za.azqq.online Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thruss.com/prod/ngo.html?lu=http%3A%2F%2Fwww.oxfoadv.store%2F%3Fs%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26...
Effective URL:
https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV4...
Submission: On March 09 via manual (March 9th 2023, 6:49:27 pm UTC) from NL — Scanned from NL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is za.azqq.online. The Cisco Umbrella rank of the primary domain is 995690.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time za.azqq.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:970e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 10	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
9	3

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

thruss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:970e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.oxfoadv.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3120::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

za.azqq.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	azqq.online 3 redirects za.azqq.online — Cisco Umbrella Rank: 995690	45 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	oxfoadv.store 1 redirects www.oxfoadv.store	910 B
1	thruss.com thruss.com	1 KB
9	4

	Domain	Requested by
10	za.azqq.online	3 redirects thruss.com za.azqq.online
1	fonts.gstatic.com	za.azqq.online
1	www.oxfoadv.store	1 redirects
1	thruss.com
9	4

This site contains no links.

Subject Issuer	Validity	Valid
*.thruss.com GTS CA 1P5	`2023-03-04` - `2023-06-02`	3 months	crt.sh
*.azqq.online GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Frame ID: 003CB7F8C84D6BABE033913D6F52C31F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File Download

Page URL History Show full URLs

https://thruss.com/prod/ngo.html?lu=http%3A%2F%2Fwww.oxfoadv.store%2F%3Fs%3Da0203fd8fb08f2bc24b... Page URL
http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5 HTTP 302
http://za.azqq.online/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=167838711810... HTTP 301
https://za.azqq.online/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=167838711810... HTTP 302
http://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=16... HTTP 301
https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=16... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

60 kB
Transfer

72 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thruss.com/prod/ngo.html?lu=http%3A%2F%2Fwww.oxfoadv.store%2F%3Fs%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D1678387118100010TNLTV414732905624V5 Page URL
http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5 HTTP 302
http://za.azqq.online/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5 HTTP 301
https://za.azqq.online/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5 HTTP 302
http://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5 HTTP 301
https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ngo.html
thruss.com/prod/ 626 B
1 KB 118ms
39ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thruss.com/prod/ngo.html?lu=http%3A%2F%2Fwww.oxfoadv.store%2F%3Fs%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D1678387118100010TNLTV414732905624V5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 1351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7a557f5bae9cb79d-AMS
content-encoding: br
content-type: text/html
date: Thu, 09 Mar 2023 18:49:22 GMT
expires: Thu, 09 Mar 2023 19:26:51 GMT
last-modified: Tue, 12 Apr 2022 06:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q2qi273yhXjRhc1ZYIqP9qmQ07K1G8qVuwLaH%2FUJLMvWkflBJPTA0rWADQql4U5DoSM31ZiE53dJfg60WH3UyryFhL%2FQOc%2FH825DfL4%2FVxSatq6BDbbAWFqQG67bqYSwnemlNWHzoE0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Goog-Allowed-Resources
x-goog-generation: 1649745940341770
x-goog-hash: crc32c=+jeBsA== md5=dl7RxfSqF7bBsUuXyu69Eg==
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 626
x-guploader-uploadid: ADPycdsc_yUU8gDj5i8mkCE8ewdu5n6_M-UWXcuVnhhri4tT1jKhnQrjj6jXs-VvOuQtJfVNRhAVa1PVtXleOyEsJXVEQg

GET
H2

200

Primary Request / Show response
za.azqq.online/oxford/
Redirect Chain

http://www.oxfoadv.store/?s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5
http://za.azqq.online/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5
https://za.azqq.online/verify.php?xx=100241&s=a0203fd8fb08f2bc24b4a82cf7489e9729b7&cid=1678387118100010TNLTV414732905624V5
http://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5

4 KB
2 KB

196ms
195ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Requested by: Host: thruss.com
URL: https://thruss.com/prod/ngo.html?lu=http%3A%2F%2Fwww.oxfoadv.store%2F%3Fs%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D1678387118100010TNLTV414732905624V5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44809e02b8e47eb4b5a7019a058ba2d983af391e203eb3f54b08e1083baed86

Request headers

Referer: https://thruss.com/prod/ngo.html?lu=http%3A%2F%2Fwww.oxfoadv.store%2F%3Fs%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D1678387118100010TNLTV414732905624V5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a557f6099c6b98f-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 18:49:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9coyyP3KVZIJGN2jk%2F1bOnxxJWaRQ4TqPURrkg9sIdkTUjKVIs%2FV%2FrMm1pWEMknRT9qwDnmoJe3NauaFq3L1Z7kk1Mg57C%2BTTFt4NGV8hr39ZDsXuaFRCAMnmVG%2FVXVvKEX%2BGuL4NfuSzebqcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7a557f6069f90e60-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 09 Mar 2023 18:49:23 GMT
Expires: Thu, 09 Mar 2023 19:49:23 GMT
Location: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSDPC1ddMtMy%2Fx8ILF8umV09IXT6UOFXkSjd%2BwLY7nj9Wz5%2FA5n7T8XW%2FYDdSfV6GupW2edpuumzEMlwzTavmtV1wTQaOZvDS8N86EutXsCE%2BxJxEr9N9LV0paslp3%2Fw2prDi6whh1rU%2Ft%2BbxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css2.css
za.azqq.online/templates/FileDownV2/css/ 3 KB
1 KB 35ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.azqq.online/templates/FileDownV2/css/css2.css
Requested by: Host: za.azqq.online
URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c655756185194bb230c5d28da0779e7cd00d10611c372b400f65e01545ce549

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 08:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41190
etag: W/"63fc6f91-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqfyD3XrMrKiFqdWnepV%2BQodd9zeZWrWVY8xnzWLmePhCQe1hhq0GF6FAgQgnv5HtzKwPDyu12fUcsD2%2BdK6W5YbSo%2B6geTkMwHKfu0oEnQVZbRq12Kr5TVjI%2BAsdeeSMze%2BLtyaRc2k9GQVVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a557f61daf0b724-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 18:46:42 GMT

GET
H3 200 css.min.css
za.azqq.online/templates/FileDownV2/css/ 1 KB
943 B 33ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.azqq.online/templates/FileDownV2/css/css.min.css
Requested by: Host: za.azqq.online
URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11bb29130ba9acbf0ef98d75d483c99ed37cde0d082a17fd47659aff0d3ca30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 08:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41190
etag: W/"63fc6f91-4ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkUySjilgS%2F%2Fjb8%2BmIbZtqteEruapQTzSjHfypv12uKQWg1o0dNN3vBth%2FFc5ojhtSucagclrUBwTEr6ZontxbtBQpJxv81rKTvtMsmNFw4eUBm1ElJJ%2FjM147R5V0o1JHrVEb%2BIyQDXmHDGNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a557f61daf1b724-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 18:46:42 GMT

GET
H3 200 styles.min.css
za.azqq.online/templates/FileDownV2/css/ 3 KB
1 KB 37ms
36ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.azqq.online/templates/FileDownV2/css/styles.min.css
Requested by: Host: za.azqq.online
URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d092724cabc4718ff06f75c288950da071136321fdef703a57f3a73c2a3292eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 08:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41190
etag: W/"63fc6f91-c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDfu3llxJsLZDmebmqNUNRWn1hUzReSATIALv0zDGgBH8ccMOJdCaTIvb7OnQ%2FfJ902NHu%2FbnyFVHoi3WcjJLNKt1eFkxKbbW2KNWHA4MXUWCHyxsaGV4o%2BoL%2Bd%2F218SD7oXPRZm0qHFqQCfHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a557f61daf2b724-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 08:54:45 GMT

GET
H3 200 utils.js Show response
za.azqq.online/templates/FileDownV2/js/ 8 KB
3 KB 34ms
32ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.azqq.online/templates/FileDownV2/js/utils.js
Requested by: Host: za.azqq.online
URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667f0b29ff668bb5066e8f880f26c9bda92645ffa9b6410af847e12a5971c1a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 08:53:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41190
etag: W/"63fc6f91-1e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ4fQnKN%2B%2BcQpqTZkeaAIFmOew5vzcHA0kJJbVqXyrVDWVky0InjM4GYwwLE%2F%2FfqP%2BWC4YZdUGqiNZ2bQl2CtiQAmNacMCL0nHKqQK0zj2PntjMZ3NqnS3VTEUp6O8KhHhV%2FPe%2FQF%2FynxwaycA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a557f61daf3b724-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 08:18:24 GMT

GET
H3 200 arrow__up.png
za.azqq.online/templates/FileDownV2/img/ 32 KB
33 KB 34ms
34ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://za.azqq.online/templates/FileDownV2/img/arrow__up.png
Requested by: Host: za.azqq.online
URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 214441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33223
last-modified: Mon, 27 Feb 2023 08:53:37 GMT
server: cloudflare
etag: "63fc6f91-81c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4VCnVlbqad%2B6V6CpK9vsdAit7oFChA7YYvmJgNHz5PCkNobaKvhhKh9FgmQrQIKcUly7awaOE1iEobxK98czLiTHGRwWoAI5RwP85hoXazVPT9Z7tiy8ub5Lb3Xw%2FU9CnXvE8B5TDna%2Bo54qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a557f61eb00b724-AMS
expires: Thu, 06 Apr 2023 06:44:14 GMT

GET
H3 200 lp_v4.js Show response
za.azqq.online/templates/FileDownV2/js/ 4 KB
2 KB 33ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://za.azqq.online/templates/FileDownV2/js/lp_v4.js
Requested by: Host: za.azqq.online
URL: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf2d46bb4a4f4d5f4857769f7181968c13eeb75af37de25dbe467796bfab46e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://za.azqq.online/oxford/?id=1678387763224&v=a9a0710632f90f9827a07b2c63d9e5f99494742a6b&cid=1678387118100010TNLTV414732905624V5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 08:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41190
etag: W/"63fc7083-1013"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpFMoF%2Fkb%2BH6qA%2B%2FCqs07xoZW%2FlUmyOoxK3MWz%2B6qjz1YP04yT%2Bt0FaftTxKHHpdZiIUJLRiDR2BpVI2QeutQwwcL0CwLcKnJPZedYJXjfeWVEgkzWCw432OidWOoXtpDK8NUhfwowTSbBKr2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a557f61eafeb724-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 18:46:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 188ms
59ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: za.azqq.online
URL: https://za.azqq.online/templates/FileDownV2/css/css2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://za.azqq.online/
Origin: https://za.azqq.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 17027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 14:05:36 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.oxfoadv.store/	1970-01-20 19:49:07	Name: uid Value: u78387762640a2a32d8c88598526741
.za.azqq.online/	1970-01-20 19:49:07	Name: vt Value: a9a0710632f90f9827a07b2c63d9e5f99494742a6b
.azqq.online/	1970-01-20 19:49:07	Name: storeid Value: mnmpdlfkkkopanfhfgmipialnaojgfkd
.azqq.online/	1970-01-20 19:49:07	Name: refurl Value: http%3A%2F%2Fza.azqq.online%2Fverify.php%3Fxx%3D100241%26s%3Da0203fd8fb08f2bc24b4a82cf7489e9729b7%26cid%3D1678387118100010TNLTV414732905624V5
.azqq.online/	1970-01-20 19:49:07	Name: taskid Value: 100241
.za.azqq.online/	1970-01-20 19:49:07	Name: subid Value: adsn
.za.azqq.online/	1970-01-20 19:49:07	Name: uid Value: u78387763640a2a336c0c1005948678
.za.azqq.online/	1970-01-20 19:49:07	Name: ts Value: f51c08c7dd5a2858acdd37eg0q2m0b1cab5m3maqbc
.za.azqq.online/	1970-01-20 19:49:07	Name: p Value: 100066
.azqq.online/	1970-01-20 19:49:07	Name: rqp Value: %7B%22id%22%3A%221678387763224%22%2C%22v%22%3A%22a9a0710632f90f9827a07b2c63d9e5f99494742a6b%22%2C%22cid%22%3A%221678387118100010TNLTV414732905624V5%22%7D
.za.azqq.online/	1970-01-20 10:13:11	Name: vs Value: za.azqq.online

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
thruss.com
www.oxfoadv.store
za.azqq.online
2606:4700:3031::ac43:970e
2a00:1450:4001:831::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
3c655756185194bb230c5d28da0779e7cd00d10611c372b400f65e01545ce549
4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb
667f0b29ff668bb5066e8f880f26c9bda92645ffa9b6410af847e12a5971c1a6
cdf2d46bb4a4f4d5f4857769f7181968c13eeb75af37de25dbe467796bfab46e
d092724cabc4718ff06f75c288950da071136321fdef703a57f3a73c2a3292eb
e44809e02b8e47eb4b5a7019a058ba2d983af391e203eb3f54b08e1083baed86
f11bb29130ba9acbf0ef98d75d483c99ed37cde0d082a17fd47659aff0d3ca30
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

za.azqq.online Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

60 kBTransfer

72 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

11 Cookies

Indicators

za.azqq.online Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

60 kB
Transfer

72 kB
Size

11
Cookies

9 HTTP transactions
0 data transactions