
js.tkads.tk/ 52 B
511 B 711ms
367ms Script
text/html 2606:4700:3035::6815:5ab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.tkads.tk/vs.php?id=1229
Requested by: Host: 8888xy0.icu
URL: https://8888xy0.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5ab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012caa22763eb2816b588a35a119bedd7103b9e17853a4508315123cf3e2c6fd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUAcT1pgCXtdgOD9MY480S4mKYvsQWXCiQtgl7N8EampuO1woUlqAdJfHlygcQ%2F%2BfS2oqGfjAjoRnqX1KtE3VfEuAFZOtaCtqBw0ZDN7UOVpkam5GBXnoSIBQixuAK6agDnaf546LR6Ung%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8885669a59e26ae8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 slot Show response
aba.hdjthzg.cn/ 87 KB
27 KB 1303ms
1224ms Script
text/plain 2606:4700:20::ac43:443a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aba.hdjthzg.cn/slot?2377029035902478992-31036
Requested by: Host: 8888xy0.icu
URL: https://8888xy0.icu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c56961f9160c05b6b134f3ef742360005c07f8a06cf21e598d918e6d1d7c9ea

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: text/plain; charset=utf-8
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6usuxDgCvW4NzZY6UAI42tCiOsZyMcu5XuZOYnSK0ZRoqLpn93KtNMAI43u%2Bxcqoe4O%2Fq1skaDnbCe%2BwjO5TlEAZLJzL%2B%2FeqMVVMZDlcEXyH6Eu1AZrZ4TXPTlrJv8KOWlNLCTcId%2Fp2VBW"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 88856698ba789bb6-FRA
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

GET
H2 404 favicon.ico
8888xy0.icu/ 548 B
612 B 331ms
331ms Other
text/html 154.12.88.38
HFTCL-AS-AP High ...

General

Check archive.org

Show headers Download Go to

Full URL: https://8888xy0.icu/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.88.38 Mong Kok, Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:35 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 bid Show response
adck.ttfdc.net/ 349 B
672 B 4221ms
1065ms Script
application/json 154.91.91.9
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://adck.ttfdc.net/bid?url=https%3A%2F%2F8888xy0.icu%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=856&rid=e76f31c360973966c358468d81f57cc5&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=

Requested by

Host: adjs.mianyaojsj.com
URL: https://adjs.mianyaojsj.com/slot?1857953001038183338-856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.91.91.9 , Seychelles, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

3c95be27b9da4fee97aef23536f3da2297a17f8cd2264d387fa6d1fc6d4e0b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:39 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization

GET
H2 200 bid Show response
js.0322cfmtl.cc/ 349 B
761 B 280ms
280ms Script
application/json 43.198.73.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.0322cfmtl.cc/bid?url=https%3A%2F%2F8888xy0.icu%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=12154&rid=2032a0ae7aba6469eee26657c50bd55f&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: js.0322cfmtl.cc
URL: https://js.0322cfmtl.cc/slot?7255774253627174051-12154
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.198.73.176 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-198-73-176.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c0c22e9888e36394fbec79d79a55eaa5c5f9fd066126e4281dbe8dbd06d9f39c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 13:30:35 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 bid Show response
www.88lm12.com/ 349 B
703 B 1371ms
254ms Script
application/json 45.248.9.69
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.88lm12.com:866/bid?url=https%3A%2F%2F8888xy0.icu%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=4309&rid=20072ea07ee4efa732e8bc2584f54759&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: www.88lm15.com
URL: https://www.88lm15.com:866/slot?8225462100335650212-4309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.248.9.69 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: /
Resource Hash: 565260ed52ecaa53b4b7e7d33ad858ae9464894970bba73798f7d4ace1406720

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin
date: Thu, 23 May 2024 13:30:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json

GET
H/1.1 200
OK bid Show response
star.xfztgxt.com/ 351 B
891 B 1364ms
337ms Script
application/json 159.138.159.92
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://star.xfztgxt.com/bid?url=https%3A%2F%2F8888xy0.icu%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=31036&rid=789c1c6364d2b2c5c071fa0fd869659b&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: aba.hdjthzg.cn
URL: https://aba.hdjthzg.cn/slot?2377029035902478992-31036
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.138.159.92 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-159-138-159-92.compute.hwclouds-dns.com
Software: nginx /
Resource Hash: aeaf42780c28c5b72e852643bf66916dc83f9654d5af784f0d4e17ca71d6061c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://8888xy0.icu/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 13:30:36 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET,PUT, DELETE, UPDATE
Content-Type: application/json
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
Content-Length: 351

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.zjcm.com.srbzw.cn
URL: https://c.zjcm.com.srbzw.cn/jsym.php?id=6591

Domain: c.zjcm.com.srbzw.cn
URL: https://c.zjcm.com.srbzw.cn/jsym.php?id=6592

Domain: ksk.srbzw.cn
URL: https://ksk.srbzw.cn/jhc.php?id=5673

Domain: ewe.iew2l.jybaoxian.com
URL: https://ewe.iew2l.jybaoxian.com/slot?3625149486581983552-10112

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
js.0322cfmtl.cc/	1970-01-20 20:52:10	Name: geo Value: %E5%BE%B7%E5%9B%BD%2F%2F
js.0322cfmtl.cc/	1970-01-21 05:26:15	Name: oid Value: a2f6136f-1908-11ef-bbcd-0e35b896b5f4
www.88lm12.com/	1970-01-20 20:52:10	Name: geo Value: %E5%BE%B7%E5%9B%BD%2F%2F
www.88lm12.com/	1970-01-21 05:26:15	Name: oid Value: a3a9d3bd-1908-11ef-96d6-7845c4f8ebe7
adck.ttfdc.net/	1970-01-20 20:52:10	Name: geo Value: %E5%BE%B7%E5%9B%BD%2F%2F
adck.ttfdc.net/	1970-01-21 05:26:15	Name: oid Value: a55705b4-1908-11ef-81dc-44a842470231

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.zjcm.com.srbzw.cn/jsym.php?id=6591 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://c.zjcm.com.srbzw.cn/jsym.php?id=6592 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://ksk.srbzw.cn/jhc.php?id=5673 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://ewe.iew2l.jybaoxian.com/slot?3625149486581983552-10112 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://8888xy0.icu/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://8888xy0.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://8888xy0.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://8888xy0.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://8888xy0.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://8888xy0.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://8888xy0.icu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8888xy0.icu
aba.hdjthzg.cn
adck.ttfdc.net
adjs.mianyaojsj.com
c.zjcm.com.srbzw.cn
cdn06.mtv01.com
code28.dou01.com
ewe.iew2l.jybaoxian.com
js.0322cfmtl.cc
js.tkads.tk
ksk.srbzw.cn
star.xfztgxt.com
www.88lm12.com
www.88lm15.com
c.zjcm.com.srbzw.cn
ewe.iew2l.jybaoxian.com
ksk.srbzw.cn
154.12.88.38
154.91.91.15
154.91.91.9
159.138.159.92
188.114.96.3
188.114.97.3
2606:4700:20::ac43:443a
2606:4700:3035::6815:5ab8
43.198.73.176
45.113.202.42
45.248.9.69
012caa22763eb2816b588a35a119bedd7103b9e17853a4508315123cf3e2c6fd
09f26223031a3431685a87f9d40e20eeed95dc1305e7981d853b60855bd78c73
2c56961f9160c05b6b134f3ef742360005c07f8a06cf21e598d918e6d1d7c9ea
3c95be27b9da4fee97aef23536f3da2297a17f8cd2264d387fa6d1fc6d4e0b17
565260ed52ecaa53b4b7e7d33ad858ae9464894970bba73798f7d4ace1406720
751a72fd9891fc735dcce104e0ff93a4cfbe48ef1cb698ddf64b79b1b5d5181e
aeaf42780c28c5b72e852643bf66916dc83f9654d5af784f0d4e17ca71d6061c
bcbe0c6ea9b99945495b2d9fdb0cb105d285d60605bf3eca386ab2a49059c0c5
bda225f68b9be1faf3e30c8af354e2152cb00aeb30c71c3a98cb8d7577b03704
c0c22e9888e36394fbec79d79a55eaa5c5f9fd066126e4281dbe8dbd06d9f39c
cb6ec8fccaf256ebcf00a6d5078d035d2e338614498d79f8e11f991b50f05a69
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
fcb84c495c67b292466d8df436bba2f2b273ae8a013ffa8f5f3ee4211bd64897

8888xy0.icu Open in urlscan Pro 154.12.88.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

65 %HTTPS

18 %IPv6

13 Domains

14 Subdomains

12 IPs

5 Countries

108 kBTransfer

231 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

6 Cookies

11 Console Messages

Security Headers

Indicators

8888xy0.icu Open in urlscan Pro
154.12.88.38 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

65 %
HTTPS

18 %
IPv6

13
Domains

14
Subdomains

12
IPs

5
Countries

108 kB
Transfer

231 kB
Size

6
Cookies

17 HTTP transactions
0 data transactions