0/100

low Risk

myany.gb.net

https://myany.gb.net

172.67.147.15 · Cloudflare, Inc.

Location

Toronto, Canada

Domain Age

10617 days

HTTP

200 · 25.5s

SSL

Valid· E7, Let's Encrypt, US

Status

COMPLETED

Redirect Chain (2 hops)

301https://myany.gb.net/

301https://creek.ru.com/

Visual Evidence

Zoom

Title: "EE88 MYANY | Link Đăng Ký EE88.COM 05/2025 Tặng Giftcode 8888$"

Save

Registered-domain escalation

Submit gb.net as the primary IOC, enriched with evidence from hostile subdomains like myany.gb.net.

KB/IOK Matches (0)—

No KB/IOK detections were recorded for this scan.

EE88

Unknown

happiness | technology | ecommerce · 6/3/2026

Summary

The scan shows a redirect from myany.gb.net to web-designer.uk.com, with page content and imagery advertising EE88 (EE88 MYANY) and giftcode offers. The final URL is not the same as the initial domain, and the visible branding on the target page references EE88, suggesting impersonation/brand-cloning rather than legitimate first-party surface. No explicit credential collection form is present in the static HTML, but the page loads numerous external assets and a POST to a Cloudflare URL, consistent with a dynamic landing page potentially used for phishing or advertising abuse. Risk indicators include a new SSL certificate (issued 6 days ago) on a domain involved in a redirect chain, a high external script count, and a final URL different from the submitted URL, all of which warrant heightened scrutiny for impersonation and misuse.

Evidence Summary

▸Observed 2 capture stage(s); canonical stage is settled_render.

▸POST targets observed during capture: https://web-designer.uk.com/cdn-cgi/rum?.

▸Distinctive asset clues: user-vite-3.js, jquery.min.js, flatsome.css, slider.css, banner-ee88vn-cx.webp, logo-ee88vn-cx.webp.

Capture

Stages: 2

Canonical: Settled Render

Changed: No

Credential Signals

Forms: 1

Password fields: 0

Late-stage login UI: No

Resource Signals

Resources: 74

Hosts: 5

Domains: 5

Suspicious Endpoints

hxxps://web-designer[.]uk[.]com/

Observed Signals (3)

Brand impersonation signals through EE88 branding on a page hosted at a different domain than the brand's typical domainRedirect chain from the initial domain to a third-party hosting domainDynamic content loading and tracking/telemetry scripts (Cloudflare beacon, various plugins) indicate a high degree of automation and potential data exfiltration risk

Observed Indicators (1)

▸Redirect chain: 301 from myany.gb.net to creek.ru.com, then 200 to web-designer.uk.com

Risk AssessmentUsed in abuse reports

The domain myany.gb.net redirects to a different domain (creek.ru.com) and ultimately serves a page branded with EE88/EE88 MYANY imagery on web-designer.uk.com. This combination of impersonation signals, a redirect chain to a non-official domain, and a high number of external resources suggests potential brand impersonation or phishing preparations. The absence of a visible login field in the static HTML does not remove concern, as SPAs may render forms client-side. Given the branding alignment with EE88 and the deceptive hosting pattern, this warrants further abuse action and monitoring. The presence of a Let's Encrypt certificate on a short-lived domain together with the WAF/CDN interactions strengthens the suspicion of misuse.

Recommended Action

Monitor

Cross-Reference8

URL Intelligence