urlscan.io logo urlscan.io
SecurityTrails logo

hellboy.lol Open in urlscan Pro
3.124.100.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hellboy.lol/
Effective URL: https://hellboy.lol/
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 3.124.100.143, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is hellboy.lol.
TLS certificate: Issued by E5 on November 21st 2024. Valid for: 3 months.
This is the only time hellboy.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 3.124.100.143 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.26.13.205 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:4780:2b:... 47583 (AS-HOSTIN...)
12 5
6    3.124.100.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
hellboy.lol
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)
ipapi.co
2    2a02:4780:2b:1667:0:19f1:59e9:2 (Boston, United States)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)
sura.lol
Apex Domain
Subdomains		 Transfer
6 hellboy.lol
hellboy.lol
217 KB
2 sura.lol
sura.lol
269 B
2 gstatic.com
www.gstatic.com
59 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 15653
1 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
317 B
12 5
Domain Requested by
6 hellboy.lol hellboy.lol
2 sura.lol hellboy.lol
2 www.gstatic.com hellboy.lol
1 ipapi.co hellboy.lol
1 api.ipify.org hellboy.lol
12 5

This site contains no links.

Subject Issuer Validity Valid
hellboy.lol
E5		 2024-11-21 -
2025-02-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
ipify.org
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
ipapi.co
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
sura.lol
R11		 2024-11-19 -
2025-02-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hellboy.lol/
Frame ID: 7656528AD7FBAC070EFDD4540AE3BAD0
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

hellboy

Page URL History Show full URLs

  1. http://hellboy.lol/ HTTP 307
    https://hellboy.lol/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

277 kB
Transfer

426 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hellboy.lol/ HTTP 307
    https://hellboy.lol/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hellboy.lol/
Redirect Chain
  • http://hellboy.lol/
  • https://hellboy.lol/
2 KB
908 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.100.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
a2ffab677bd387caf4033e17a562001d761f03330eb3a5ce6498897341b790ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=miss
content-encoding
br
content-length
665
content-type
text/html; charset=UTF-8
date
Sat, 21 Dec 2024 12:26:39 GMT
etag
"7b4a653da1b2bb9a45583f670c46c80f-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01JFMJY7GTTWPC6GH4SM6MWWCA

Redirect headers

Location
https://hellboy.lol/
Non-Authoritative-Reason
HttpsUpgrades
index.css
hellboy.lol/ 		883 B
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hellboy.lol/index.css
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.100.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
516fdf7aca238ec6a36e1e19329809abaf8628d86d08a65dab0dff69ea59aaa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"afdf4cfde4c7e1ae4625e1121916837b-ssl"
age
0
accept-ranges
bytes
content-length
883
x-nf-request-id
01JFMJY7Q8P2HP09YTYHD0JVQ2
cache-status
"Netlify Edge"; fwd=miss
date
Sat, 21 Dec 2024 12:26:39 GMT
content-type
text/css; charset=UTF-8
server
Netlify
firebase-app.js
www.gstatic.com/firebasejs/8.10.0/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

content-encoding
gzip
age
399364
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 21:30:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 21:30:35 GMT
last-modified
Thu, 19 Aug 2021 20:25:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
7003
x-xss-protection
0
server
sffe
firebase-database.js
www.gstatic.com/firebasejs/8.10.0/ 		183 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-database.js
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f10791f42de6c8708ada99086c3469eebb1dd55d4aa872dfb9848ddf19dcd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

content-encoding
gzip
age
357055
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:15:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:15:44 GMT
last-modified
Thu, 19 Aug 2021 20:25:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
52327
x-xss-protection
0
server
sffe
explosion.gif
hellboy.lol/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellboy.lol/explosion.gif
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.100.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
9cc329b1c32ef9472824790f49aa0fc371c0003199997c97b6641d1438f04819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"0bcb1fd609e2b0062a6fbbd452ee8ab2-ssl"
age
2
accept-ranges
bytes
content-length
157278
x-nf-request-id
01JFMJY7Q8388QA8A0ANB505MX
cache-status
"Netlify Edge"; fwd=miss
date
Sat, 21 Dec 2024 12:26:40 GMT
content-type
image/gif
server
Netlify
fake-ascii.png
hellboy.lol/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hellboy.lol/fake-ascii.png
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.100.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
8d2c05deecc9821786a87c1d24329b8a05ab800d1855aa947008368bd0050dd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
etag
"4ebce614c7ee1a8aa2a6c302ed8ed42f-ssl"
age
0
accept-ranges
bytes
content-length
60469
x-nf-request-id
01JFMJY7Q94PGYXJZG48C4VJ2B
cache-status
"Netlify Edge"; fwd=miss
date
Sat, 21 Dec 2024 12:26:39 GMT
content-type
image/png
server
Netlify
xd.js
hellboy.lol/ 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hellboy.lol/xd.js
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.100.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
75c80b7e204638b99a667b3b310230cea7843907f0c1de389bdbae9d57876e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
"92117ac577949fcf92865ac220134d85-ssl-df"
age
1
accept-ranges
bytes
content-length
507
x-nf-request-id
01JFMJY7WRX77T15MB8BXWR54Y
cache-status
"Netlify Edge"; fwd=miss
date
Sat, 21 Dec 2024 12:26:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
/
api.ipify.org/ 		22 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/xd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc407e5adc5cf3157252509e6e3ede00ea47377ce57fa5d10fb0e48b88af970d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f57dca10bc2bba9-FRA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=28772&min_rtt=17062&rtt_var=11078&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4055&recv_bytes=2292&delivery_rate=157379&cwnd=240&unsent_bytes=0&cid=43f62006e887b1d8&ts=122&x=0"
content-length
22
date
Sat, 21 Dec 2024 12:26:40 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
ipapi.co/78.159.108.10/json/ 		754 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/78.159.108.10/json/
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/xd.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7755976fae93f3f17426a59d51dfa4146f8be5f0346f723ad45a6e15eeb377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgDaVaREuQAt9J7xbs%2BfbvRovMg5%2FdPRmw7DXJ9p0vNiYFuvOZ9juWUtAM6Awmz15us%2FfQR%2BTLPcFqIB60nWckHZN0AKV3PW03Budmh071O6rXneKKJ5DtUKlhp1%2F2RRL%2But0VJx"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=30811&min_rtt=28219&rtt_var=8027&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3359&recv_bytes=2274&delivery_rate=114212&cwnd=246&unsent_bytes=0&cid=e71d3b602321d3d4&ts=255&x=0"
date
Sat, 21 Dec 2024 12:26:40 GMT
content-type
application/json
vary
Host, origin
x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
POST, OPTIONS, GET, HEAD, OPTIONS
cf-ray
8f57dca25bdc65cd-FRA
access-control-allow-origin
https://hellboy.lol
server
cloudflare
favicon.ico
hellboy.lol/ 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hellboy.lol/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.100.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-100-143.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
8514f0009a58c6e0acb5468f88037732b59b70af5e524f452e3bef8fb33effc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hellboy.lol/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=0,must-revalidate
content-encoding
br
etag
1721861219-ssl-df
age
0
x-nf-request-id
01JFMJY89NYSBS2EZMZRH1JZ25
cache-status
"Netlify Edge"; fwd=miss
date
Sat, 21 Dec 2024 12:26:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Netlify
676680d69c85f
sura.lol/api/ 		238 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sura.lol/api/676680d69c85f
Requested by
Host: hellboy.lol
URL: https://hellboy.lol/xd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1667:0:19f1:59e9:2 Boston, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
883ffda7b91261fd3288706c7f4cd0c2313afbbf6343d0c0cc10d70e9e607e84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://hellboy.lol/

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-length
190
date
Sat, 21 Dec 2024 12:26:41 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
LiteSpeed
access-control-allow-headers
Content-Type
676680d69c85f
sura.lol/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sura.lol/api/676680d69c85f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:2b:1667:0:19f1:59e9:2 Boston, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hellboy.lol
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 21 Dec 2024 12:26:40 GMT
server
LiteSpeed

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| firebase

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://hellboy.lol/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000