qp.microsoftwindowshello.com Open in urlscan Pro
154.9.28.182  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response qp.microsoftwindowshello.com/	12 KB 4 KB	798ms 171ms	Document text/html	154.9.28.182 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://qp.microsoftwindowshello.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.28.182 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software nginx / Resource Hash 31b1e093a2e13b8a077780db883ac1d50599628aa1e1332aa653e1018c7ea28c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Mon, 05 Aug 2024 16:24:37 GMT etag W/"66334105-30f3" last-modified Thu, 02 May 2024 07:30:13 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	style.css qp.microsoftwindowshello.com/statics/css/	2 KB 1 KB	173ms 171ms	Stylesheet text/css	154.9.28.182 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://qp.microsoftwindowshello.com/statics/css/style.css Requested by Host: qp.microsoftwindowshello.com URL: https://qp.microsoftwindowshello.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.28.182 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software nginx / Resource Hash 6e0271de7b349e08d4576a4f5e3a35adfbae56908a4af5b531bbeb7e2c112141 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qp.microsoftwindowshello.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 16:24:37 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 02 May 2024 07:16:42 GMT server nginx etag W/"66333dda-9b3" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 06 Aug 2024 04:24:37 GMT
GET H2	200	bc.css qp.microsoftwindowshello.com/statics/css/	5 KB 2 KB	174ms 173ms	Stylesheet text/css	154.9.28.182 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://qp.microsoftwindowshello.com/statics/css/bc.css Requested by Host: qp.microsoftwindowshello.com URL: https://qp.microsoftwindowshello.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.28.182 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software nginx / Resource Hash d43c55c044d543f98daf10351af8d954e35a9584d514ccb73e8179f132e5e062 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qp.microsoftwindowshello.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 16:24:37 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 02 May 2024 07:16:41 GMT server nginx etag W/"66333dd9-149c" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 06 Aug 2024 04:24:37 GMT
GET H2	200	logo.png qp.microsoftwindowshello.com/statics/img/	9 KB 10 KB	174ms 173ms	Image image/png	154.9.28.182 NETLAB-SDN
General Check archive.org Show headers Download Go to Show image Full URL https://qp.microsoftwindowshello.com/statics/img/logo.png Requested by Host: qp.microsoftwindowshello.com URL: https://qp.microsoftwindowshello.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.28.182 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software nginx / Resource Hash a0201e0e34ee9d4ba2e2f942df3d525778ffa930950da85356e352df0a93bd36 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qp.microsoftwindowshello.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 16:24:37 GMT strict-transport-security max-age=31536000 last-modified Thu, 02 May 2024 07:29:45 GMT server nginx etag "663340e9-2549" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 9545 expires Wed, 04 Sep 2024 16:24:37 GMT
GET H2	200	ff71bf62200b48a495fd913700512ac6.js Show response qp.microsoftwindowshello.com/statics/js/	298 KB 111 KB	500ms 500ms	Script application/javascript	154.9.28.182 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://qp.microsoftwindowshello.com/statics/js/ff71bf62200b48a495fd913700512ac6.js Requested by Host: qp.microsoftwindowshello.com URL: https://qp.microsoftwindowshello.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.28.182 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software nginx / Resource Hash 70fce501c32865eb08070f1b717d7bafb340863553d6af73bc388b0f2f370938 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qp.microsoftwindowshello.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 16:24:37 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 02 May 2024 07:16:46 GMT server nginx etag W/"66333dde-4a95a" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 06 Aug 2024 04:24:37 GMT
GET H2	200	2.jpg qp.microsoftwindowshello.com/statics/img/	318 KB 318 KB	414ms 414ms	Image image/jpeg	154.9.28.182 NETLAB-SDN
General Check archive.org Show headers Download Go to Show image Full URL https://qp.microsoftwindowshello.com/statics/img/2.jpg Requested by Host: qp.microsoftwindowshello.com URL: https://qp.microsoftwindowshello.com/statics/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.28.182 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software nginx / Resource Hash aa5fb335f62881967dae9aac370f075c615d899555dec5792bb560541a996ac9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qp.microsoftwindowshello.com/statics/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 05 Aug 2024 16:24:38 GMT strict-transport-security max-age=31536000 last-modified Thu, 02 May 2024 07:16:43 GMT server nginx etag "66333ddb-4f796" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 325526 expires Wed, 04 Sep 2024 16:24:38 GMT
POST H2	204	collect www.google-analytics.com/g/	0 263 B	80ms 29ms	Ping text/plain	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8N6WZMK3WY&gtm=45je44t0v9172274209za200&_p=1722875078481&gcd=13l3l3l3l1&npa=0&dma=0&cid=488607877.1722875080&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pscdl=noapi&_s=1&sid=1722875079&sct=1&seg=0&dl=https%3A%2F%2Fqp.microsoftwindowshello.com%2F&dt=%E7%86%8A%E7%8C%AB%E5%BD%B1%E8%A7%86%E5%8F%91%E5%B8%83%E9%A1%B5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2457 Requested by Host: qp.microsoftwindowshello.com URL: https://qp.microsoftwindowshello.com/statics/js/ff71bf62200b48a495fd913700512ac6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://qp.microsoftwindowshello.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 05 Aug 2024 16:24:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://qp.microsoftwindowshello.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.141414.cc/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.141414.cc

URL

https://www.141414.cc/

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer string| link_str object| links string| url object| query object| a object| t number| s number| countdown function| makeid function| getQueryString function| myTimer function| myCountdown string| url_with_params string| url_domain_only object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.microsoftwindowshello.com/	1970-01-21 08:10:35	Name: _ga Value: GA1.1.488607877.1722875080
			.microsoftwindowshello.com/	1970-01-21 08:10:35	Name: _ga_8N6WZMK3WY Value: GS1.1.1722875079.1.0.1722875079.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qp.microsoftwindowshello.com
www.141414.cc
www.google-analytics.com
www.141414.cc
154.9.28.182
2a00:1450:4001:81c::200e
31b1e093a2e13b8a077780db883ac1d50599628aa1e1332aa653e1018c7ea28c
6e0271de7b349e08d4576a4f5e3a35adfbae56908a4af5b531bbeb7e2c112141
70fce501c32865eb08070f1b717d7bafb340863553d6af73bc388b0f2f370938
a0201e0e34ee9d4ba2e2f942df3d525778ffa930950da85356e352df0a93bd36
aa5fb335f62881967dae9aac370f075c615d899555dec5792bb560541a996ac9
d43c55c044d543f98daf10351af8d954e35a9584d514ccb73e8179f132e5e062
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855