ad.xem388.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.xem388.com/
Effective URL:
https://ad.xem388.com/ads
Submission: On June 13 via api (June 13th 2024, 5:18:34 am UTC) from US — Scanned from NL

Summary HTTP 13 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 13 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ad.xem388.com.
TLS certificate: Issued by GTS CA 1P5 on May 31st 2024. Valid for: 3 months.

This is the only time ad.xem388.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700:10:... 2606:4700:10::6816:1490	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:2266	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	6

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ad.xem388.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1490 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f6cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2266 (United States)

ASN13335 (CLOUDFLARENET, US)

tinyuri.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1017	21 KB
4	tailwindcss.com 2 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 31506	110 KB
4	xem388.com ad.xem388.com	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	84 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	tinyuri.site tinyuri.site	39 KB
13	6

	Domain	Requested by
4	unpkg.com	2 redirects ad.xem388.com
4	cdn.tailwindcss.com	2 redirects ad.xem388.com
4	ad.xem388.com	unpkg.com ad.xem388.com
2	cdnjs.cloudflare.com	ad.xem388.com
2	fonts.googleapis.com	ad.xem388.com
1	tinyuri.site	ad.xem388.com
13	6

This site contains links to these domains. Also see Links.

Domain
dagatructiep.xn--6frz82g
oke179.cc

Subject Issuer	Validity	Valid
xem388.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
tinyuri.site E1	`2024-05-24` - `2024-08-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ad.xem388.com/ads
Frame ID: 9A153E1C31D6889D2DECC9FBE0FBE007
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ConGaDen.Com

Page URL History Show full URLs

https://ad.xem388.com/ Page URL
https://ad.xem388.com/ads Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

69 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

259 kB
Transfer

5102 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://dagatructiep.xn--6frz82g/
Title: CPC1

Search URL Search Domain Scan URL

URL: https://dagatructiep.xn--6frz82g/xem-da-ga-truc-tiep-cpc2/
Title: CPC2

Search URL Search Domain Scan URL

URL: https://dagatructiep.xn--6frz82g/xem-da-ga-truc-tiep-cpc3/
Title: CPC3

Search URL Search Domain Scan URL

URL: https://dagatructiep.xn--6frz82g/xem-da-ga-truc-tiep-cpc4/
Title: CPC4

Search URL Search Domain Scan URL

URL: https://dagatructiep.xn--6frz82g/xem-da-ga-cua-dao/
Title: Cựa dao

Search URL Search Domain Scan URL

URL: https://oke179.cc/
Title: Oke179

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.xem388.com/ Page URL
https://ad.xem388.com/ads Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.4

Request Chain 4

https://unpkg.com/htmx.org@1.9.6 HTTP 302
https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

Request Chain 9

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.4

Request Chain 10

https://unpkg.com/htmx.org@1.9.6 HTTP 302
https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
ad.xem388.com/ 2 KB
1 KB 1253ms
1204ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.xem388.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fa9a206ec9be41a03fc9b9244bf732154030348c9d23526de2bb668bf649f68

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 892f9ec0afa3043a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 05:18:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8a4%2Fr5286D9kZnW7Rq%2BHEpfVcyewTenwK4ip7SsXVFDtdvqSU18KjJ3y9FVcgw2CHiqAIHzZNo0NmXDXafEi55u%2FfnMn8MS%2BH6yW%2Bs14GuD6%2Bs26Ak%2FuXQBV8kIR47u"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
1 KB 94ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;0,1000;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900;1,1000&display=swap

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

458ab9d117b7d218dcc38ac546e9a5662de2e1291367354f898daec304349b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ad.xem388.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 04:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:18:29 GMT

GET
H3 200 full.min.css
cdnjs.cloudflare.com/ajax/libs/daisyui/4.10.3/ 2 MB
84 KB 180ms
152ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/daisyui/4.10.3/full.min.css

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a86d8aa3f7ca0a86c2ef3c6196b25959101d337285f89febda01b6a2c69641b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ad.xem388.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85593
last-modified: Wed, 01 May 2024 10:33:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "66321a62-14e59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8ZWJiPD4rHqJPefFHy5i5CJKGYeSKfkDXuXzcmyH%2F2Z%2FWxTIK0HySd5a86ejSD66XaEXNZ6VKmLODLBhbOb14gNqMh2tK7tEZ%2Bep50PY1mJqtRS9%2BBviOPS2QU8qWjOJw%2FKdS9U"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 892f9ec88fe39070-FRA
expires: Tue, 03 Jun 2025 05:18:29 GMT

GET
H2

200

3.4.4 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.4

357 KB
110 KB

42ms
40ms

Script
text/javascript

2606:4700:10::6816:1490
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.4

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/

Protocol

Server

2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ad.xem388.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: br
strict-transport-security: max-age=63072000
last-modified: Wed, 05 Jun 2024 17:22:22 GMT
x-vercel-id: cle1::iad1::6nxnc-1717608142397-53c7ff60a8be
cf-cache-status: HIT
age: 647293
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 892f9ec8ffe09764-FRA

Redirect headers

date: Thu, 13 Jun 2024 05:18:29 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-vercel-id: cle1::iad1::4v2g2-1718254911350-997a33409a9e
server: cloudflare
age: 600
x-vercel-cache: MISS
vary: Accept-Encoding
location: /3.4.4
cache-control: max-age=14400
cf-ray: 892f9ec8bfa89764-FRA

GET
H2

200

htmx.min.js Show response
unpkg.com/htmx.org@1.9.6/dist/
Redirect Chain

https://unpkg.com/htmx.org@1.9.6
https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

45 KB
21 KB

32ms
32ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb723c305cf6d6315c890909815523588509e2e092a59f8cfc4a885829689d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ad.xem388.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7907698
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWB5435WM5GDA05DZH6RGPQ-fra
server: cloudflare
etag: "b3dc-BNiLAwytQYKI/1Irrk3yUZQcUPE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 892f9ec90b3c972d-FRA

Redirect headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HRWM6BFWSPWD6JP8YK4BMPMA-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7898222
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /htmx.org@1.9.6/dist/htmx.min.js
cache-control: public, max-age=31536000
cf-ray: 892f9ec8baf8972d-FRA

GET
H3 404 favicon.ico
ad.xem388.com/ 0
400 B 1132ms
1132ms Other
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.xem388.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ad.xem388.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:18:30 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQdxnTdCgiB9j%2F2lFAqDPMcWFI07skHoPE4mSKMIBLw6PVF%2BgFvyzynnRQVqPl%2BDgoHLqBeBv9dj5dYRUVCbS2oo%2Fti2S9PFx16wnlsLeGniMhjedk5W7nktk%2F0jO4LZ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 892f9ecc39dd043a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ads Show response
ad.xem388.com/hx/ 76 B
451 B 1147ms
1146ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.xem388.com/hx/ads
Requested by: Host: unpkg.com
URL: https://unpkg.com/htmx.org@1.9.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6db9bd7b4e98ffd61c39fb95ce57b665cda489fa66d02e6d1b09c15f8e6f4ec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
HX-Current-URL: https://ad.xem388.com/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://ad.xem388.com/
HX-Request: true
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:18:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkyVEbag1uIrRqpOvPCZ%2FAp0AbjG52%2BD%2B1AHNsqmRLv4nJK8PDSpMUtGW3KYUcmVCktKmUpLu3vDL3eZTGsk8dnaRBi%2FaNr5edRemnl0cpimhyi9nleFD76RKtRLs0AN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 892f9ecdab42043a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request ads Show response
ad.xem388.com/ 3 KB
1 KB 1098ms
1097ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.xem388.com/ads
Requested by: Host: ad.xem388.com
URL: https://ad.xem388.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cbab831fc55240bedaafa9df474fc7a1af06e68912e201289d0ef4dc704297

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ad.xem388.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 892f9ed52ad1043a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 05:18:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHUAzJ4bdxBwjqJh8V1YQsg8cDVJHT2MSQ97TCHJF8gRdPaDycaul16PwLu6rN4645t30ig1lr6cUcMuU4MbjmxKdjZH%2BxGLV8sF%2Bn4n2OUV3KiMs%2BmXFDsqjixGJZK7"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
0 1ms
1ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;0,1000;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900;1,1000&display=swap

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/ads

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

458ab9d117b7d218dcc38ac546e9a5662de2e1291367354f898daec304349b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ad.xem388.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 04:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jun 2024 05:18:29 GMT

GET
H3 200 full.min.css
cdnjs.cloudflare.com/ajax/libs/daisyui/4.10.3/ 2 MB
0 2ms
2ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/daisyui/4.10.3/full.min.css

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/ads

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a86d8aa3f7ca0a86c2ef3c6196b25959101d337285f89febda01b6a2c69641b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ad.xem388.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85593
last-modified: Wed, 01 May 2024 10:33:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "66321a62-14e59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8ZWJiPD4rHqJPefFHy5i5CJKGYeSKfkDXuXzcmyH%2F2Z%2FWxTIK0HySd5a86ejSD66XaEXNZ6VKmLODLBhbOb14gNqMh2tK7tEZ%2Bep50PY1mJqtRS9%2BBviOPS2QU8qWjOJw%2FKdS9U"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 892f9ec88fe39070-FRA
expires: Tue, 03 Jun 2025 05:18:29 GMT

GET
H2

200

3.4.4 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.4

357 KB
0

0ms
0ms

Script
text/javascript

2606:4700:10::6816:1490
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tailwindcss.com/3.4.4
Requested by: Host: ad.xem388.com
URL: https://ad.xem388.com/ads
Protocol: H2
Server: 2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ad.xem388.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2024 17:22:22 GMT
x-vercel-id: cle1::iad1::6nxnc-1717608142397-53c7ff60a8be
server: cloudflare
age: 647293
x-vercel-cache: MISS
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 892f9ec8ffe09764-FRA

Redirect headers

date: Thu, 13 Jun 2024 05:18:29 GMT
cf-cache-status: HIT
x-vercel-id: cle1::iad1::4v2g2-1718254911350-997a33409a9e
server: cloudflare
age: 600
x-vercel-cache: MISS
vary: Accept-Encoding
location: /3.4.4
cache-control: max-age=14400
cf-ray: 892f9ec8bfa89764-FRA

GET
H2

200

htmx.min.js Show response
unpkg.com/htmx.org@1.9.6/dist/
Redirect Chain

https://unpkg.com/htmx.org@1.9.6
https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

45 KB
0

0ms
0ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/htmx.org@1.9.6/dist/htmx.min.js

Requested by

Host: ad.xem388.com
URL: https://ad.xem388.com/ads

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb723c305cf6d6315c890909815523588509e2e092a59f8cfc4a885829689d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://ad.xem388.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWB5435WM5GDA05DZH6RGPQ-fra
server: cloudflare
age: 7907698
x-content-type-options: nosniff
etag: "b3dc-BNiLAwytQYKI/1Irrk3yUZQcUPE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 892f9ec90b3c972d-FRA

Redirect headers

date: Thu, 13 Jun 2024 05:18:29 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HRWM6BFWSPWD6JP8YK4BMPMA-fra
x-content-type-options: nosniff
server: cloudflare
age: 7898222
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /htmx.org@1.9.6/dist/htmx.min.js
cache-control: public, max-age=31536000
cf-ray: 892f9ec8baf8972d-FRA

GET
H2 200 congaden.jpg
tinyuri.site/ads/ 39 KB
39 KB 1347ms
1175ms Image
image/jpeg 2606:4700:3031::6815:2266
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinyuri.site/ads/congaden.jpg
Requested by: Host: ad.xem388.com
URL: https://ad.xem388.com/ads
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2266 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c39bc7f54f3214439b8e43e153eef6ebe6ffb1226fc05be41d812cd7a430e18f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ad.xem388.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:18:33 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 28 May 2024 07:27:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hw4YT0Jhl1jD6392YiJjPlY9%2FZfkqSQXByqvE684ytT80tT%2BunAILhO7lT8Lco60Kml%2FaPDxwaowE%2FRv92WLIXlF%2BzbUrxgPDKJP4v9nS%2Fkpw32y2ZScAPcTk62vWBvXL6cO%2Bi3euj8njtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 892f9edd1e3630ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 39837

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ad.xem388.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.xem388.com
cdn.tailwindcss.com
cdnjs.cloudflare.com
fonts.googleapis.com
tinyuri.site
unpkg.com
104.17.24.14
188.114.97.3
2606:4700:10::6816:1490
2606:4700:3031::6815:2266
2606:4700::6811:f6cb
2a00:1450:4001:82f::200a
41cbab831fc55240bedaafa9df474fc7a1af06e68912e201289d0ef4dc704297
458ab9d117b7d218dcc38ac546e9a5662de2e1291367354f898daec304349b0b
4fa9a206ec9be41a03fc9b9244bf732154030348c9d23526de2bb668bf649f68
75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522
8a86d8aa3f7ca0a86c2ef3c6196b25959101d337285f89febda01b6a2c69641b
a6db9bd7b4e98ffd61c39fb95ce57b665cda489fa66d02e6d1b09c15f8e6f4ec
c39bc7f54f3214439b8e43e153eef6ebe6ffb1226fc05be41d812cd7a430e18f
cbb723c305cf6d6315c890909815523588509e2e092a59f8cfc4a885829689d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ad.xem388.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

69 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

4 Countries

259 kBTransfer

5102 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ad.xem388.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

69 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

259 kB
Transfer

5102 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions