qq.com.xolaosp.xyz Open in urlscan Pro
67.21.87.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jump.xolaosp.xyz/
Effective URL:
https://qq.com.xolaosp.xyz/
Submission: On May 31 via api (May 31st 2024, 11:49:24 am UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 67.21.87.138, located in Los Angeles, United States and belongs to SHARKTECH, US. The main domain is qq.com.xolaosp.xyz.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.

This is the only time qq.com.xolaosp.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	67.21.87.138 67.21.87.138	46844 (SHARKTECH) (SHARKTECH)
6	2606:4700:311... 2606:4700:3110::6812:314a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.4.219.198 142.4.219.198	16276 (OVH) (OVH)
18	6

9 67.21.87.138 (Los Angeles, United States) 1 redirects

ASN46844 (SHARKTECH, US)
PTR: prot8.diplomaticrelation.com

jump.xolaosp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qq.com.xolaosp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3110::6812:314a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	xolaosp.xyz 1 redirects jump.xolaosp.xyz qq.com.xolaosp.xyz	72 KB
6	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 81544	157 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 13913 s4.histats.com — Cisco Umbrella Rank: 13947	5 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	94 KB
18	5

	Domain	Requested by
8	qq.com.xolaosp.xyz	qq.com.xolaosp.xyz
6	cdn.staticfile.org	qq.com.xolaosp.xyz cdn.staticfile.org
1	s4.histats.com	s10.histats.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s10.histats.com	qq.com.xolaosp.xyz
1	www.googletagmanager.com	qq.com.xolaosp.xyz
1	jump.xolaosp.xyz	1 redirects
18	7

This site contains links to these domains. Also see Links.

Domain
s5nu.cc
fby.xolaosp.xyz

Subject Issuer	Validity	Valid
fby.xolaosp.xyz R3	`2024-05-31` - `2024-08-29`	3 months	crt.sh
cdn.staticfile.org GTS CA 1P5	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
s10.histats.com E1	`2024-04-11` - `2024-07-10`	3 months	crt.sh
histats.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qq.com.xolaosp.xyz/
Frame ID: 338060DC8BDDCB57B307B4A002BD6F48
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

https://fby.xolaosp.xyz - 老色批 - 防封地址 - 牢记发布页，永不翻车

Page URL History Show full URLs

https://jump.xolaosp.xyz/ HTTP 302
https://qq.com.xolaosp.xyz/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

328 kB
Transfer

909 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://s5nu.cc/js.html?channelCode=dl439
Title: 抖阴app

Search URL Search Domain Scan URL

URL: https://fby.xolaosp.xyz/
Title: 前往6月最新网址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jump.xolaosp.xyz/ HTTP 302
https://qq.com.xolaosp.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qq.com.xolaosp.xyz/
Redirect Chain

https://jump.xolaosp.xyz/
https://qq.com.xolaosp.xyz/

74 KB
17 KB

365ms
310ms

Document
text/html

67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://qq.com.xolaosp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS: prot8.diplomaticrelation.com
Software: nginx /
Resource Hash: 1eb553c6494ca84a99f76060cc62f15ddb3606115eca03ee9285e46520e8df04

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 31 May 2024 11:49:18 GMT
server: nginx
vary: Accept-Encoding
x-cache: MISS

Redirect headers

content-length: 83
content-type: text/html; charset=utf-8
date: Fri, 31 May 2024 11:49:18 GMT
location: https://qq.com.xolaosp.xyz
server: nginx
x-cache: MISS

GET
H2 200 jquery.js Show response
qq.com.xolaosp.xyz/static/js/ 90 KB
36 KB 188ms
184ms Script
application/javascript 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/static/js/jquery.js

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 May 2023 01:36:38 GMT
server: nginx
etag: W/"645af526-169d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 01 Jun 2024 11:49:19 GMT

GET
H2 200 base64.js Show response
qq.com.xolaosp.xyz/static/js/ 4 KB
1 KB 311ms
308ms Script
application/javascript 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/static/js/base64.js

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

e6ec88e4cee1152f90c24304c77417f2ad048617479fec953c92536b4382f8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 May 2023 01:36:38 GMT
server: nginx
etag: W/"645af526-e6d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 01 Jun 2024 11:49:19 GMT

GET
H2 200 bulma.min.css
cdn.staticfile.org/bulma/0.9.1/css/ 199 KB
32 KB 93ms
29ms Stylesheet
text/css 2606:4700:3110::6812:314a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/bulma/0.9.1/css/bulma.min.css
Requested by: Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:314a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 512860
last-modified: Sat, 25 May 2024 09:27:40 GMT
server: cloudflare
etag: W/"6651af0c-31cfe"
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
x-cloud-fetchl: true
cf-ray: 88c6bd6cfd4d5ba1-VIE
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
expires: Sat, 31 May 2025 11:49:19 GMT

GET
H2 200 jquery.min.js Show response
cdn.staticfile.org/jquery/2.0.1/ 82 KB
32 KB 452ms
389ms Script
text/javascript 2606:4700:3110::6812:314a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/2.0.1/jquery.min.js
Requested by: Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:314a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e1354fc542b617c58cbba3aeb5116a528cf08bb1299f5dc7f3bc77a3b902b68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 11:49:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 88c6bd6cfd565ba1-VIE
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
expires: 0

GET
H2 200 all.min.css
cdn.staticfile.org/font-awesome/5.11.0/css/ 56 KB
14 KB 91ms
28ms Stylesheet
text/css 2606:4700:3110::6812:314a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.11.0/css/all.min.css
Requested by: Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:314a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae483e96b22708fa8261a54827b6265e207160d15cf49981eb111229d3bf505

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 35394
last-modified: Thu, 14 Dec 2023 23:42:21 GMT
server: cloudflare
etag: W/"657b92dd-de0a"
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
x-cloud-fetchl: true
cf-ray: 88c6bd6cfd505ba1-VIE
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
expires: Sat, 31 May 2025 11:49:19 GMT

GET
H2 200 style.css
qq.com.xolaosp.xyz/static/css/ 3 KB
1 KB 150ms
149ms Stylesheet
text/css 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/static/css/style.css

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

6a0abbb3e1bc93f9400edb91304ce14b932f517c34ee0d1fa6be83398a215e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 May 2023 01:36:38 GMT
server: nginx
etag: W/"645af526-bdd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Sat, 01 Jun 2024 11:49:19 GMT

GET
H2 200 layer.min.js Show response
cdn.staticfile.org/layer/3.1.1/mobile/ 3 KB
2 KB 429ms
366ms Script
text/javascript 2606:4700:3110::6812:314a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/layer/3.1.1/mobile/layer.min.js
Requested by: Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:314a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b092c6784f2ffe417b8b11cbff0b3495957a1b5a803177e5deea0a937ec7a296

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 11:49:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 88c6bd6cfd535ba1-VIE
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
expires: 0

GET
H2 200 cookie.min.js Show response
qq.com.xolaosp.xyz/static/js/ 2 KB
1 KB 150ms
150ms Script
application/javascript 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/static/js/cookie.min.js

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 May 2023 01:36:38 GMT
server: nginx
etag: W/"645af526-6ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 01 Jun 2024 11:49:19 GMT

GET
H2 200 masonry.pkgd.min.js Show response
qq.com.xolaosp.xyz/static/js/ 24 KB
8 KB 158ms
157ms Script
application/javascript 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/static/js/masonry.pkgd.min.js

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 May 2023 01:36:38 GMT
server: nginx
etag: W/"645af526-5e27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 01 Jun 2024 11:49:19 GMT

GET
H2 200 imagesloaded.pkgd.min.js Show response
qq.com.xolaosp.xyz/static/js/ 5 KB
2 KB 159ms
158ms Script
application/javascript 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/static/js/imagesloaded.pkgd.min.js

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 10 May 2023 01:36:38 GMT
server: nginx
etag: W/"645af526-15da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 01 Jun 2024 11:49:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
94 KB 58ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9KV4M583XK

Requested by

Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f15aff69e71742cf7d4322233488deeca5aecbbdf64f6b953c6ccb454b5b183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 31 May 2024 11:49:19 GMT

GET
H2 200 layer.css
cdn.staticfile.org/layer/3.1.1/mobile/need/ 5 KB
2 KB 27ms
27ms Stylesheet
text/css 2606:4700:3110::6812:314a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/layer/3.1.1/mobile/need/layer.css?2.0
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/layer/3.1.1/mobile/layer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:314a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 521863
last-modified: Sat, 25 May 2024 10:46:12 GMT
server: cloudflare
etag: W/"6651c174-148c"
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
x-cloud-fetchl: true
cf-ray: 88c6bd7079005ba1-VIE
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
expires: Sat, 31 May 2025 11:49:20 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 53ms
26ms Script
text/javascript 2606:4700:10::6814:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: qq.com.xolaosp.xyz
URL: https://qq.com.xolaosp.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 54516
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 88c6bd7099189764-FRA
content-length: 4547

GET
H2 200 fa-solid-900.woff2
cdn.staticfile.org/font-awesome/5.11.0/webfonts/ 74 KB
74 KB 727ms
676ms Font
font/woff2 2606:4700:3110::6812:314a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.11.0/webfonts/fa-solid-900.woff2
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/5.11.0/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:314a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b66d17c9e92ceca4906b7944b0ce1410f95fb8c056aa29261b478504608b329

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdn.staticfile.org/font-awesome/5.11.0/css/all.min.css
Origin: https://qq.com.xolaosp.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:20 GMT
cf-cache-status: MISS
content-length: 75736
last-modified: Thu, 30 May 2024 22:33:18 GMT
server: cloudflare
etag: "6658feae-127d8"
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
x-cloud-fetchl: true
accept-ranges: bytes
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
cf-ray: 88c6bd712e3b5b9d-VIE
expires: Sat, 31 May 2025 11:49:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9KV4M583XK&gtm=45je45t0v868541324za200&_p=1717156160069&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1601305964.1717156160&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717156160&sct=1&seg=0&dl=https%3A%2F%2Fqq.com.xolaosp.xyz%2F&dt=https%3A%2F%2Ffby.xolaosp.xyz%20-%20%E8%80%81%E8%89%B2%E6%89%B9%20-%20%E9%98%B2%E5%B0%81%E5%9C%B0%E5%9D%80%20-%20%E7%89%A2%E8%AE%B0%E5%8F%91%E5%B8%83%E9%A1%B5%EF%BC%8C%E6%B0%B8%E4%B8%8D%E7%BF%BB%E8%BD%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1911
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KV4M583XK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 11:49:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qq.com.xolaosp.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 286ms
93ms Script
text/html 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4872077&@f16&@g1&@h1&@i1&@j1717156160158&@k0&@l1&@mhttps%3A%2F%2Ffby.xolaosp.xyz%20-%20%E8%80%81%E8%89%B2%E6%89%B9%20-%20%E9%98%B2%E5%B0%81%E5%9C%B0%E5%9D%80%20-%20%E7%89%A2%E8%AE%B0%E5%8F%91%E5%B8%83%E9%A1%B5%EF%BC%8C%E6%B0%B8%E4%B8%8D%E7%BF%BB%E8%BD%A6&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:96214735&@b3:1717156160&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fqq.com.xolaosp.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 8643cc4807af7b4f8950db8a9483b8552a02d20d4f170827a6e09b7cf37496f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 11:49:20 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 favicon.ico
qq.com.xolaosp.xyz/ 5 KB
5 KB 148ms
147ms Other
image/x-icon 67.21.87.138
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL

https://qq.com.xolaosp.xyz/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.21.87.138 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

prot8.diplomaticrelation.com

Software

nginx /

Resource Hash

c7c3f9487c37bdc72ca9482d32498eb924491a747a106587f0beaa5c0eecf406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://qq.com.xolaosp.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 11:49:20 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 31 May 2024 07:18:17 GMT
server: nginx
etag: "665979b9-12d9"
content-type: image/x-icon
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4825
expires: Sat, 01 Jun 2024 11:49:20 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xolaosp.xyz/	1970-01-21 06:35:16	Name: _ga Value: GA1.1.1601305964.1717156160
.xolaosp.xyz/	1970-01-21 06:35:16	Name: _ga_9KV4M583XK Value: GS1.1.1717156160.1.0.1717156160.0.0.0
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstCfa4872077 Value: 1717156160158
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstCla4872077 Value: 1717156160158
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstCmu4872077 Value: 1717156160158
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstPn4872077 Value: 1
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstPt4872077 Value: 1
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstCnv4872077 Value: 1
qq.com.xolaosp.xyz/	1970-01-21 05:44:52	Name: HstCns4872077 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://qq.com.xolaosp.xyz/(Line 21) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.staticfile.org/jquery/2.0.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://qq.com.xolaosp.xyz/(Line 21) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.staticfile.org/layer/3.1.1/mobile/layer.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.staticfile.org
jump.xolaosp.xyz
qq.com.xolaosp.xyz
region1.google-analytics.com
s10.histats.com
s4.histats.com
www.googletagmanager.com
142.4.219.198
2001:4860:4802:34::36
2606:4700:10::6814:1247
2606:4700:3110::6812:314a
2a00:1450:4001:82f::2008
67.21.87.138
0b66d17c9e92ceca4906b7944b0ce1410f95fb8c056aa29261b478504608b329
1eb553c6494ca84a99f76060cc62f15ddb3606115eca03ee9285e46520e8df04
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f15aff69e71742cf7d4322233488deeca5aecbbdf64f6b953c6ccb454b5b183
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4e1354fc542b617c58cbba3aeb5116a528cf08bb1299f5dc7f3bc77a3b902b68
58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033
6a0abbb3e1bc93f9400edb91304ce14b932f517c34ee0d1fa6be83398a215e36
6ae483e96b22708fa8261a54827b6265e207160d15cf49981eb111229d3bf505
8643cc4807af7b4f8950db8a9483b8552a02d20d4f170827a6e09b7cf37496f0
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
b092c6784f2ffe417b8b11cbff0b3495957a1b5a803177e5deea0a937ec7a296
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c7c3f9487c37bdc72ca9482d32498eb924491a747a106587f0beaa5c0eecf406
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ec88e4cee1152f90c24304c77417f2ad048617479fec953c92536b4382f8ed
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

qq.com.xolaosp.xyz Open in urlscan Pro 67.21.87.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

67 %IPv6

5 Domains

7 Subdomains

6 IPs

3 Countries

328 kBTransfer

909 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

9 Cookies

2 Console Messages

Indicators

qq.com.xolaosp.xyz Open in urlscan Pro
67.21.87.138 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

328 kB
Transfer

909 kB
Size

9
Cookies

18 HTTP transactions
0 data transactions