www.y68dh1.vip Open in urlscan Pro
45.125.50.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://y68.com/
Effective URL:
https://www.y68dh1.vip:9999/
Submission: On February 21 via manual (February 21st 2023, 1:57:38 am UTC) from HK — Scanned from DE

Summary HTTP 14 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 45.125.50.72, located in Hong Kong and belongs to LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK. The main domain is www.y68dh1.vip.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on November 18th 2022. Valid for: a year.

This is the only time www.y68dh1.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	154.13.30.9 154.13.30.9	55799 (IPTELECOM...) (IPTELECOM-AP IPTELECOM ASIA)
1 1	45.248.11.14 45.248.11.14	137697 (CHINATELE...) (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province)
11	45.125.50.72 45.125.50.72	132325 (LEMON-AS-...) (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED)
14	3

1 154.13.30.9 (United States)

ASN55799 (IPTELECOM-AP IPTELECOM ASIA, MY)

y68.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.248.11.14 (China) 1 redirects

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)

6868shop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 45.125.50.72 (Hong Kong)

ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK)

www.y68dh1.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	y68dh1.vip www.y68dh1.vip	2 MB
1	6868shop.com 1 redirects 6868shop.com	226 B
1	y68.com y68.com	554 B
0	51.la Failed js.users.51.la Failed
0	keleyi.com Failed tool.keleyi.com Failed
14	5

	Domain	Requested by
11	www.y68dh1.vip	y68.com www.y68dh1.vip
1	6868shop.com	1 redirects
1	y68.com
0	js.users.51.la Failed	www.y68dh1.vip
0	tool.keleyi.com Failed	www.y68dh1.vip
14	5

This site contains links to these domains. Also see Links.

Domain
y68dh.com
6868238.com
6868696.com
p88848.com
p88856.com
p88835.com
p888010.com
y68kefu.vipxianlukefu.com
pb88.ac101.net
www.baidu.com
www.qq.com
www.ifeng.com
www.sohu.com
www.163.com
www.taobao.com
www.youku.com
www.jd.com
www.12306.cn
www.ctrip.com
www.4399.com
www.58.com
www.boc.cn
www.icbc.com.cn
www.ccb.com
www.95599.cn
www.psbc.com
www.cmbc.com.cn
www.cmbchina.com
www.cebbank.com
www.cib.com.cn
www.hxb.com.cn
www.bankcomm.com
www.cgbchina.com.cn
news.sina.com.cn
news.sohu.com
news.cntv.cn
www.huanqiu.com
www.xinhuanet.com
news.ifeng.com
news.qq.com
news.163.com
www.zaobao.com.sg
www.people.com.cn
www.china.com
news.baidu.com
www.iqiyi.com
www.kankan.com
www.letv.com
www.pptv.com
www.pps.tv

Subject Issuer	Validity	Valid
y68dh1.vip TrustAsia RSA DV TLS CA G2	`2022-11-18` - `2023-11-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.y68dh1.vip:9999/
Frame ID: 1F7B366CD2ECFB02A709B72490F01E93
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Galaxy澳门银河官网有限公司

Page URL History Show full URLs

http://y68.com/ Page URL
https://6868shop.com:8811/?u=http://y68.com/&p=/ HTTP 302
https://www.y68dh1.vip:9999/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

1693 kB
Transfer

1756 kB
Size

0
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://y68dh.com/
Title: 线路检测

Search URL Search Domain Scan URL

URL: https://6868238.com/
Title: 银河一站227ms

Search URL Search Domain Scan URL

URL: https://6868696.com/
Title: 银河二站207ms

Search URL Search Domain Scan URL

URL: https://p88848.com/
Title: 银河三站248ms

Search URL Search Domain Scan URL

URL: https://p88856.com/
Title: 银河四站130ms

Search URL Search Domain Scan URL

URL: https://p88835.com/
Title: 银河五站127ms

Search URL Search Domain Scan URL

URL: https://p888010.com/
Title: 银河六站222ms

Search URL Search Domain Scan URL

URL: https://y68kefu.vipxianlukefu.com/Web/im.aspx?_=t&accountid=118524
Title: 7x24客服 Online customer service

Search URL Search Domain Scan URL

URL: https://6868238.com/promo
Title: 最新优惠

Search URL Search Domain Scan URL

URL: https://6868238.com/signup
Title: 免费开户 Free open an account

Search URL Search Domain Scan URL

URL: http://6868238.com/
Title: 客户端下载

Search URL Search Domain Scan URL

URL: http://pb88.ac101.net/ub/cur/UB-Launcher.exe
Title: 寰宇浏览器下载

Search URL Search Domain Scan URL

URL: http://www.baidu.com/
Title: 百度

Search URL Search Domain Scan URL

URL: http://www.qq.com/
Title: 腾讯QQ

Search URL Search Domain Scan URL

URL: http://www.ifeng.com/
Title: 凤凰网

Search URL Search Domain Scan URL

URL: http://www.sohu.com/
Title: 搜狐

Search URL Search Domain Scan URL

URL: http://www.163.com/
Title: 网易

Search URL Search Domain Scan URL

URL: http://www.taobao.com/
Title: 淘宝

Search URL Search Domain Scan URL

URL: http://www.youku.com/
Title: 优酷

Search URL Search Domain Scan URL

URL: http://www.jd.com/
Title: 京东商城

Search URL Search Domain Scan URL

URL: http://www.12306.cn/
Title: 12306

Search URL Search Domain Scan URL

URL: http://www.ctrip.com/
Title: 携程网

Search URL Search Domain Scan URL

URL: http://www.4399.com/
Title: 4399小游戏

Search URL Search Domain Scan URL

URL: http://www.58.com/
Title: 58同城

Search URL Search Domain Scan URL

URL: http://www.boc.cn/
Title: 中国银行

Search URL Search Domain Scan URL

URL: http://www.icbc.com.cn/
Title: 工商银行

Search URL Search Domain Scan URL

URL: http://www.ccb.com/
Title: 建设银行

Search URL Search Domain Scan URL

URL: http://www.95599.cn/
Title: 农业银行

Search URL Search Domain Scan URL

URL: http://www.psbc.com/
Title: 邮政储蓄

Search URL Search Domain Scan URL

URL: http://www.cmbc.com.cn/
Title: 民生银行

Search URL Search Domain Scan URL

URL: http://www.cmbchina.com/
Title: 招商银行

Search URL Search Domain Scan URL

URL: http://www.cebbank.com/
Title: 光大银行

Search URL Search Domain Scan URL

URL: http://www.cib.com.cn/
Title: 兴业银行

Search URL Search Domain Scan URL

URL: http://www.hxb.com.cn/
Title: 华夏银行

Search URL Search Domain Scan URL

URL: http://www.bankcomm.com/
Title: 交通银行

Search URL Search Domain Scan URL

URL: http://www.cgbchina.com.cn/
Title: 广发银行

Search URL Search Domain Scan URL

URL: http://news.sina.com.cn/
Title: 新浪新闻

Search URL Search Domain Scan URL

URL: http://news.sohu.com/
Title: 搜狐新闻

Search URL Search Domain Scan URL

URL: http://news.cntv.cn/
Title: CCTV新闻

Search URL Search Domain Scan URL

URL: http://www.huanqiu.com/
Title: 环球时报

Search URL Search Domain Scan URL

URL: http://www.xinhuanet.com/
Title: 新华网

Search URL Search Domain Scan URL

URL: http://news.ifeng.com/
Title: 凤凰资讯

Search URL Search Domain Scan URL

URL: http://news.qq.com/
Title: 腾讯新闻

Search URL Search Domain Scan URL

URL: http://news.163.com/
Title: 网易新闻

Search URL Search Domain Scan URL

URL: http://www.zaobao.com.sg/
Title: 联合早报

Search URL Search Domain Scan URL

URL: http://www.people.com.cn/
Title: 人民网

Search URL Search Domain Scan URL

URL: http://www.china.com/
Title: 中华网

Search URL Search Domain Scan URL

URL: http://news.baidu.com/
Title: 百度新闻

Search URL Search Domain Scan URL

URL: http://www.iqiyi.com/
Title: 爱奇艺

Search URL Search Domain Scan URL

URL: http://www.kankan.com/
Title: 迅雷看看

Search URL Search Domain Scan URL

URL: http://www.letv.com/
Title: 乐视网

Search URL Search Domain Scan URL

URL: http://www.pptv.com/
Title: PPTV

Search URL Search Domain Scan URL

URL: http://www.pps.tv/
Title: PPS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://y68.com/ Page URL
https://6868shop.com:8811/?u=http://y68.com/&p=/ HTTP 302
https://www.y68dh1.vip:9999/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0 200
OK /
y68.com/ 425 B
554 B 900ms
165ms Document
text/html 154.13.30.9
IPTELECOM-AP IPTE...

General

Check archive.org

Show headers Download Go to

Full URL: http://y68.com/
Protocol: HTTP/1.0
Server: 154.13.30.9 , United States, ASN55799 (IPTELECOM-AP IPTELECOM ASIA, MY),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=259200
Connection: close
Content-Length: 425
Content-Type: text/html;charset=utf-8

GET
H/1.1

200
OK

Primary Request / Show response
www.y68dh1.vip/
Redirect Chain

https://6868shop.com:8811/?u=http://y68.com/&p=/
https://www.y68dh1.vip:9999/

13 KB
4 KB

830ms
220ms

Document
text/html

45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.y68dh1.vip:9999/

Requested by

Host: y68.com
URL: http://y68.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

9f4a8c8bc375de9df161d94569405e5a2c2dbada9998479bc8deef6885a0e383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://y68.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 21 Feb 2023 02:14:46 GMT
ETag: W/"637771db-3488"
Last-Modified: Fri, 18 Nov 2022 11:51:55 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Feb 2023 01:54:44 GMT
Location: https://www.y68dh1.vip:9999/
Server: nginx
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK css.css
www.y68dh1.vip/css/ 10 KB
2 KB 220ms
220ms Stylesheet
text/css 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.y68dh1.vip:9999/css/css.css

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

1b1334a1f42669b5614b5b0406caf6306271041e76aba507a6a6bdc3c681343b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:46 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2016 03:49:46 GMT
Server: nginx
ETag: W/"5853645a-273c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 21 Feb 2023 14:14:46 GMT

GET
H/1.1 200
OK jquery-2.1.1.min.js Show response
www.y68dh1.vip/js/ 82 KB
33 KB 443ms
443ms Script
application/javascript 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.y68dh1.vip:9999/js/jquery-2.1.1.min.js

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

e176dc8d5da626a295961c495ff00c67ac6dd9295677410f6e211537dfb3a1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:46 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2016 03:50:18 GMT
Server: nginx
ETag: W/"5853647a-14917"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Tue, 21 Feb 2023 14:14:46 GMT

GET /
tool.keleyi.com/ip/visitoriphost/ 0
0

GET
H/1.1 200
OK bg.png
www.y68dh1.vip/image/ 1 MB
1 MB 221ms
220ms Image
image/png 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/bg.png

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

2299e4a53f7fa79c29c7d847dbb81f22e63e29d4893a796f3406def39b28ea42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:46 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:51:24 GMT
Server: nginx
ETag: "585364bc-1714e0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1512672
Expires: Thu, 23 Mar 2023 02:14:46 GMT

GET
H/1.1 200
OK icon.png
www.y68dh1.vip/image/ 32 KB
32 KB 440ms
439ms Image
image/png 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/icon.png

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

cb2f30b2194e56012f931bbfc67a711da067f83dd9b42a5121352ae0cc50f5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:46 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:52:10 GMT
Server: nginx
ETag: "585364ea-7ed4"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32468
Expires: Thu, 23 Mar 2023 02:14:46 GMT

GET
H/1.1 200
OK logo.png
www.y68dh1.vip/image/ 48 KB
48 KB 662ms
220ms Image
image/png 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/logo.png

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

209c0886aaa4c7e1af85accaad6d404a3d0d226338d6b7cf9507acadf4ceea69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:47 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:52:46 GMT
Server: nginx
ETag: "5853650e-bf4f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48975
Expires: Thu, 23 Mar 2023 02:14:47 GMT

GET
H/1.1 200
OK main-bg-t.png
www.y68dh1.vip/image/ 1 KB
2 KB 666ms
222ms Image
image/png 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/main-bg-t.png

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

7051bbf4bb47db4ff93555e39c9432982db3baa4932c411bdf5d3b45f7cf3e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:47 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:53:06 GMT
Server: nginx
ETag: "58536522-59a"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1434
Expires: Thu, 23 Mar 2023 02:14:47 GMT

GET
H/1.1 200
OK btbg.png
www.y68dh1.vip/image/ 2 KB
3 KB 668ms
222ms Image
image/png 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/btbg.png

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

2a8b3b771fc0b7014fcbe44fa65b7ecdd1c438135f129d7a05baf3322b4fbddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:47 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:54:16 GMT
Server: nginx
ETag: "58536568-8fb"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2299
Expires: Thu, 23 Mar 2023 02:14:47 GMT

GET
H/1.1 200
OK icon.gif
www.y68dh1.vip/image/ 13 KB
13 KB 669ms
223ms Image
image/gif 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/icon.gif

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

98503ecdee186dd7fd76dd03d44c7fe3b9cd3a20ebe6b37210b69fa6dca86ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:47 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:54:30 GMT
Server: nginx
ETag: "58536576-331f"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13087
Expires: Thu, 23 Mar 2023 02:14:47 GMT

GET 19536907.js
js.users.51.la/ 0
0

GET
H/1.1 200
OK main-bg-b.png
www.y68dh1.vip/image/ 1 KB
2 KB 233ms
224ms Image
image/png 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/main-bg-b.png

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

133211cffc13d960d8659d1ba354a7ef67be02841baaf38bd7929b2ef2ee4d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:47 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:53:24 GMT
Server: nginx
ETag: "58536534-5a2"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1442
Expires: Thu, 23 Mar 2023 02:14:47 GMT

GET
H/1.1 200
OK bottom-logo.gif
www.y68dh1.vip/image/ 76 KB
76 KB 444ms
444ms Image
image/gif 45.125.50.72
LEMON-AS-AP LEMON...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.y68dh1.vip:9999/image/bottom-logo.gif

Requested by

Host: www.y68dh1.vip
URL: https://www.y68dh1.vip:9999/css/css.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.125.50.72 , Hong Kong, ASN132325 (LEMON-AS-AP LEMON TELECOMMUNICATIONS LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

1338ebee1a03b423976b038166baf129b0d45a053b296af3407bed19403c4a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.y68dh1.vip:9999/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 02:14:47 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 16 Dec 2016 03:54:50 GMT
Server: nginx
ETag: "5853658a-12f03"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77571
Expires: Thu, 23 Mar 2023 02:14:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tool.keleyi.com
URL: http://tool.keleyi.com/ip/visitoriphost/

Domain: js.users.51.la
URL: http://js.users.51.la/19536907.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.y68dh1.vip:9999/ Message: Mixed Content: The page at 'https://www.y68dh1.vip:9999/' was loaded over HTTPS, but requested an insecure script 'http://tool.keleyi.com/ip/visitoriphost/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.y68dh1.vip:9999/ Message: Mixed Content: The page at 'https://www.y68dh1.vip:9999/' was loaded over HTTPS, but requested an insecure script 'http://js.users.51.la/19536907.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6868shop.com
js.users.51.la
tool.keleyi.com
www.y68dh1.vip
y68.com
js.users.51.la
tool.keleyi.com
154.13.30.9
45.125.50.72
45.248.11.14
133211cffc13d960d8659d1ba354a7ef67be02841baaf38bd7929b2ef2ee4d18
1338ebee1a03b423976b038166baf129b0d45a053b296af3407bed19403c4a26
1b1334a1f42669b5614b5b0406caf6306271041e76aba507a6a6bdc3c681343b
209c0886aaa4c7e1af85accaad6d404a3d0d226338d6b7cf9507acadf4ceea69
2299e4a53f7fa79c29c7d847dbb81f22e63e29d4893a796f3406def39b28ea42
2a8b3b771fc0b7014fcbe44fa65b7ecdd1c438135f129d7a05baf3322b4fbddd
7051bbf4bb47db4ff93555e39c9432982db3baa4932c411bdf5d3b45f7cf3e88
98503ecdee186dd7fd76dd03d44c7fe3b9cd3a20ebe6b37210b69fa6dca86ad0
9f4a8c8bc375de9df161d94569405e5a2c2dbada9998479bc8deef6885a0e383
cb2f30b2194e56012f931bbfc67a711da067f83dd9b42a5121352ae0cc50f5ac
e176dc8d5da626a295961c495ff00c67ac6dd9295677410f6e211537dfb3a1e0

www.y68dh1.vip Open in urlscan Pro 45.125.50.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

3 Countries

1693 kBTransfer

1756 kBSize

0 Cookies

53 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.y68dh1.vip Open in urlscan Pro
45.125.50.72 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

1693 kB
Transfer

1756 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions