sqmfav.cc Open in urlscan Pro
2606:4700:3037::ac43:8161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sqmfav.cc/
Effective URL:
https://sqmfav.cc/55UuVVrueUN/
Submission: On May 26 via api (May 26th 2024, 5:08:04 am UTC) from BE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3037::ac43:8161, located in United States and belongs to CLOUDFLARENET, US. The main domain is sqmfav.cc.
TLS certificate: Issued by GTS CA 1P5 on May 19th 2024. Valid for: 3 months.

This is the only time sqmfav.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::ac43:8161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.219.71 172.67.219.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.129.97 172.67.129.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	4

2 2606:4700:3037::ac43:8161 (United States)

ASN13335 (CLOUDFLARENET, US)

sqmfav.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.219.71 (United States)

ASN13335 (CLOUDFLARENET, US)

www.58sj.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.129.97 (United States)

ASN13335 (CLOUDFLARENET, US)

sqmfav.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	sqmfav.cc sqmfav.cc	34 KB
3	58sj.cc www.58sj.cc	25 KB
8	2

	Domain	Requested by
4	sqmfav.cc	sqmfav.cc
3	www.58sj.cc	sqmfav.cc www.58sj.cc
8	2

This site contains no links.

Subject Issuer	Validity	Valid
sqmfav.cc GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
58sj.cc GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sqmfav.cc/55UuVVrueUN/
Frame ID: 37E70C57236D72424D92D8C0F80D4824
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

三零灵凌

Page URL History Show full URLs

http://sqmfav.cc/ HTTP 307
https://sqmfav.cc/ Page URL
https://sqmfav.cc/55UuVVrueUN/ Page URL

Page Statistics

8
Requests

88 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

59 kB
Transfer

221 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sqmfav.cc/ HTTP 307
https://sqmfav.cc/ Page URL
https://sqmfav.cc/55UuVVrueUN/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sqmfav.cc/ HTTP 307
https://sqmfav.cc/

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response sqmfav.cc/ Redirect Chain http://sqmfav.cc/ https://sqmfav.cc/	2 KB 1 KB	406ms 355ms	Document text/html	2606:4700:3037::ac43:8161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sqmfav.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8161 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a1f16049f265d2c7d2958a1fac00e2fa14ad9e88ecceafb19abce65eda43fe5c` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 889b3e9bbdd31973-FRA content-encoding br content-type text/html date Sun, 26 May 2024 05:07:57 GMT last-modified Thu, 23 May 2024 01:21:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAi3aF4sc7lggqYr67KxfC2I%2BSMQN9L33QKqQzeRmhiHwzbCW4%2BZ6axZx5mMbTelgAskReb%2F75hR0RNtT6c5NWKI2KH%2Fo2w3Y14hZl%2FZ1GHpfbA1CAFlT%2FCdoU3iA3PLIPnk2dssvpo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers Location https://sqmfav.cc/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	matomo.js www.58sj.cc/	65 KB 24 KB	61ms 35ms	Script application/javascript	172.67.219.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.58sj.cc/matomo.js Requested by Host: sqmfav.cc URL: https://sqmfav.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sqmfav.cc/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 05:07:57 GMT content-encoding gzip cf-cache-status HIT last-modified Sat, 09 Mar 2024 07:52:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 8563 etag W/"65ec1541-1042f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCuekPDZrlcLXuABGN%2BuFq%2FsTVNh%2F0osYKql2PLFlKC9KrLjUj5JDFmet5HOhIvPGfaz1CLwHkODEZ%2FJMRW%2Byb2iDxHKio6L56en6Nm1uKxSmgapMKFransZEedqTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 889b3e9e3a0a39ec-FRA alt-svc h3=":443"; ma=86400 expires Sun, 26 May 2024 14:45:14 GMT
GET H2	200	Primary Request / Show response sqmfav.cc/55UuVVrueUN/	5 KB 2 KB	359ms 358ms	Document text/html	2606:4700:3037::ac43:8161 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sqmfav.cc/55UuVVrueUN/ Requested by Host: sqmfav.cc URL: https://sqmfav.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8161 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `494ccc016ad996b5ebdc020ac6dd67edf355ff13e871e431e75ebf156b419715` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://sqmfav.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 889b3e9e28421973-FRA content-encoding br content-type text/html date Sun, 26 May 2024 05:07:58 GMT last-modified Mon, 20 May 2024 15:04:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZuwkNK4dt79OzCG6i84kzZWeS0QNFLfMZrGoML63KaLJ2qZddOObiToicCyFxX2%2FRZLrNYTvUHZU4aE4DJLp6X07RHc%2FA7Wz5uyXi35OVMulq6A%2FAbpM%2BqWNkhEMUoVEgT1UzSAsrTA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST		matomo.php www.58sj.cc/	0 0

GET H3	200	1.js Show response sqmfav.cc/55UuVVrueUN/static/js/	84 KB 30 KB	761ms 760ms	Script application/javascript	172.67.129.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sqmfav.cc/55UuVVrueUN/static/js/1.js Requested by Host: sqmfav.cc URL: https://sqmfav.cc/55UuVVrueUN/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sqmfav.cc/55UuVVrueUN/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 05:07:58 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 19 May 2024 21:02:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "15151-618d4e86c8a85-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=In%2BMPGqTleFz9oBqR34S3nEDGbTvd%2BgXOnY79vh9bS6Gu8Xg5LtGOxeRoAiGeUa39r8TOZZ4NzCtVgeLVzo1zvbxh6Y3Geja2ekY2GGwcpdZs3e2T8AYnCahMSM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 889b3ea06f3991d5-FRA alt-svc h3=":443"; ma=86400 content-length 30035
GET H3	200	matomo.js Show response www.58sj.cc/	65 KB 0	61ms 35ms	Script application/javascript	172.67.219.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.58sj.cc/matomo.js Requested by Host: sqmfav.cc URL: https://sqmfav.cc/55UuVVrueUN/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sqmfav.cc/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 05:07:57 GMT content-encoding gzip cf-cache-status HIT last-modified Sat, 09 Mar 2024 07:52:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 8563 etag W/"65ec1541-1042f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCuekPDZrlcLXuABGN%2BuFq%2FsTVNh%2F0osYKql2PLFlKC9KrLjUj5JDFmet5HOhIvPGfaz1CLwHkODEZ%2FJMRW%2Byb2iDxHKio6L56en6Nm1uKxSmgapMKFransZEedqTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 889b3e9e3a0a39ec-FRA alt-svc h3=":443"; ma=86400 expires Sun, 26 May 2024 14:45:14 GMT
POST H3	204	matomo.php www.58sj.cc/	0 415 B	209ms 208ms	Ping text/html	172.67.219.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.58sj.cc/matomo.php?action_name=%E4%B8%89%E9%9B%B6%E7%81%B5%E5%87%8C&idsite=108&rec=1&r=527761&h=7&m=7&s=58&url=https%3A%2F%2Fsqmfav.cc%2F55UuVVrueUN%2F&urlref=https%3A%2F%2Fsqmfav.cc%2F&_id=c7058c5b9211d705&_idn=0&cs=GBK&send_image=0&_refts=0&pv_id=9Ut8P4&pf_net=0&pf_srv=358&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: www.58sj.cc URL: https://www.58sj.cc/matomo.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.219.71 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://sqmfav.cc/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Sun, 26 May 2024 05:07:59 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2O6mgnAHU6rGFkKpy7Z4cZlcJ7Qp4%2B9nqbcHu3kyVjmlq7vvPCnVGtQ48D6fIfEaW1cg19vEPWzfwWR6eKzM9mQzxnT8HZDrSHqjEcIUKxVjD4jX39AqMnRwQNMIqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin https://sqmfav.cc access-control-allow-credentials true cf-ray 889b3ea57b9e39ec-FRA alt-svc h3=":443"; ma=86400
GET H3	404	favicon.ico sqmfav.cc/	255 B 619 B	362ms 362ms	Other text/html	172.67.129.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sqmfav.cc/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.129.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `428b194839b5c27630c1b1ab9cfa5daff8c6794dad40f8a5a4cb087de3265a76` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://sqmfav.cc/55UuVVrueUN/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 05:07:59 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWc0TQunr6LB4Knm0FM%2F1iWQl%2Bm9FjtgsaYhgLgroNbR8JOfOVd%2FZYR2G%2FTy%2F8d5u7aE4dmClzCreW6%2B30QR3Qde4X%2BZo8SllhJQ9oozGwAgHRH%2F50vY6bvdxNc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 889b3ea57a3691d5-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.58sj.cc
URL: https://www.58sj.cc/matomo.php?action_name=&idsite=108&rec=1&r=003079&h=7&m=7&s=57&url=https%3A%2F%2Fsqmfav.cc%2F&_id=c7058c5b9211d705&_idn=1&cs=windows-1252&send_image=0&_refts=0&pv_id=rKzW6C&pf_net=52&pf_srv=355&pf_tfr=1&pf_dm1=14&pf_dm2=10&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sqmfav.cc/	1970-01-21 06:17:35	Name: _pk_id.108.5008 Value: c7058c5b9211d705.1716700078.
			sqmfav.cc/	1970-01-20 20:51:41	Name: _pk_ses.108.5008 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sqmfav.cc/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sqmfav.cc
www.58sj.cc
www.58sj.cc
172.67.129.97
172.67.219.71
2606:4700:3037::ac43:8161
19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59
428b194839b5c27630c1b1ab9cfa5daff8c6794dad40f8a5a4cb087de3265a76
494ccc016ad996b5ebdc020ac6dd67edf355ff13e871e431e75ebf156b419715
a1f16049f265d2c7d2958a1fac00e2fa14ad9e88ecceafb19abce65eda43fe5c
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

sqmfav.cc Open in urlscan Pro 2606:4700:3037::ac43:8161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

88 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

4 IPs

1 Countries

59 kBTransfer

221 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

sqmfav.cc Open in urlscan Pro
2606:4700:3037::ac43:8161 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

59 kB
Transfer

221 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions