urlscan.io logo urlscan.io
SecurityTrails logo

xlsgame.com Open in urlscan Pro
156.241.124.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jpr888.asia/
Effective URL: https://xlsgame.com/
Submission Tags: phishingrod
Submission: On December 16 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 156.241.124.200, located in and belongs to . The main domain is xlsgame.com.
TLS certificate: Issued by R3 on December 10th 2023. Valid for: 3 months.
This is the only time xlsgame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 156.241.123.164 135097 (MYCLOUD-A...)
2 203.107.86.226 37963 (ALIBABA-C...)
1 156.241.124.200 ()
21 4
Apex Domain
Subdomains		 Transfer
3 jpr888.asia
jpr888.asia
25 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 72682
collect-v6.51.la — Cisco Umbrella Rank: 74531
13 KB
1 xlsgame.com
xlsgame.com
21 3
Domain Requested by
3 jpr888.asia jpr888.asia
1 xlsgame.com jpr888.asia
xlsgame.com
1 collect-v6.51.la sdk.51.la
1 sdk.51.la jpr888.asia
xlsgame.com
21 4

This site contains no links.

Subject Issuer Validity Valid
1111modruba.buzz
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-20 -
2024-05-21		 a year crt.sh
xlsgame.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xlsgame.com/
Frame ID: FE2C5D61BFEF7E5ADE84CB1EF55C8CC3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://jpr888.asia/ Page URL
  2. https://xlsgame.com/ Page URL

Page Statistics

21
Requests

29 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

38 kB
Transfer

109 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jpr888.asia/ Page URL
  2. https://xlsgame.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
jpr888.asia/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jpr888.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.241.123.164 , Hong Kong, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
856a2cdc06395fa6c284620d4783004061aedc73f4dffe66e9e92da76540e44c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1557
content-type
text/html
date
Sat, 16 Dec 2023 02:06:21 GMT
etag
"1ff98df6292bda1:0"
last-modified
Sun, 10 Dec 2023 05:30:19 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=0
vary
Accept-Encoding
x-powered-by
ASP.NET
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: jpr888.asia
URL: https://jpr888.asia/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jpr888.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 02:06:23 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
logo.png
jpr888.asia/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jpr888.asia/logo.png
Requested by
Host: jpr888.asia
URL: https://jpr888.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.241.123.164 , Hong Kong, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70f4144168ecdfc32459ab37d5bbae98667fd8d3c11cc6d9913b5c4cdbb7fa9f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jpr888.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=0
date
Sat, 16 Dec 2023 02:06:22 GMT
last-modified
Mon, 06 Mar 2023 22:26:44 GMT
server
Microsoft-IIS/10.0
etag
"967a5cbb7a50d91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
10996
loading.gif
jpr888.asia/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jpr888.asia/loading.gif
Requested by
Host: jpr888.asia
URL: https://jpr888.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.241.123.164 , Hong Kong, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e075ecd6d4df0e289dda0525e9c1974d2d4534762c819e7bc04e693698e4efe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jpr888.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=0
date
Sat, 16 Dec 2023 02:06:22 GMT
last-modified
Mon, 18 Sep 2023 10:41:25 GMT
server
Microsoft-IIS/10.0
etag
"d6c5dac1cead91:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
12397
collect
collect-v6.51.la/v6/ 		0
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jpr888.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://jpr888.asia
Date
Sat, 16 Dec 2023 02:06:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Primary Request /
xlsgame.com/ 		50 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xlsgame.com/
Requested by
Host: jpr888.asia
URL: https://jpr888.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.241.124.200 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / PHP/7.4.28 ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://jpr888.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
14887
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 02:06:25 GMT
link
<https://xlsgame.com/wp-json/>; rel="https://api.w.org/"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=0
vary
Accept-Encoding
x-powered-by
PHP/7.4.28 ASP.NET
fonts.css
xlsgame.com/wp-content/themes/modown/static/css/ 		0
0
base.css
xlsgame.com/wp-content/themes/modown/static/css/ 		0
0
yop-poll-public-6.5.31.css
xlsgame.com/wp-content/plugins/yop-poll-pro/public/assets/css/ 		0
0
jquery.min.js
xlsgame.com/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
xlsgame.com/wp-includes/js/jquery/ 		0
0
1.jpg
xlsgame.com/wp-content/uploads/2023/bz/ 		0
0
2.jpg
xlsgame.com/wp-content/uploads/2023/bz/ 		0
0
3.jpg
xlsgame.com/wp-content/uploads/2023/bz/ 		0
0
thumbnail.png
xlsgame.com/wp-content/themes/modown/static/img/ 		0
0
XACG-logo-70.png
xlsgame.com/ 		0
0
erphpdown.js
xlsgame.com/wp-content/plugins/erphpdown/static/ 		0
0
lib.js
xlsgame.com/wp-content/themes/modown/static/js/ 		0
0
base.js
xlsgame.com/wp-content/themes/modown/static/js/ 		0
0
yop-poll-public-6.5.31.min.js
xlsgame.com/wp-content/plugins/yop-poll-pro/public/assets/js/ 		0
0
js-sdk-pro.min.js
sdk.51.la/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/themes/modown/static/css/fonts.css?ver=8.831
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/themes/modown/static/css/base.css?ver=8.831
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/plugins/yop-poll-pro/public/assets/css/yop-poll-public-6.5.31.css?ver=6.4.2
Domain
xlsgame.com
URL
https://xlsgame.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Domain
xlsgame.com
URL
https://xlsgame.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/uploads/2023/bz/1.jpg
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/uploads/2023/bz/2.jpg
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/uploads/2023/bz/3.jpg
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/themes/modown/static/img/thumbnail.png
Domain
xlsgame.com
URL
https://xlsgame.com/XACG-logo-70.png
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/plugins/erphpdown/static/erphpdown.js?ver=16.21
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/themes/modown/static/js/lib.js?ver=8.831
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/themes/modown/static/js/base.js?ver=8.831
Domain
xlsgame.com
URL
https://xlsgame.com/wp-content/plugins/yop-poll-pro/public/assets/js/yop-poll-public-6.5.31.min.js?ver=6.4.2
Domain
sdk.51.la
URL
https://sdk.51.la/js-sdk-pro.min.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Domain/Path Name / Value
jpr888.asia/ Name: __vtins__K7hRQwJ1O2WauUJJ
Value: %7B%22sid%22%3A%20%22d0aa3041-a131-5532-b151-85d4aaeacd24%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201702694183993%2C%20%22ct%22%3A%201702692383993%7D
jpr888.asia/ Name: __51uvsct__K7hRQwJ1O2WauUJJ
Value: 1
jpr888.asia/ Name: __51vcke__K7hRQwJ1O2WauUJJ
Value: f01c4125-b89c-53b9-b01e-1d66e796905d
jpr888.asia/ Name: __51vuft__K7hRQwJ1O2WauUJJ
Value: 1702692383995

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0