urlscan.io logo urlscan.io
SecurityTrails logo

h5.888.xn--j1amh Open in urlscan Pro Puny
h5.888.укр IDN
23.102.238.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://00994245.com/
Effective URL: https://h5.888.xn--j1amh/?cid=502729&type=2%C2%A4cy=CNY&id=50649520
Submission: On May 13 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 23.102.238.135, located in and belongs to . The main domain is h5.888.xn--j1amh.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 16th 2024. Valid for: 3 months.
This is the only time h5.888.xn--j1amh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.148.59.146 139659 (LUCID-AS-...)
1 23.102.238.135 ()
4 3
Apex Domain
Subdomains		 Transfer
2 00994245.com
00994245.com
2 KB
1
function sub() { [native code] }.
316 B
4 2
Domain Requested by
2 00994245.com
1 h5.888.xn--j1amh h5.888.xn--j1amh
4 2

This site contains no links.

Subject Issuer Validity Valid
888.xn--j1amh
ZeroSSL RSA Domain Secure Site CA		 2024-04-16 -
2024-07-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://h5.888.xn--j1amh/?cid=502729&type=2%C2%A4cy=CNY&id=50649520
Frame ID: 4FC19C9F1A25BB9A50C4F5DD874BE833
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://00994245.com/ HTTP 307
    https://00994245.com/ HTTP 307
    http://00994245.com/ Page URL
  2. https://h5.888.xn--j1amh/?cid=502729&type=2%C2%A4cy=CNY&id=50649520 Page URL

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

2 kB
Transfer

1 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://00994245.com/ HTTP 307
    https://00994245.com/ HTTP 307
    http://00994245.com/ Page URL
  2. https://h5.888.xn--j1amh/?cid=502729&type=2%C2%A4cy=CNY&id=50649520 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://00994245.com/ HTTP 307
  • https://00994245.com/ HTTP 307
  • http://00994245.com/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
00994245.com/
Redirect Chain
  • http://00994245.com/
  • https://00994245.com/
  • http://00994245.com/
107 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
http://00994245.com/
Protocol
HTTP/1.1
Server
103.148.59.146 , Hong Kong, ASN139659 (LUCID-AS-AP LUCIDACLOUD LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d9da879d4a12598a3fa2d8dbb2892a1d38fad5ba93316e37af9ccc0c027b1b8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
228
Content-Type
text/html
Date
Mon, 13 May 2024 04:56:47 GMT
ETag
"7a7f8d585a0da1:0"
Last-Modified
Tue, 07 May 2024 13:52:44 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Location
http://00994245.com/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
h5.888.xn--j1amh/ 		53 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://h5.888.xn--j1amh/?cid=502729&type=2%C2%A4cy=CNY&id=50649520
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.102.238.135 -, , ASN (),
Reverse DNS
Software
X-Y /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://00994245.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 05:05:46 GMT
server
X-Y
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-cache-status
MISS
favicon.ico
00994245.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://00994245.com/favicon.ico
Protocol
HTTP/1.1
Server
103.148.59.146 , Hong Kong, ASN139659 (LUCID-AS-AP LUCIDACLOUD LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://00994245.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Mon, 13 May 2024 04:56:47 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
1163
Content-Type
text/html
html.js
h5.888.xn--j1amh/_guard/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
h5.888.xn--j1amh
URL
https://h5.888.xn--j1amh/_guard/html.js?js=click_html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://00994245.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00994245.com
h5.888.xn--j1amh
h5.888.xn--j1amh
103.148.59.146
23.102.238.135
0d9da879d4a12598a3fa2d8dbb2892a1d38fad5ba93316e37af9ccc0c027b1b8