www1.portalultautv.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
Submission: On December 12 via manual (December 12th 2022, 4:17:29 pm UTC) from RO — Scanned from DE

Summary HTTP 48 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 48 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www1.portalultautv.net.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2022. Valid for: 3 months.

This is the only time www1.portalultautv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	190.115.19.71 190.115.19.71	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e0:... 2606:4700:e0::ac40:6914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	213.186.120.177 213.186.120.177	6849 (UKRTELNET) (UKRTELNET)
1 4	2606:4700:e0:... 2606:4700:e0::ac40:671e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	104.196.247.193 104.196.247.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
48	13

18 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www1.portalultautv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 190.115.19.71 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)

hqq.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

commentsengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:6914 (United States)

ASN13335 (CLOUDFLARENET, US)

testingmetriksbre.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

alleviatepracticableaddicted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.186.120.177 (Ukraine)

ASN6849 (UKRTELNET, UA)
PTR: as8277.seedbox.org.ua

cdn-s7.cfeucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:671e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

marazma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.marazma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.196.247.193 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.247.196.104.bc.googleusercontent.com

www.greenlanemarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	portalultautv.net www1.portalultautv.net	300 KB
13	hqq.to hqq.to — Cisco Umbrella Rank: 207125	97 KB
4	marazma.com 1 redirects marazma.com www.marazma.com	49 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4242	2 KB
3	unpkg.com unpkg.com — Cisco Umbrella Rank: 784	41 KB
3	testingmetriksbre.ru testingmetriksbre.ru — Cisco Umbrella Rank: 74256	3 KB
1	greenlanemarketing.com www.greenlanemarketing.com
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
1	cfeucdn.com cdn-s7.cfeucdn.com	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	85 KB
1	alleviatepracticableaddicted.com alleviatepracticableaddicted.com — Cisco Umbrella Rank: 180698
1	commentsengine.com commentsengine.com — Cisco Umbrella Rank: 94567	663 B
48	12

	Domain	Requested by
18	www1.portalultautv.net	www1.portalultautv.net
13	hqq.to	www1.portalultautv.net hqq.to unpkg.com
3	marazma.com	hqq.to marazma.com
3	mc.yandex.ru	1 redirects hqq.to testingmetriksbre.ru
3	unpkg.com	hqq.to
3	testingmetriksbre.ru	hqq.to testingmetriksbre.ru
1	www.greenlanemarketing.com	hqq.to
1	www.marazma.com	1 redirects
1	fonts.googleapis.com	marazma.com
1	cdn-s7.cfeucdn.com
1	cdn.jsdelivr.net	testingmetriksbre.ru
1	alleviatepracticableaddicted.com	hqq.to
1	commentsengine.com	hqq.to
48	13

This site contains links to these domains. Also see Links.

Domain
twitter.com
ro.pinterest.com
www.imdb.com

Subject Issuer	Validity	Valid
*.portalultautv.net GTS CA 1P5	`2022-11-27` - `2023-02-25`	3 months	crt.sh
hqq.to R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-14` - `2023-04-13`	a year	crt.sh
*.testingmetriksbre.ru E1	`2022-10-26` - `2023-01-24`	3 months	crt.sh
alleviatepracticableaddicted.com R3	`2022-11-02` - `2023-01-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.cfeucdn.com Sectigo ECC Domain Validation Secure Server CA	`2022-05-10` - `2023-05-21`	a year	crt.sh
*.marazma.com GTS CA 1P5	`2022-12-08` - `2023-03-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.greenlanemarketing.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
Frame ID: AEBB5CC3BC7F7D069B7239FD01435BA6
Requests: 19 HTTP requests in this frame

Frame: https://hqq.to/blocked.html
Frame ID: FC6E8D11444A471E8CC1A9A0B8E8F4E4
Requests: 22 HTTP requests in this frame

Frame: https://testingmetriksbre.ru/f.php?sid=212040
Frame ID: EC1B20F3B2268B412C443E6087C25438
Requests: 5 HTTP requests in this frame

Frame: https://marazma.com/Jr1zAzZ
Frame ID: B04B2ABB38C23B62C037C6DCC9FECC61
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Riddick Bătălia începe - The Chronicles of Riddick (2004) Online Subtitrat

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

96 %
HTTPS

67 %
IPv6

12
Domains

13
Subdomains

13
IPs

5
Countries

584 kB
Transfer

2171 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/PortalulTV
Title: Twitter

Search URL Search Domain Scan URL

URL: https://ro.pinterest.com/filmeonlinegratis/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.imdb.com/title/tt0296572
Title: IMDB: 6.7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Ftestingmetriksbre.ru%2Ff.php%3Fsid%3D212040&page-ref=https%3A%2F%2Fhqq.to%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A52682075587%3Ahid%3A941933835%3Az%3A0%3Ai%3A20221212161725%3Aet%3A1670861846%3Ac%3A1%3Arn%3A20999239%3Arqn%3A1%3Au%3A1670861846752493039%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C14%2C77%2C0%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C103%3Aco%3A0%3Acpf%3A1%3Ans%3A1670861845393%3Arqnl%3A1%3Ast%3A1670861846%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Ftestingmetriksbre.ru%2Ff.php%3Fsid%3D212040&page-ref=https%3A%2F%2Fhqq.to%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A52682075587%3Ahid%3A941933835%3Az%3A0%3Ai%3A20221212161725%3Aet%3A1670861846%3Ac%3A1%3Arn%3A20999239%3Arqn%3A1%3Au%3A1670861846752493039%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C14%2C77%2C0%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C103%3Aco%3A0%3Acpf%3A1%3Ans%3A1670861845393%3Arqnl%3A1%3Ast%3A1670861846%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 46

https://www.marazma.com/zEel8G4 HTTP 301
https://marazma.com/zEel8G4

48 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/ 86 KB
21 KB 180ms
96ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bdaebd04aa3598c0944c1ccd16d8170adc37b6ad730ea03a0c087fd2286469f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7787c5200916bb4a-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 16:17:24 GMT
last-modified: Mon, 12 Dec 2022 16:15:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlHHJduNuuUmJ9Ehjkay7oF3J92bGKmV2Lthz%2B2lp%2FOoFtOMoR39XZVIm9gkLhKMayON1Qqg2VQr9fkMVzTslpebJDtEpAxLRRyIiaAdFLMnMrtOldB7jtENW%2BXu6UKOEgUMJF%2Fkp3UJHx9uc0fPJfZI0qcf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 234bf96ff06a6339bbe99de6b0a0f8f9.css
www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/ 8 KB
1 KB 41ms
39ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f250b5f9b37f44bcf05f259afb23e1239feaac97e3e7ab5cfff82ac724bc4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18499
cf-polished: origSize=7948
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 11:08:11 GMT
server: cloudflare
etag: W/"63970b9b-28a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKqk%2F%2F%2F0cbMB9psI%2F%2BeFFA2jTyEQiNPaifvFI90QJY13%2FGTjWhITnTnuA7Td9xXoTIO%2FRTJfj%2BS5%2FZRF1L0bhQSm3eHJhZIeZ%2FaDSaBmJm%2FlX%2B91dVNcf90AofGc%2BYKT1MGhJo%2FcfK7yzIX7f5eUg%2Fjj4Rvw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7787c520aa5bbb4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www1.portalultautv.net/wp-includes/css/dist/block-library/ 93 KB
13 KB 74ms
73ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18406
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 15 Nov 2022 20:02:07 GMT
server: cloudflare
etag: W/"6373f03f-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqCIWaPl%2FegQGKlcZxfCV3UYKeVUbtmVhRUyYTNhETTaoE5fQ31m1QpPshZ6ohtGH0GX%2F%2Bdsn6S48q7j16KXE9X%2FSKPPRa%2B9%2BNMgNybeZlr%2Bzpbi2NGFIbNxYvrjyiqTmKq3s%2BcMbZj7xRS8K09pzWS15yM2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7787c520aa5fbb4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
www1.portalultautv.net/wp-includes/css/ 217 B
567 B 130ms
128ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18406
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Nov 2022 06:39:28 GMT
server: cloudflare
etag: W/"636210a0-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v89lK177CcsMd5uC%2F8GnuR3UG8Ca469jQ3UPXOTwrF9WlFMd8LZqT7qL9vANVlHHqLVcH3oxRRHmTyAv9FASCQAqziTH4k1MnwnFN%2Bk9W8%2BZ%2BuokfyCykdMH0Eo4Q%2BN4D8kbGuS%2FpC6f6YCeeb4TG5ZOC5A"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7787c520aa62bb4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www1.portalultautv.net/wp-content/cache/min/1/wp-content/themes/donovan/ 57 KB
10 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/themes/donovan/style.css?ver=1670843292

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

927c4f180b37ab003945bd6227e4e9a94d17ab094cfedf98ba5f8613a004d017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18499
cf-polished: origSize=58827
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 11:08:12 GMT
server: cloudflare
etag: W/"63970b9c-2591"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCNosxV%2Fupr6gws8DjzBUTKOK10QCS7OuIsXnQ%2Bg5tFS0f13D2BYeL%2FQhnInOWly1BqwQ4J%2FVZxrXHG8UFC61nmy2FDhTijnI07kSBiBdBXSddGPuq6KhTw%2F4YP1JdHkNNQpxjHjNJooc5Wtqa922ZrWnvot"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7787c520aa64bb4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 social-icons.svg
www1.portalultautv.net/wp-content/themes/donovan/assets/icons/ 34 KB
14 KB 52ms
52ms Other
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/themes/donovan/assets/icons/social-icons.svg?ver=20221122

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e719396115659f0219d1849115a2938e8e71c1f800d90fdd4180360fe095182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18201
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 13:22:02 GMT
server: cloudflare
etag: W/"637cccfa-86e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMzwO5S30snOMnILKjDaGryWPfBWKCgVLAZe8rH6F%2BPwnDgXSSXtt%2FlHhNJYU2sNAW8k%2FFoHN3TKqTb99YwR5MagjdmH8PVEogtrcmxCAZOAhUsMtGpVORXDvy58fBFlfOo9bEYRpmkHflHDigQnJp9po8nI"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7787c520ca8fbb4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genericons-neue.svg
www1.portalultautv.net/wp-content/themes/donovan/assets/icons/ 27 KB
8 KB 50ms
49ms Other
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/themes/donovan/assets/icons/genericons-neue.svg

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17862
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 13:22:02 GMT
server: cloudflare
etag: W/"637cccfa-6d66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rfEFzYCSuFf7Mo5sby2VXWssLSlpZRPvKpZLWt%2Fu%2F2UpjcYG0u9yTEr37%2FdGF5H7vWpj9ha3FQOUeijMlj%2B%2FtDXwHFmCYYZobTTLuCs2NminC1NbV2SRxhvS0kYWbAhbRmMCb1agXjW3tCTErVv3RePLG1%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7787c520ca91bb4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37d10cb81efe31c5074f858db94553824729240b059eb59aeb6b1aae06504390

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 lazyload.min.js Show response
www1.portalultautv.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 43ms
42ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15472
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Nov 2022 16:56:08 GMT
server: cloudflare
etag: W/"6363f2a8-2063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvM0dlXn6xI93a8kaWXA6dOEAnW7MyKaHmy0SB2peSoNelIF9wide5Ug5k7zU3tbiA8JTeXYY2HsT4G3j7jgoTbSI36%2FviIOSkQYGoMYsfdnga3JG0VkJvXVSC5%2BUJDv0%2BMm2XJ6nT11yhCgk0tD3qITp7lJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7787c5210f37cab5-HAM
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
www1.portalultautv.net/wp-content/fonts/raleway/ 45 KB
46 KB 42ms
42ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/fonts/raleway/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291
Origin: https://www1.portalultautv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 19 Sep 2022 20:53:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo256Dsp0B0EY9KyiNWIf8iwrzf0fc%2FgE6nGqN5R176VaemGP1%2BSt1tOkzLgyLGt3e7xMusLO6qVAlB08obliMkQ8WqL2qVF1LmKrNem%2Bqlzf8mGQUKhTk0MzKaSDriokgomU4Bbb8e11MbvY4%2BREfJtTVL2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7787c5211f4fcab5-HAM

GET
H3 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
www1.portalultautv.net/wp-content/fonts/quicksand/ 25 KB
26 KB 82ms
81ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/fonts/quicksand/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291
Origin: https://www1.portalultautv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 19 Sep 2022 20:53:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDRmHIZmF7weSslpGAspCIfkVBT8wETuJipM%2FJpwC3BsLQrHdx77rDlS%2Bv49CdmH%2BT%2BM1igDAgorJdxXwX1WzZjIq1T9ufrbA1BtHRy9rhIpOwkngmacLzuTmxp1HL5Nz8a00z5i3fcCkHQi1od5qHYe0oRF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7787c5211f51cab5-HAM

GET
H3 200 1Ptsg8zYS_SKggPNyCg4TYFq.woff2
www1.portalultautv.net/wp-content/fonts/raleway/ 47 KB
48 KB 85ms
85ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/fonts/raleway/1Ptsg8zYS_SKggPNyCg4TYFq.woff2

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291
Origin: https://www1.portalultautv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 19 Sep 2022 20:53:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t6159RLl3MwTml9ebnolIrKDuVvl4P4J3L05fcKuFHuwBv9XqW5vb9%2Fg1irewHRZfC6u3yl4eK5%2B5HxGL70djNTcOm3IsjTGge9%2FywVwnp9jzyFi07pUmjA05ml1DtB%2BN5AipUdNNsGDVKI6E38EcqetF5B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7787c5212f56cab5-HAM

GET
H3 200 6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
www1.portalultautv.net/wp-content/fonts/quicksand/ 22 KB
22 KB 91ms
91ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/fonts/quicksand/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0696ea5d7cd294b7921ddb1b74a7a89de7ff7eedf8cda7ada92ef045004e9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291
Origin: https://www1.portalultautv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 19 Sep 2022 20:53:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDi%2FC0BJTmEpB9sj8C6sBrMl6BKm57hvqRWtowEks54wun9lucUtAXjyRoLH%2FQ6UfgoR6GeSFNDqa5lrjSIvWhT4slHcu0k6uLwE7wufP4hDO17MUAtb8hnuCtyvZltgUrehNiA%2BzW4T3qh%2BGYD7SsqKYzlp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7787c5212f66cab5-HAM

GET
H3 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
www1.portalultautv.net/wp-content/fonts/raleway/ 30 KB
30 KB 92ms
91ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.portalultautv.net/wp-content/fonts/raleway/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.portalultautv.net/wp-content/cache/min/1/wp-content/fonts/234bf96ff06a6339bbe99de6b0a0f8f9.css?ver=1670843291
Origin: https://www1.portalultautv.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 19 Sep 2022 20:53:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXmmbO89To3%2FLcvi89yIBpWUNdSZbi1UDnd%2FTj93LuYkPpHMJnYx6Y9f5IaLoZ4qlMsxPbvrkSNa8QB254AHNUbh3W2J04Jn%2Fh8kYmuzZqkYsye8kjB%2Bi59DQI1ClbdKwErGwpSbGqo1iItmUUVVMDkLIT9N"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7787c5212f68cab5-HAM

GET
H3 200 filme-erotice-2020-online.jpg
www1.portalultautv.net/wp-content/uploads/2020/04/ 11 KB
12 KB 70ms
69ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.portalultautv.net/wp-content/uploads/2020/04/filme-erotice-2020-online.jpg

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436991a5072169239835202c079a91adc0cb02baa5847553131ab6f7a7bf61b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11251
last-modified: Tue, 28 Dec 2021 01:33:47 GMT
server: cloudflare
etag: "61ca697b-2bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uw6mnJ2%2BtejtB%2BGh%2FcfkEj5x6KLy1gNT4pphrRk40kcVe1BecRdtjgYxcEQZ4fxBEVZsV8bYxYUXSFP4wW1vnJIU%2FepQwuOUxXdpXZdvoc2dRxQeFmNzmuJ%2FLUKXWe0Kllk7T7yfbpUzBpk7Tdnmj5P0dt0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7787c5216fb6cab5-HAM
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1.png
www1.portalultautv.net/wp-content/uploads/2019/11/ 17 KB
18 KB 74ms
74ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.portalultautv.net/wp-content/uploads/2019/11/1.png

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aefc2e399c24ee4637836d356908e0b5e23700ed1086291a4e12fb762177c92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17643
last-modified: Tue, 28 Dec 2021 01:32:10 GMT
server: cloudflare
etag: "61ca691a-44eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1Cnk6s9kPqx5rzWHyaHzuy88EAlet1lVKisbffWmnls1QdvwWXv6T8SL42Vlx3bZN3JnvtiAGmpjqt1%2F%2BWnw%2FeofezmGhETYozi46ThZ9zgk%2FJ4QWzTptVubn3KlnKkkrZEJy62QTlCVIavks%2FNpjur1AMJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7787c5216fb8cab5-HAM
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 filme-seriale-netflix.jpg
www1.portalultautv.net/wp-content/uploads/2020/04/ 6 KB
7 KB 75ms
75ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.portalultautv.net/wp-content/uploads/2020/04/filme-seriale-netflix.jpg

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d00006b1150199e850bbad8c56d2b3fe04621a0a4f0deeb45d34114c5a345dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6166
last-modified: Tue, 28 Dec 2021 01:33:47 GMT
server: cloudflare
etag: "61ca697b-1816"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92meifFwDk2U9n41gVHYkjZNSAzko6f0SUEsQkWG85rzM8CO3tZI%2BYZ3iBtwntrngTBkHVKauUgfaVzxIzvAz7vkIAflEArwrWsiUThDE31ix%2BexGQKZ1kx5lc0uE%2FqxmR4rHTv42r8esEOg0VDLoKl8%2FG41"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7787c5216fbacab5-HAM
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 seriale-online-2020.jpg
www1.portalultautv.net/wp-content/uploads/2020/04/ 10 KB
11 KB 75ms
75ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.portalultautv.net/wp-content/uploads/2020/04/seriale-online-2020.jpg

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d215fd4b576318ca66d89d625bd42fdc4f168cbc67c04286ec64b9d9e8754a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10631
last-modified: Tue, 28 Dec 2021 01:33:57 GMT
server: cloudflare
etag: "61ca6985-2987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly%2BSIucwIytWdxpW72UhcLQ%2BZ56GhffWbCHaFTQh%2BojpZW17VeBxWTNsrFz%2FccXsSUiDNacr7ELmTnvbUclnb2%2Fhtkx0jEhGVjgxxIhlT37aZ%2BgCWqmcntE%2B%2Bo1sp84URSQOH%2FWAmDKNUnrDHj%2BUDvWvQFjh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7787c5216fbbcab5-HAM
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Filme-Indiene-2020.jpg
www1.portalultautv.net/wp-content/uploads/2020/04/ 9 KB
10 KB 76ms
75ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.portalultautv.net/wp-content/uploads/2020/04/Filme-Indiene-2020.jpg

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f828f6e46812f04a98b0e586ef9a0305147785d439ebde4ff85f33a3747ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9570
last-modified: Tue, 28 Dec 2021 01:33:47 GMT
server: cloudflare
etag: "61ca697b-2562"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs0jV5MzRbB05AD8KQ5wgnaAKOAE474cCF8WyjdShdvZbljCGKR321XlQaGl0uohaxFIo1Fb%2FL0YFm2lc2bI4PZzK%2Bmbq20%2BUtYSqliZPHTakY%2BVVgH7M2yLtNbnLE5payQxFtSq3FTz6YnFRvCnPNTau%2Bon"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7787c5216fbccab5-HAM
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 czZVd2pnRmVOL1lYeFo0ZjJra21JUT09 Show response
hqq.to/e/ Frame FC6E 143 KB
41 KB 109ms
38ms Document
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09

Requested by

Host: www1.portalultautv.net
URL: https://www1.portalultautv.net/riddick-batalia-incepe-the-chronicles-of-riddick-2004/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

91835c33e8a15371114f44fca5c633597b2b9990dcd8c74915cd07873d5ea699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 16:17:24 GMT
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
server: ddos-guard
vary: Accept-Encoding
x-cache-status-inferno: MISS
x-content-type-options: nosniff
x-inferno-limit-req: PASSED
x-inferno-location: player
x-origin-location: player
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection: 1; mode=block;

GET
H2 200 js.load.1.js Show response
commentsengine.com/js/ Frame FC6E 0
663 B 149ms
101ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://commentsengine.com/js/js.load.1.js?6345917880877863
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
x-cache-status-inferno-s: HIT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3498357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
server: cloudflare
etag: "625811a4-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOdBV45JZG4BmomMn2PV69TxUs%2Bv%2BuYVonomS9iOt4gkxgWz8NwQ3gaJ79gt2Gj52I06ziw5X5gAS1RVnIN60G2jlLIHQfs3eoky5OTEGGXxiWa9ff6z7DdWDdFtmiTajVCgQsYDNmHoUk8DC2aIk3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7787c5228aaa0e39-AMS

GET
H2 200 embed_player.3.css
hqq.to/styles/global/ Frame FC6E 6 KB
2 KB 16ms
16ms Stylesheet
text/css 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/styles/global/embed_player.3.css?130
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 09:01:35 GMT
content-encoding: br
x-cache-status-inferno-s: HIT
age: 4864549
content-length: 1623
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
server: ddos-guard
etag: W/"5fd14cc5-1701"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30

GET
H2 200 netu.php Show response
testingmetriksbre.ru/ Frame FC6E 1 KB
1 KB 132ms
88ms Script
application/javascript 2606:4700:e0::ac40:6914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://testingmetriksbre.ru/netu.php
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkU%2BBqlgjK3HdoUo3LeBLgE6Nk13fMj1P6wD090c6tWGpxY2grPgKVGSshNofSxplSL2TLxORcP9Js%2BothNTQio2cCabA6vDgadm5JoKGg352PnhyYOTC9T0QGcvyuLtQpl3rxkmSEDG9cPPR1t4QogaaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7787c5228b9a9158-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 modernizr.js Show response
hqq.to/js/video.jquery_plugs/ Frame FC6E 1 KB
903 B 19ms
19ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/js/video.jquery_plugs/modernizr.js?12
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 11:56:36 GMT
content-encoding: br
x-cache-status-inferno-s: MISS
age: 793248
content-length: 652
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
server: ddos-guard
etag: W/"5b142327-4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true

GET
H2 200 progressbar.min.js Show response
unpkg.com/progressbar.js@1.1.0/dist/ Frame FC6E 29 KB
9 KB 305ms
20ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js

Requested by

Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10543737
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GA9AQHHX3CWYWSVCGCSBX38C-fra
server: cloudflare
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7787c5243c68914d-FRA

GET
H2 200 jquery.min.js Show response
unpkg.com/jquery@2.2.4/dist/ Frame FC6E 84 KB
30 KB 22ms
22ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery@2.2.4/dist/jquery.min.js

Requested by

Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27764565
last-modified: Fri, 20 May 2016 17:24:42 GMT
fly-request-id: 01FT83NHCFZGSE38RBRA5G37EF
server: cloudflare
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7787c5246cc3914d-FRA

GET
H2 200 jquery.cookie.js Show response
unpkg.com/jquery.cookie@1.4.1/ Frame FC6E 3 KB
1 KB 22ms
22ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js

Requested by

Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5933293
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id: 01GEJQK5JWTXJ3WXSGVH2Z05MG-fra
server: cloudflare
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7787c524ad3f914d-FRA

GET
H2 200 d_check.js Show response
hqq.to/js/ Frame FC6E 3 KB
1 KB 16ms
16ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/js/d_check.js?34
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:42:09 GMT
content-encoding: br
x-cache-status-inferno-s: MISS
age: 952516
content-length: 1132
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
server: ddos-guard
etag: W/"5e57d8f1-d8a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true

GET
H2 200 embed.205.js Show response
hqq.to/js/ Frame FC6E 166 KB
39 KB 20ms
20ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/js/embed.205.js?736
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: ef850b290948938d1178c99dd961524ed8a93088edaf2097ae1d7c47692c8cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:42:09 GMT
content-encoding: br
x-cache-status-inferno-s: MISS
age: 952516
content-length: 39292
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
server: ddos-guard
etag: W/"62ec0ae6-298ce"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true

GET
H2 200 popunder.js Show response
hqq.to/ad/api/ Frame FC6E 21 B
212 B 18ms
18ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/ad/api/popunder.js
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:42:10 GMT
content-encoding: br
x-cache-status-inferno-s: HIT
age: 952515
content-length: 19
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
server: ddos-guard
etag: W/"6141fdde-15"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 fuckadblock.js Show response
hqq.to/js/adv/ Frame FC6E 14 KB
4 KB 18ms
17ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/js/adv/fuckadblock.js?2
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 13:39:52 GMT
content-encoding: br
x-cache-status-inferno-s: MISS
age: 959853
content-length: 3426
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
server: ddos-guard
etag: W/"5d656ab8-369e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true

GET
H2 200 script-2.12.5.js Show response
hqq.to/js/ Frame FC6E 19 KB
4 KB 17ms
16ms Script
application/javascript 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/js/script-2.12.5.js
Requested by: Host: hqq.to
URL: https://hqq.to/js/embed.205.js?736
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 15:42:09 GMT
content-encoding: br
x-cache-status-inferno-s: MISS
age: 952516
content-length: 4345
x-inferno-location: static
accessing-static: 1
pragma: cache
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
server: ddos-guard
etag: W/"5fc69965-4cb8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials: true

GET
H2 404 trace Show response
hqq.to/cdn-cgi/ Frame FC6E 548 B
301 B 30ms
29ms XHR
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/cdn-cgi/trace
Requested by: Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept: */*
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:24 GMT
content-encoding: gzip
server: ddos-guard
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-cache-status-inferno: MISS
x-origin-location: /
x-inferno-location: /

GET
H/1.1 403
Forbidden ab0be2a44b7ecf91bdbd5cd360d84937.js
alleviatepracticableaddicted.com/ab/0b/e2/ Frame FC6E 0
0 411ms
95ms Script
application/javascript 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 16:17:25 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 f.php Show response
testingmetriksbre.ru/ Frame EC1B 3 KB
2 KB 90ms
77ms Document
text/html 2606:4700:e0::ac40:6914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://testingmetriksbre.ru/f.php?sid=212040
Requested by: Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/netu.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 1309ab2c26fadcda58d5a1205ebf14cbd322d704a536f427ad5897c25c74d96e

Request headers

Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7787c525ca1b9c12-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 16:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqWgk9VRlia4kbqO5VOD%2BYQSwKsBT7aOHL0tqkERNjJaTkEaIKd%2BcNB6XTd3OV5dmwZQoojoOVarMXNDu0AWKsETKv4W6ZOZgkNQknOKLLopN07vJyrMrxJZ1nWlP6oD7MiRImUdxCbk8NqfNsY79rQCcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
x-robots-tag: noindex

POST
H2 200 get_player_image.php Show response
hqq.to/player/ Frame FC6E 10 KB
4 KB 81ms
80ms XHR
application/json 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/player/get_player_image.php
Requested by: Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e686a3100b58b800b8c836713473579e44e21b659cc005ed252c3dc7a0357dbd

Request headers

Accept: */*
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

x-img-cr: j
date: Mon, 12 Dec 2022 16:17:24 GMT
content-encoding: gzip
x-file-download-url: http://127.0.0.1/origin/s7.netu.tv/flv/api/files/thumbs/2017/10/07/1507383995c0bxz-640x480-1.jpg
x-file-downloaded: from cdn
x-clickarr-add-e: 2
x-inferno-limit-req: PASSED
x-inferno-location: player
pragma: no-cache
x-image-size: 3861
server: ddos-guard
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-origin-location: get_image
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-file-located: temp, filename:../files/temp/video_images/z/x/1507383995c0bxz-1.jpg

GET
H3 200 banner.gif
testingmetriksbre.ru/ads/ Frame EC1B 42 B
504 B 62ms
62ms Image
image/gif 2606:4700:e0::ac40:6914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://testingmetriksbre.ru/ads/banner.gif
Requested by: Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://testingmetriksbre.ru/f.php?sid=212040
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:25 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Jul 2022 17:05:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62c46f48-2a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tW%2FH3iqi7Xetfd4m7Eta9d68%2BRl7u7%2FOyMReR%2FtZdqTKCW7%2B5dQnwNqpbCnfDzelMqmFcI9kuS8D22zPaRO2XnDDuhAZzbclmjM9jvscaTayDBeP9M7gdjVZ1YCHxGYQTp%2BSM0b6v0xN2wJxtzqpH3epg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 7787c5265b2a9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame EC1B 211 KB
85 KB 80ms
48ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9418fa386b30c9844c9b25831f0cf6b0349ade98edd18d756ff4cd3f48420966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://testingmetriksbre.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15359
x-jsd-version: 1.253.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA, cache-yyz4565-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"34dc7-QN+lYHnjJ+PpkS6+fgpqfPCXGHE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63WfiHYTVZLXLqAUe%2B99NaR7%2F%2B2Uqsh9Im63lkYqUhlbWRceCqX%2B%2ByHEII3RkmTmyc69wguyKgkQ61l6EglrTFK3A0XO6hgQfwOD9tNpSWGq7hN0l%2Bg2LO7g5JU%2Fme0Ue2umqOq0p3Xqy8F2aM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7787c5268f3b696f-FRA

GET
DATA 200
OK truncated
/ Frame FC6E 7 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363d646c8570dc46ed800d3c9905bd20f909f157b99c1d09746472b8c52b977e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2

200

1 Show response
mc.yandex.ru/watch/90175160/ Frame EC1B
Redirect Chain

https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Ftestingmetriksbre.ru%2Ff.php%3Fsid%3D212040&page-ref=https%3A%2F%2Fhqq.to%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos...
https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Ftestingmetriksbre.ru%2Ff.php%3Fsid%3D212040&page-ref=https%3A%2F%2Fhqq.to%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ld...

435 B
517 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Ftestingmetriksbre.ru%2Ff.php%3Fsid%3D212040&page-ref=https%3A%2F%2Fhqq.to%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A52682075587%3Ahid%3A941933835%3Az%3A0%3Ai%3A20221212161725%3Aet%3A1670861846%3Ac%3A1%3Arn%3A20999239%3Arqn%3A1%3Au%3A1670861846752493039%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C14%2C77%2C0%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C103%3Aco%3A0%3Acpf%3A1%3Ans%3A1670861845393%3Arqnl%3A1%3Ast%3A1670861846%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

934a0371bef9d695ac8754309874df3694311cb2d12d22cc74fee9a6b6df8d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://testingmetriksbre.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 16:17:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 12-Dec-2022 16:17:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://testingmetriksbre.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 16:17:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 16:17:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 12-Dec-2022 16:17:25 GMT
location: /watch/90175160/1?wmode=7&page-url=https%3A%2F%2Ftestingmetriksbre.ru%2Ff.php%3Fsid%3D212040&page-ref=https%3A%2F%2Fhqq.to%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A52682075587%3Ahid%3A941933835%3Az%3A0%3Ai%3A20221212161725%3Aet%3A1670861846%3Ac%3A1%3Arn%3A20999239%3Arqn%3A1%3Au%3A1670861846752493039%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C14%2C77%2C0%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C103%3Aco%3A0%3Acpf%3A1%3Ans%3A1670861845393%3Arqnl%3A1%3Ast%3A1670861846%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://testingmetriksbre.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 16:17:25 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame EC1B 43 B
290 B 154ms
50ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://testingmetriksbre.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Dec 2022 16:09:11 GMT
etag: "63933377-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Dec 2022 17:17:25 GMT

GET
H2 200 _adview_.ad.json Show response
hqq.to/ad/banner/_adsense_/_adserver/ Frame FC6E 2 B
180 B 20ms
19ms XHR
application/json 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=66271973
Requested by: Host: hqq.to
URL: https://hqq.to/js/adv/fuckadblock.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 16:17:25 GMT
content-encoding: gzip
server: ddos-guard
x-inferno-location: banner
vary: Accept-Encoding
content-type: application/json, application/json

GET
H2 200 _adview_.ad.json Show response
hqq.to/ad/banner/_adsense_/_adserver/ Frame FC6E 2 B
130 B 18ms
17ms XHR
application/json 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=63601407
Requested by: Host: hqq.to
URL: https://hqq.to/js/adv/fuckadblock.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 16:17:25 GMT
content-encoding: gzip
server: ddos-guard
x-inferno-location: banner
vary: Accept-Encoding
content-type: application/json, application/json

GET
H2 200 1507383995c0bxz-640x480-1.jpg
cdn-s7.cfeucdn.com/flv/api/files/thumbs/2017/10/07/ Frame FC6E 4 KB
4 KB 298ms
139ms Image
image/jpeg 213.186.120.177
UKRTELNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-s7.cfeucdn.com/flv/api/files/thumbs/2017/10/07/1507383995c0bxz-640x480-1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 213.186.120.177 , Ukraine, ASN6849 (UKRTELNET, UA),
Reverse DNS: as8277.seedbox.org.ua
Software: cloudflare /
Resource Hash: ede9d79d4bec547b9b86a8cefb0f5794ceeed78ae6bf59312fd93d98ba0a7242

Request headers

Referer: https://hqq.to/
Origin: https://hqq.to
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:26 GMT
last-modified: Sat, 07 Oct 2017 14:14:00 GMT
server: cloudflare
etag: "59d8e128-f15"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://hqq.to
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=3122064000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Range,X-Kl-Ajax-Request,Sec-Ch-Ua-Mobile,Sec-Ch-Ua,Accept-Language,Save-Data,X-Forwarded-Proto,Dnt,X-Forwarded-For,Accept-Encoding
content-length: 3861
expires: Tue, 18 Nov 2121 16:17:26 GMT

GET
H2 200 Jr1zAzZ Show response
marazma.com/ Frame B04B 4 KB
2 KB 100ms
54ms Document
text/html 2606:4700:e0::ac40:671e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marazma.com/Jr1zAzZ
Requested by: Host: hqq.to
URL: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:671e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85ac0fb65d48351f5357a12f503f1aed17f66c3a9d619de36bf42eab168a3fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7787c52c4d131626-DUS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 16:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP0vCCrT3ErY8d3ivfcR%2Bn6quVRSQdfgTO7d3ftdOi%2BB73mgy5E3T8s2UUpfC0LBiIj%2BwxwOnrnUdaESO%2BUQyNzD4qukmUzaswZ3Z9wVAjnLPau%2B7wjqGnvugFAlMS7K88%2FIXzgL1Y6qPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 style.css
marazma.com/static/css/ Frame B04B 475 KB
45 KB 55ms
26ms Stylesheet
text/css 2606:4700:e0::ac40:671e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marazma.com/static/css/style.css
Requested by: Host: marazma.com
URL: https://marazma.com/Jr1zAzZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:671e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66fe355df05f776acfc96795f190101731f018185578206eeb810192780d6e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marazma.com/Jr1zAzZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 21:31:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 386
etag: W/"63925797-76c83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BnPtnlLMvJnrhmy8ruEfffnU4qYk2FlZM9mLB39ANqa2BPrhVhtsKi%2FTJn2bHlRjaV5WW%2BXiJ5j5Shk5Ede%2FGizu1b86tWDFFXOodAn%2FzlJVxgYFL6srCbz%2FHnSMmgQiX4zQmX%2Fwzt%2B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7787c52cead86d8f-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame B04B 59 KB
2 KB 53ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|oswald

Requested by

Host: marazma.com
URL: https://marazma.com/Jr1zAzZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e04d502c82ff94bd0e7c766227d756764f072eb93b61d238adc9b146088cfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marazma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 16:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 15:26:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 16:17:26 GMT

GET
H3

200

zEel8G4 Show response
marazma.com/ Frame B04B
Redirect Chain

https://www.marazma.com/zEel8G4
https://marazma.com/zEel8G4

4 KB
2 KB

52ms
52ms

Script
text/html

2606:4700:e0::ac40:671e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marazma.com/zEel8G4
Requested by: Host: marazma.com
URL: https://marazma.com/Jr1zAzZ
Protocol: H3
Server: 2606:4700:e0::ac40:671e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0e8d1a174091bb67bdfe67a1c11430541d1e8a7bccf3a29a2718cabab1e159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://marazma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wf8gE5D0p8KfjM%2FSLrNsAAv%2BDxbVWAq6nnS45oCNemOMrora8uxW%2B0TtJFoCV2Q62SU%2FCCXWYqlQuCHFJuNR%2FOV2dscMVC0dfU4Wdz2mkSxj4QLDo0EG%2Bk67U8MT5axKt2RmNJDksTG1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7787c52cfb026d8f-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 12 Dec 2022 16:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jHZVFZWbd2KwakGmVj4HLPMQLLxFmuLllhCh6GEN6OOzWoHfkh4ZBU2BfaVuLUzjASZa4GTZHG4qysUed9LypM81%2FZM2V04cdaMZj8EKUoEJuZzGLf6PJz8M%2B3jubieA2NqvB0PTRIS4RrwIH8%3D"}],"group":"cf-nel","max_age":604800}
location: https://marazma.com/zEel8G4
cache-control: max-age=3600
cf-ray: 7787c52cde3a1626-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 12 Dec 2022 17:17:26 GMT

GET
H2 200 blocked.html Show response
hqq.to/ Frame FC6E 2 KB
1 KB 16ms
16ms Document
text/html 190.115.19.71
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://hqq.to/blocked.html
Requested by: Host: hqq.to
URL: https://hqq.to/js/embed.205.js?736
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.71 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: eda7239b0768d5e229e465e42c5c7008bf6d6e206d3c647fcb08961614c813da

Request headers

Referer: https://hqq.to/e/czZVd2pnRmVOL1lYeFo0ZjJra21JUT09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 16:17:26 GMT
etag: W/"5eaa5f5a-92e"
last-modified: Thu, 30 Apr 2020 05:17:14 GMT
pragma: cache
server: ddos-guard
vary: Accept-Encoding
x-cache-status-inferno-s: HIT
x-inferno-location: static

GET
H2 200 blocked.png
www.greenlanemarketing.com/wp-content/uploads/2015/03/ Frame FC6E 383 KB
0 1492ms
209ms Image
image/png 104.196.247.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greenlanemarketing.com/wp-content/uploads/2015/03/blocked.png
Requested by: Host: hqq.to
URL: https://hqq.to/blocked.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.247.193 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.247.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hqq.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:17:28 GMT
last-modified: Thu, 12 Mar 2020 14:03:01 GMT
server: nginx
etag: "5e6a4115-7a655"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 501333

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hqq.to/	1970-01-20 17:43:41	Name: uid Value: z5zpRw7NlDTXFAKURAm2NijzUAAvkPvT
.testingmetriksbre.ru/	1970-01-20 16:53:17	Name: _ym_uid Value: 1670861846752493039
.testingmetriksbre.ru/	1970-01-20 16:53:17	Name: _ym_d Value: 1670861846
.testingmetriksbre.ru/	1970-01-20 08:08:53	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 616478451670861845
.yandex.ru/	1970-01-20 17:43:41	Name: i Value: ho/whm/mgNxTgX8jm7562SGf44Pb2eU+kP3lkobWUR3VVkUNabyIelkLYUTDD7yJW2rI66hU+fJfpBLU6ZsOU9RKlQc=
.yandex.ru/	1970-01-20 16:53:17	Name: yandexuid Value: 6719784481670861845
.yandex.ru/	1970-01-20 16:53:17	Name: yuidss Value: 6719784481670861845
.yandex.ru/	1970-01-20 16:53:17	Name: ymex Value: 1702397845.yc.1670861845#1702397845.yrts.1670861845#1702397845.yrtsi.1670861845

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://testingmetriksbre.ru/netu.php(Line 3) Message: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://testingmetriksbre.ru/netu.php(Line 3) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://hqq.to/cdn-cgi/trace Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alleviatepracticableaddicted.com
cdn-s7.cfeucdn.com
cdn.jsdelivr.net
commentsengine.com
fonts.googleapis.com
hqq.to
marazma.com
mc.yandex.ru
testingmetriksbre.ru
unpkg.com
www.greenlanemarketing.com
www.marazma.com
www1.portalultautv.net
104.196.247.193
173.233.137.52
190.115.19.71
213.186.120.177
2606:4700::6810:5914
2606:4700::6810:7baf
2606:4700:e0::ac40:671e
2606:4700:e0::ac40:6914
2a00:1450:4001:82f::200a
2a02:6b8::1:119
2a06:98c1:3120::3
2a06:98c1:3121::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e719396115659f0219d1849115a2938e8e71c1f800d90fdd4180360fe095182
1309ab2c26fadcda58d5a1205ebf14cbd322d704a536f427ad5897c25c74d96e
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615
2e04d502c82ff94bd0e7c766227d756764f072eb93b61d238adc9b146088cfd2
363d646c8570dc46ed800d3c9905bd20f909f157b99c1d09746472b8c52b977e
37d10cb81efe31c5074f858db94553824729240b059eb59aeb6b1aae06504390
3bdaebd04aa3598c0944c1ccd16d8170adc37b6ad730ea03a0c087fd2286469f
3d0e8d1a174091bb67bdfe67a1c11430541d1e8a7bccf3a29a2718cabab1e159
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
436991a5072169239835202c079a91adc0cb02baa5847553131ab6f7a7bf61b2
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
4d215fd4b576318ca66d89d625bd42fdc4f168cbc67c04286ec64b9d9e8754a6
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
4f250b5f9b37f44bcf05f259afb23e1239feaac97e3e7ab5cfff82ac724bc4cb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5d00006b1150199e850bbad8c56d2b3fe04621a0a4f0deeb45d34114c5a345dc
66fe355df05f776acfc96795f190101731f018185578206eeb810192780d6e04
6f828f6e46812f04a98b0e586ef9a0305147785d439ebde4ff85f33a3747ee62
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
91835c33e8a15371114f44fca5c633597b2b9990dcd8c74915cd07873d5ea699
927c4f180b37ab003945bd6227e4e9a94d17ab094cfedf98ba5f8613a004d017
934a0371bef9d695ac8754309874df3694311cb2d12d22cc74fee9a6b6df8d6a
9418fa386b30c9844c9b25831f0cf6b0349ade98edd18d756ff4cd3f48420966
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf
aefc2e399c24ee4637836d356908e0b5e23700ed1086291a4e12fb762177c92f
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e686a3100b58b800b8c836713473579e44e21b659cc005ed252c3dc7a0357dbd
e85ac0fb65d48351f5357a12f503f1aed17f66c3a9d619de36bf42eab168a3fc
eda7239b0768d5e229e465e42c5c7008bf6d6e206d3c647fcb08961614c813da
ede9d79d4bec547b9b86a8cefb0f5794ceeed78ae6bf59312fd93d98ba0a7242
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef850b290948938d1178c99dd961524ed8a93088edaf2097ae1d7c47692c8cac
fd0696ea5d7cd294b7921ddb1b74a7a89de7ff7eedf8cda7ada92ef045004e9f
fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

www1.portalultautv.net Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

67 %IPv6

12 Domains

13 Subdomains

13 IPs

5 Countries

584 kBTransfer

2171 kBSize

9 Cookies

3 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www1.portalultautv.net Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

67 %
IPv6

12
Domains

13
Subdomains

13
IPs

5
Countries

584 kB
Transfer

2171 kB
Size

9
Cookies

48 HTTP transactions
2 data transactions