oneclickplay.xyz
2606:4700:3037::ac43:bf3c Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://oneclickplay.xyz/en/tv/198102/hijack 2yr old
Submission Tags: falconsandbox
Submission: On January 20 via api (January 20th 2024, 5:26:26 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3037::ac43:bf3c, located in United States and belongs to CLOUDFLARENET, US. The main domain is oneclickplay.xyz. 2yr old
TLS certificate: Issued by E1 on December 12th 2023. Valid for: 3mo.

This is the only time oneclickplay.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3037::ac43:bf3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2400:52e0:1e0... 2400:52e0:1e00::723:1	200325 (BUNNYCDN) (BUNNYCDN)
4	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700:e2:... 2606:4700:e2::ac40:8d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	173.233.137.44 173.233.137.44	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:10:... 2606:4700:10::6814:5063	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.130 149.56.240.130	16276 (OVH) (OVH)
43	10

15 2606:4700:3037::ac43:bf3c (United States)

ASN13335 (CLOUDFLARENET, US)

oneclickplay.xyz 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

14 2400:52e0:1e00::723:1 (Germany)

ASN200325 (BUNNYCDN, SI)

image.tmdb.org 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

extracthorizontaldashing.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)

chalkedretrieval.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net

s4.histats.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
15	oneclickplay.xyz oneclickplay.xyz 2yr old	393 KB
14	tmdb.org image.tmdb.org — Cisco Umbrella Rank: 21776 9yr old	353 KB
4	extracthorizontaldashing.com extracthorizontaldashing.com 4yr old
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14576 10yr old s4.histats.com — Cisco Umbrella Rank: 14129 10yr old	5 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 75 56yr old	69 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971 10yr old	151 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324 13yr old	24 KB
1	chalkedretrieval.com chalkedretrieval.com — Cisco Umbrella Rank: 854189 3yr old
43	8

	Domain	Requested by
15	oneclickplay.xyz	oneclickplay.xyz
14	image.tmdb.org	oneclickplay.xyz
4	extracthorizontaldashing.com	oneclickplay.xyz
2	www.youtube.com	oneclickplay.xyz www.youtube.com
2	use.fontawesome.com	oneclickplay.xyz
2	cdn.jsdelivr.net	oneclickplay.xyz
1	s4.histats.com	s10.histats.com
1	s10.histats.com	oneclickplay.xyz
1	chalkedretrieval.com	oneclickplay.xyz
43	9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
oneclickplay.xyz E1	`2023-12-12` - `2024-03-11`	3mo	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	1yr	crt.sh
image.tmdb.org R3	`2024-01-13` - `2024-04-12`	3mo	crt.sh
*.extracthorizontaldashing.com R3	`2023-12-03` - `2024-03-02`	3mo	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	1yr	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3mo	crt.sh
chalkedretrieval.com R3	`2023-12-30` - `2024-03-29`	3mo	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3mo	crt.sh

This page contains 1 frames:

Primary Page: https://oneclickplay.xyz/en/tv/198102/hijack
Frame ID: 9F807DE579068B91F0D3B05D99D68597
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Watch Hijack full episode online in HD qualities

Detected technologies

Bootstrap (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

98 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

995 kB
Transfer

2566 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Oneclickplay/
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Oneclickplay
Title: twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hijack Show response
oneclickplay.xyz/en/tv/198102/ 128 KB
14 KB 763ms
698ms Document
text/html 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b29a24f61ebc10d421ee587911382e90acaca79f0e6d06502f71e302a059ce9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8484e70d4ba46df4-MUC
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 05:26:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppL0MhRKSuRlx1FM3Zrcs%2Fv%2BUwta6Py09HdFLpZD3HuFMKq3D%2F4O4Z0R2zj7WhLTKcIN29LWH33tkM9m7JL9yNrCn8pWPXRT7jjL7%2BkISEAw8x0Zv%2FeL7mITag4%2BdQlKuh2EgA9ewfLo1OPa6pKl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 dashicons.min.css
oneclickplay.xyz/dq-content/themes/movie/css/ 58 KB
35 KB 208ms
207ms Stylesheet
text/css 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/css/dashicons.min.css
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 128e27fe89ce384324a1b93577abd5f36833e6f8c29b0547370655dfae9646a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Nov 2021 18:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ogy8C7Xk8F9f8SvMARq9XAF%2B8TPHBK7hVZsrmOhkxVgMiWcszBYXyYW2zkUeP4XoCnNyWSSFrhmIlposZnuE0vJhKFtxaWFfc%2FgSCZconYh%2FK9xyYtS6r5S2xTn4rlrdc8ECT%2BtTqpZOV7SHeM28"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8484e711ad1a6df4-MUC
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
oneclickplay.xyz/dq-content/themes/movie/css/ 220 KB
49 KB 238ms
237ms Stylesheet
text/css 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/css/main.css
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e7d43640f328ef83036c50b81a589a7a0798ca5a837bba59afc2c78bf7f2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 18 Jul 2023 23:50:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wib2SniZM0Plg8n0CSxu%2BEbtxwcEC9U%2FIBBs3gVpTHFViwl0rmJHet5gAUvRUzkg%2BIfKoqpoY%2FqVrU69sOeuBJeg5IS0IW3O577pjCGHeH%2B2UQpkJZVzg%2BUS7RFNwviRhkqpC7UAWyfEsvwVZI0t"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8484e711ad1c6df4-MUC
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.js Show response
oneclickplay.xyz/dq-content/themes/movie/js/ 85 KB
31 KB 217ms
216ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/js/jquery.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d46fdca15c465532481ed20d77f210156927a39565a59142715be5cb2dd0ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Jul 2023 01:07:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8cSeN0zDls8IpdtDucvx9KgoKoZ%2BUcr9ZfOfOocHvtZMee5PWBOWdgUs3q%2BwZ1xObgBTQdCBZyhlKZ9eCVfpX3L91%2FDDvOm7nc8ERI3dsmw1i%2Fyzoco5C6%2BDsQG8ACa9RVW0Kuq57ZOdiKO22X3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8484e711ad1d6df4-MUC
alt-svc: h3=":443"; ma=86400

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 74ms
30ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneclickplay.xyz/
Origin: https://oneclickplay.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6836439
x-jsd-version: 1.16.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230077-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kuWtvPcOwSmZ0HpfnAYYyfPcHCQsSKIvYQK2FM8lH21Rkv62UEI%2Fin1kSQcIap5twDy4sN7HLArIlHqVUZ6f3HALTGASkJtnycST%2BBcuUxK7vcYgUv9pT35YS%2FvPJ5zQMAbyLTqqWXmAGEvR4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484e711ed0b6aea-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 62 KB
16 KB 73ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneclickplay.xyz/
Origin: https://oneclickplay.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4315886
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230139-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLwU8IGdwaq9x1SA7oCr8gzT5zR9oF5qtJL%2FEUd7iEPpSRleby1%2FC2BImnCkc0I1ztEV%2BTrWTHxC7o37pSNI84HqMaLSY7DQ0Ke7BXSPvhHrDJiZH1HtlDg9FJqs%2BXaBfxXpI1ZMQmi8%2FyuZsy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8484e711ed096aea-FRA

GET
H2 200 owl.js Show response
oneclickplay.xyz/dq-content/themes/movie/js/ 43 KB
12 KB 237ms
237ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/js/owl.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98539ea7f825a59b98d834734ad041ddd9c4a93cf53bb59a47cdf23049aa923d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 18 Jul 2023 22:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK1RsVd1R0T5FOkwb96QcLHBg1cIVxJPIgUap6%2FSlz40CSaSxqM%2FTglArcsBd6s7SiRu0J5J5JcRWzytJhNN3b7lvwyrDbQHSSO5A5kTJ%2Fr6IyX3%2Fkom60M29jHZpfiIFZulztHL0rIwG5edXpbJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8484e711ad1e6df4-MUC
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.js Show response
oneclickplay.xyz/dq-content/themes/movie/js/ 10 KB
3 KB 206ms
206ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/js/main.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6331111b1ba38ab6d3908e92679dd70919676c28db8cd4b5e1f58695634f57b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Jul 2023 01:31:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzDny23IZAgUKawDvVN49v3f38ZNHPMwrS6c9A6Ka86l0YYQUBfKeyeyk2bhjYF5bDGJ6VEMo4AFTOxapu67VhUm3mKDWKf28%2B0w9hfdlAqEx0m1nfzsyrFwfACzKqRHPEUgdiW8mQdCUR2iBRIV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8484e711ad1f6df4-MUC
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo1.png
oneclickplay.xyz/dq-content/themes/movie/img/ 2 KB
2 KB 37ms
37ms Image
image/png 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/img/logo1.png
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8451185eacf7b698c9a136aff165be2f379c3d49711c3232165b34866a0b544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:26 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 10:42:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2076
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibutg7RaxKS7gZQmX7NXdXdMKaJ5UcwkbWIGLwFmOH%2BKjOlNLUchIoRnH95XwE4kXLAZd%2FZyXlfIidk0pRKCcsx2dbSGaveF0GwYwWbQ%2BjsIXX%2Fs2S1GoAvx3GNbu6HWqo1TbgXSb7KRhimtHxVZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8484e711ad206df4-MUC
alt-svc: h3=":443"; ma=86400
content-length: 1717

GET
H2 200 video.js Show response
oneclickplay.xyz/dq-content/themes/movie/js/ 617 KB
171 KB 243ms
243ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/js/video.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19456f237b9ccd140fbdadfd70375d17cdc02f2709f866256e7654e742bb38bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 12 Jul 2023 16:44:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOJkY8Q450z9TiOCsU0cWGM4licVGk2H704YIEBtAKbyUwxgz3MYmcb7k6tFB6p%2FgQGn6s3YRNJyfKAIucsI5e52N1jH3w0vYPX2nJ9zICgJAS5x7KPe%2F0dnOYYZctp9HiAU6RmcQ9g7suJex94e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8484e711ad216df4-MUC
alt-svc: h3=":443"; ma=86400

GET
H2 200 comment.css
oneclickplay.xyz/dq-content/themes/movie/css/ 569 KB
48 KB 335ms
335ms Stylesheet
text/html 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/css/comment.css
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87275f814fd8fd01c4dbbaf783e13e429ae5bb703085aa5c8e85b4d8a7d3828b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvxW7CN%2BgaRq%2F5Zm3w1syYLy7OIZZ5oDzgckcpH4crJd6VokjWt90mkUZcdDPhGgnoFZsdCdclyFArJ2BE8wrQalo7E6CLtUaemlRIg7D%2FZLuAhUjVc7MFFVZS%2BXWk%2FBhaCw4TGmv5ws%2FUgHSZK1"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8484e711ed406df4-MUC
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 loading.gif
oneclickplay.xyz/dq-content/themes/movie/img/ 14 KB
14 KB 42ms
41ms Image
image/gif 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/img/loading.gif
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4492147e1e36bd65d7237c1961a3dc3505852b195bd9fd0ca042b3e7427bb65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
last-modified: Wed, 24 Nov 2021 10:38:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6m0STKlvE0PUx8TPLJnQ7eakYqriuXSyzU2OvcTgLSDeIcQOLTG9f5a4JDmPGMz%2FqPFgfiVycnnVNJP4CpnV9wJ5JABrodk9ZxqRZmLy7pTxCrerHqPONg5WS4SEv7HNMHV8Ffzy7A6VZ0zAHvRn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8484e7137f4b7746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13952

GET
H2 200 m5UcSE08y7olbcEibkRDkD1fRiv.jpg
image.tmdb.org/t/p/w1280/ 70 KB
71 KB 73ms
25ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w1280/m5UcSE08y7olbcEibkRDkD1fRiv.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 954f152f674f41c49e3abe944539bcc06dc475e053e68f0f0ec9da00386b742f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cdn-edgestorageid: 1054
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 01/16/2024 10:34:57
cdn-pullzone: 775336
content-length: 71654
last-modified: Sat, 04 Feb 2023 01:02:09 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 426
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "63ddae91-117e6"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: c2cfc37c697176eeceef3d0ed889dcf4
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 403
Forbidden invoke.js
extracthorizontaldashing.com/596d566442a64eebaf8a76f90cfa4988/ 0
0 520ms
127ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://extracthorizontaldashing.com/596d566442a64eebaf8a76f90cfa4988/invoke.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 05:26:27 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 warning.png
oneclickplay.xyz/dq-content/themes/movie/img/ 10 KB
10 KB 77ms
76ms Image
image/png 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/img/warning.png
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea62552723ec3b29815414938ed750f653a9252cde34f109e63f0a197e877adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Nov 2021 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huJBlgPMlRc8QmQRPVwOPX3USqkD663eWDNu3cMI9Mmobf6yba1fk6o6xttMwhR79w3nR1%2FxpDaaMZQtH8zoduS4JdwnpR%2BHd4M0jyDtwO74KBCunPzP5uckd4wz3o30GIg7sg7t0ob4c3mSyF9q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8484e7137f527746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9868

GET
H3 200 logo2.png
oneclickplay.xyz/dq-content/themes/movie/img/ 1 KB
2 KB 78ms
77ms Image
image/png 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/img/logo2.png
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4ea74343155ad3cff4d2c5ad5d997a52a80b644fdb7a9032fada2ac2d1cd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 10:42:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXWNGQ51%2FnuOuCA9Qn2Ctvbt8B%2BxSCrvkJ8%2BzDjwzlz%2BedAJU6GyaF1rHdu%2BlSRqx8OENKJqD15AXCE9xRSSFPsgpEssBbIFbEMA6lIyJJgYpcN0xYFgQpya5TDCdnM5wOr%2BcXhX08BOrhDl%2BUbd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8484e7137f557746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1507

GET
H3 200 btn_close.gif
oneclickplay.xyz/dq-content/themes/movie/img/ 362 B
816 B 78ms
78ms Image
image/gif 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/img/btn_close.gif
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 06:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8OeAtxonDMiy%2FH2Ez9BeZSj9aUdayoHwX%2BZFvvne%2BXmDbLGTh4Gik5hjALCBLXW3RQUo%2FSzDJMscPC%2BfztmrlTV6tIP7ngANCCO7TYndzHDlgTtCyQM66Wz6odpvEhBXkQoxTdYx%2FOp93aG4sdd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8484e7137f567746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 362

GET
H3 200 mainr.js Show response
oneclickplay.xyz/dq-content/themes/movie/js/ 657 B
820 B 76ms
76ms Script
application/javascript 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/js/mainr.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0f264a8fe9e6f640d6279bbd0b93e459f9fbe08ec2b79c487e0790f19f7fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/en/tv/198102/hijack
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 02:02:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJiXrahyVLEhviDtEN4h9OMT2jVF9cvuCcWUIbO1DUvgYRp9OC75BtLVhpT34dZijy1apl3YW4BpnZxVdN0AAWToxX1inhKF%2FE%2BlG6rVSfTTeYVX1JPLXf0rEwd4ZMDs6Pqc5o55g3iF1UWZ3AFp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8484e7137f507746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 80ms
29ms Font
font/woff2 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/dq-content/themes/movie/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://oneclickplay.xyz/
Origin: https://oneclickplay.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697227
alt-svc: h3=":443"; ma=86400
content-length: 79100
last-modified: Fri, 22 Sep 2023 01:45:45 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JFn9N1jts%2Fvtx%2FCQ01mbH4qmf35tTEK4WA3LH50JkxSCovXQzlc6HvMjeGa1XzCpYTk%2FK8zAOJzXrNCL6360QElNfk2LmM5SK6Ubvj0SBSUTx2JcuTjz9ORv3VSAK%2B6wcNtIDwth4PFqS22W%2FkynZcT"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8484e713b83235f1-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 95ms
41ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/dq-content/themes/movie/js/video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9ab167fb4bf6ab63b9f20538f2a3ed1d5668ee7eef1ad6f0cda7441d752b5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 20 Jan 2024 05:26:27 GMT

GET
BLOB 200
OK 54cabd24-d49a-4577-b212-8d9003d251f4
https://oneclickplay.xyz/ 31 B
0 Other
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://oneclickplay.xyz/54cabd24-d49a-4577-b212-8d9003d251f4
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/42a553e1/www-widgetapi.vflset/ 216 KB
67 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.youtube.com/s/player/42a553e1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 01:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68593
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 05:15:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 19 Jan 2025 01:36:46 GMT

GET
H/1.1 403
Forbidden invoke.js
extracthorizontaldashing.com/cab28f941899ebe1d563409f781bdc72/ 0
0 203ms
139ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://extracthorizontaldashing.com/cab28f941899ebe1d563409f781bdc72/invoke.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://oneclickplay.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 05:26:27 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 tv.png
oneclickplay.xyz/dq-content/themes/movie/img/ 1 KB
2 KB 40ms
40ms Image
image/png 2606:4700:3037::ac43:bf3c
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://oneclickplay.xyz/dq-content/themes/movie/img/tv.png
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/dq-content/themes/movie/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bf3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cee2ddc63397b9cbf2304271649114d5cdd1109876cde497df3cecb9c7db29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/dq-content/themes/movie/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 22:57:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2321
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzcH6tMJ8vQFGNOHrSVOMLRLy0%2B4pp1%2B1QGK%2FR2WSw6piGit9gzJw%2BYwOK%2FmCu5iEuOpmkTqaMHZnKEMweiE%2BkoDpVkdPjOjpS%2BoB5%2BoHDXHLqOkD%2B%2Fx60T8aP9gC3hPqM635jnrnHL4m3U7%2FcWi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8484e714a8227746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1161

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 29ms
28ms Font
font/woff2 2606:4700:e2::ac40:8d0d
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/dq-content/themes/movie/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer: https://oneclickplay.xyz/
Origin: https://oneclickplay.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 708535
alt-svc: h3=":443"; ma=86400
content-length: 74288
last-modified: Fri, 22 Sep 2023 01:45:45 GMT
server: cloudflare
etag: "eac60e8a656781e13d2a674b4d9051c0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJ9qLnp5EaC2ZCtl9iVlxpx3KnMCQOSnw7jEoxtwTe2n7%2BaYJZ2rHiKo%2B3UZCCm1%2B6jydkFpneqdJiMQF7J4OPoFIBq4UrcqdXuhBVOiRWqOqhhCQ6Np9mXgoj6gRMsCDQtI8EOCPkLyUfIvRZ5ypVHD"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8484e714993435f1-FRA

GET
H/1.1 403
Forbidden invoke.js
extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/ 0
0 163ms
131ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://oneclickplay.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 05:26:27 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/ 0
0 126ms
126ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://oneclickplay.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 05:26:27 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
chalkedretrieval.com/255b7decc126f355f1dc00755d0351a3/ 0
0 333ms
113ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Download Go to

Full URL: https://chalkedretrieval.com/255b7decc126f355f1dc00755d0351a3/invoke.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://oneclickplay.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 20 Jan 2024 05:26:28 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 82ms
33ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 66622
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8484e71a1c616940-FRA
content-length: 4547

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 szDEqqarPi3YqiPLevm7LObYrDJ.jpg
image.tmdb.org/t/p/w342/ 22 KB
23 KB 42ms
38ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w342/szDEqqarPi3YqiPLevm7LObYrDJ.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: c9f8b046a795172bbbad120e5d39a90333a99975ef1ebd8f43160755e549be8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 860
perma-cache: HIT
cdn-storageserver: NY-266
cdn-cachedat: 05/25/2023 14:40:35
cdn-pullzone: 775336
content-length: 23004
last-modified: Thu, 25 May 2023 13:31:45 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 629
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "646f6341-59dc"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 693102b1e2a389f8a001196f091bcc5f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 m5UcSE08y7olbcEibkRDkD1fRiv.jpg
image.tmdb.org/t/p/w1280/ 70 KB
71 KB 45ms
42ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w1280/m5UcSE08y7olbcEibkRDkD1fRiv.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 954f152f674f41c49e3abe944539bcc06dc475e053e68f0f0ec9da00386b742f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1054
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 01/16/2024 10:34:57
cdn-pullzone: 775336
content-length: 71654
last-modified: Sat, 04 Feb 2023 01:02:09 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 426
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "63ddae91-117e6"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 916edeed5260268f62b7eadec54c5613
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 eJFtaSm9OybTyVx7KszpBd5DjDB.jpg
image.tmdb.org/t/p/w185/ 3 KB
3 KB 60ms
58ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/eJFtaSm9OybTyVx7KszpBd5DjDB.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 65079e8e9f4a1e0328d2c12bd762202f8310f505a9ae0940ef7410e1656a0e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1076
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 06/28/2023 07:56:48
cdn-pullzone: 775336
content-length: 2635
last-modified: Wed, 28 Jun 2023 03:31:34 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 353
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "649ba996-a4b"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: bd5f5fb06e348e2e0b8919d6f26b0cb6
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gfksbdZXI5lJch4uKOX6YVaQiCs.jpg
image.tmdb.org/t/p/w185/ 4 KB
5 KB 61ms
58ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/gfksbdZXI5lJch4uKOX6YVaQiCs.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 233799794208ffabc448bc3019d02d71a80d6b07347ce16623d48dc3b6b4305b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 860
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 08/08/2023 14:33:17
cdn-pullzone: 775336
content-length: 4560
last-modified: Wed, 28 Jun 2023 02:22:00 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 353
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "649b9948-11d0"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: b24c72115db072606588282c14e36d2f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nfvs5t9ZhNdqGzM9xy1x690qQCu.jpg
image.tmdb.org/t/p/w185/ 4 KB
4 KB 61ms
59ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/nfvs5t9ZhNdqGzM9xy1x690qQCu.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 7480d86bbada802dec6dca44da1ef1c31ca53c10f65c040f930495725822026d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 864
perma-cache: HIT
cdn-storageserver: NY-268
cdn-cachedat: 08/02/2023 06:25:10
cdn-pullzone: 775336
content-length: 3619
last-modified: Wed, 28 Jun 2023 03:31:36 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 563
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "649ba998-e23"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: d20b800219738a535171f0de2b3e728b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lBYdBUUE02droTsU9m7sPrAMNZ.jpg
image.tmdb.org/t/p/w185/ 5 KB
5 KB 60ms
59ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/lBYdBUUE02droTsU9m7sPrAMNZ.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 80a1097424bbc30c1fa2ff2acbf109ebc2ddfbefcdb38637dda23842cfe1a431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1055
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 07/07/2023 01:37:15
cdn-pullzone: 775336
content-length: 4825
last-modified: Tue, 04 Jul 2023 01:13:28 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 267
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "64a37238-12d9"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 49ff6415949c7c0da57f6af298117e67
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 oj1owiW7T9aFvcbkLwFjI4XMTsI.jpg
image.tmdb.org/t/p/w185/ 3 KB
3 KB 60ms
59ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/oj1owiW7T9aFvcbkLwFjI4XMTsI.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 36f69a24edfd7698964e3bf438ff523b7e2ca84bf91fb99153848dea12065c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1079
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 07/12/2023 04:38:03
cdn-pullzone: 775336
content-length: 2688
last-modified: Wed, 12 Jul 2023 01:24:08 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 266
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "64ae00b8-a80"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: f9e204f1668a8b499fd0ee77309c842c
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 zfoX4Mt6BUeWlq7wb8N9fM9Tcdo.jpg
image.tmdb.org/t/p/w185/ 4 KB
4 KB 61ms
60ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/zfoX4Mt6BUeWlq7wb8N9fM9Tcdo.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 6014751ede2257b0d754636bed999d76cd23a200d27b69e5cbcffd75ae45eb0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 874
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 09/07/2023 22:02:32
cdn-pullzone: 775336
content-length: 4106
last-modified: Wed, 19 Jul 2023 01:04:43 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 628
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64b736ab-100a"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 753e876b80e3f9a15b218e3aa6949800
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 f45gWvRxuIwBQOdG6uJxNzDPb9d.jpg
image.tmdb.org/t/p/w185/ 3 KB
4 KB 60ms
59ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w185/f45gWvRxuIwBQOdG6uJxNzDPb9d.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 70a31fea33150cbcbfd8b8fdfb21e40c3034be27303b504f121e77b3ab5ce2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1048
perma-cache: HIT
cdn-storageserver: NY-266
cdn-cachedat: 07/26/2023 01:47:22
cdn-pullzone: 775336
content-length: 3263
last-modified: Wed, 26 Jul 2023 01:29:36 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 674
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64c07700-cbf"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: f16fc40a96ea67ade09a68b521bb9364
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 A7EByudX0eOzlkQ2FIbogzyazm2.jpg
image.tmdb.org/t/p/w342/ 35 KB
35 KB 60ms
59ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w342/A7EByudX0eOzlkQ2FIbogzyazm2.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 67d75f441fb16f26504bc94b2fa407c144fdb3889f1b5915a6589751b226a27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1047
perma-cache: HIT
cdn-storageserver: NY-430
cdn-cachedat: 11/22/2023 10:08:27
cdn-pullzone: 775336
content-length: 35335
last-modified: Wed, 04 Oct 2023 16:30:57 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 695
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "651d9341-8a07"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 6fb23b7a890ea3fdfb8530bd1457273a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 qhb1qOilapbapxWQn9jtRCMwXJF.jpg
image.tmdb.org/t/p/w342/ 44 KB
44 KB 61ms
60ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w342/qhb1qOilapbapxWQn9jtRCMwXJF.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 64d00b97880cbe7d8081835ef5dac36d24bd1ecadeed5fc3257b5066b21295ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1055
perma-cache: HIT
cdn-storageserver: NY-427
cdn-cachedat: 11/24/2023 13:39:02
cdn-pullzone: 775336
content-length: 44988
last-modified: Fri, 24 Nov 2023 13:37:29 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 718
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6560a719-afbc"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: fb21ca58a22dca728a3cb23b8f57f979
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jDQPkgzerGophKRRn7MKm071vCU.jpg
image.tmdb.org/t/p/w342/ 29 KB
30 KB 61ms
60ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w342/jDQPkgzerGophKRRn7MKm071vCU.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 607f97e59526b5ad864bc76b8a340d8441bf549433bca3765505c6a14ca44a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 1048
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 11/06/2023 16:08:51
cdn-pullzone: 775336
content-length: 29827
last-modified: Mon, 06 Nov 2023 16:05:26 GMT
server: BunnyCDN-DE1-723
cdn-fileserver: 693
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65490ec6-7483"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 75fcb827bc2027c0ab88b45b9b40c5c7
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bWhNxtPlMsGBbM4ybg9C6nWnxBV.jpg
image.tmdb.org/t/p/w342/ 52 KB
52 KB 61ms
60ms Image
image/jpeg 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Download Go to Show image

Full URL: https://image.tmdb.org/t/p/w342/bWhNxtPlMsGBbM4ybg9C6nWnxBV.jpg
Requested by: Host: oneclickplay.xyz
URL: https://oneclickplay.xyz/en/tv/198102/hijack
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 23fca2b4c5a16c8fb2b704028c627a93962104f2911ff9a8c5898933b2315462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:26:28 GMT
cdn-edgestorageid: 865
perma-cache: MISS
cache-tag: bWhNxtPlMsGBbM4ybg9C6nWnxBV
cdn-cachedat: 01/17/2024 22:55:44
cdn-pullzone: 775336
imagery: degrade=85, sample=2x2, difference=1.031
alt-svc: h3=":443"
content-length: 52788
last-modified: Wed, 17 Jan 2024 21:23:49 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: c844320546ec3c739cc852bc5789e1b3
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control: public, max-age=31919000
cdn-requestid: 396f53c747e74f75fb55ab0eb10a2584
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 343ms
111ms Script
text/html 149.56.240.130
OVH

General

Check archive.org

Download Go to

Full URL: https://s4.histats.com/stats/0.php?4830686&@f16&@g1&@h1&@i1&@j1705728388203&@k0&@l1&@mWatch%20Hijack%20full%20episode%20online%20in%20HD%20qualities&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-96228403&@b3:1705728388&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Foneclickplay.xyz%2Fen%2Ftv%2F198102%2Fhijack&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534298.ip-149-56-240.net
Software: /
Resource Hash: ba403050400d417145d803b4a585cfc58dd2ab6b021ffc943aa7d568a58b7aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneclickplay.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 20 Jan 2024 05:26:37 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

41 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oneclickplay.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9f7d2d4217f557229b271654aa623ffa
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XLGfJLwfbuk
.youtube.com/	1970-01-20 22:08:00	Name: VISITOR_INFO1_LIVE Value: 8vL334tkuBo
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstCfa4830686 Value: 1705728388203
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstCla4830686 Value: 1705728388203
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstCmu4830686 Value: 1705728388203
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstPn4830686 Value: 1
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstPt4830686 Value: 1
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstCnv4830686 Value: 1
oneclickplay.xyz/	1970-01-21 02:34:24	Name: HstCns4830686 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 279) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://extracthorizontaldashing.com/cab28f941899ebe1d563409f781bdc72/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 279) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://extracthorizontaldashing.com/cab28f941899ebe1d563409f781bdc72/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://extracthorizontaldashing.com/cab28f941899ebe1d563409f781bdc72/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 775) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 775) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://extracthorizontaldashing.com/596d566442a64eebaf8a76f90cfa4988/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 951) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 951) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://extracthorizontaldashing.com/e63e4060df2e447ccb3e0b373b32f4e3/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 1024) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://chalkedretrieval.com/255b7decc126f355f1dc00755d0351a3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://oneclickplay.xyz/en/tv/198102/hijack(Line 1024) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://chalkedretrieval.com/255b7decc126f355f1dc00755d0351a3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://chalkedretrieval.com/255b7decc126f355f1dc00755d0351a3/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
chalkedretrieval.com
extracthorizontaldashing.com
image.tmdb.org
oneclickplay.xyz
s10.histats.com
s4.histats.com
use.fontawesome.com
www.youtube.com
149.56.240.130
173.233.137.44
192.243.59.13
2400:52e0:1e00::723:1
2606:4700:10::6814:5063
2606:4700:3037::ac43:bf3c
2606:4700::6810:5814
2606:4700:e2::ac40:8d0d
2a00:1450:4001:82b::200e
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
128e27fe89ce384324a1b93577abd5f36833e6f8c29b0547370655dfae9646a0
19456f237b9ccd140fbdadfd70375d17cdc02f2709f866256e7654e742bb38bb
1b29a24f61ebc10d421ee587911382e90acaca79f0e6d06502f71e302a059ce9
233799794208ffabc448bc3019d02d71a80d6b07347ce16623d48dc3b6b4305b
23fca2b4c5a16c8fb2b704028c627a93962104f2911ff9a8c5898933b2315462
2b4ea74343155ad3cff4d2c5ad5d997a52a80b644fdb7a9032fada2ac2d1cd86
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
36f69a24edfd7698964e3bf438ff523b7e2ca84bf91fb99153848dea12065c89
38e7d43640f328ef83036c50b81a589a7a0798ca5a837bba59afc2c78bf7f2fd
6014751ede2257b0d754636bed999d76cd23a200d27b69e5cbcffd75ae45eb0d
607f97e59526b5ad864bc76b8a340d8441bf549433bca3765505c6a14ca44a64
64d00b97880cbe7d8081835ef5dac36d24bd1ecadeed5fc3257b5066b21295ea
65079e8e9f4a1e0328d2c12bd762202f8310f505a9ae0940ef7410e1656a0e79
67d75f441fb16f26504bc94b2fa407c144fdb3889f1b5915a6589751b226a27d
70a31fea33150cbcbfd8b8fdfb21e40c3034be27303b504f121e77b3ab5ce2ec
7480d86bbada802dec6dca44da1ef1c31ca53c10f65c040f930495725822026d
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a0f264a8fe9e6f640d6279bbd0b93e459f9fbe08ec2b79c487e0790f19f7fe3
80a1097424bbc30c1fa2ff2acbf109ebc2ddfbefcdb38637dda23842cfe1a431
87275f814fd8fd01c4dbbaf783e13e429ae5bb703085aa5c8e85b4d8a7d3828b
8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016
8d46fdca15c465532481ed20d77f210156927a39565a59142715be5cb2dd0ec9
954f152f674f41c49e3abe944539bcc06dc475e053e68f0f0ec9da00386b742f
98539ea7f825a59b98d834734ad041ddd9c4a93cf53bb59a47cdf23049aa923d
98cee2ddc63397b9cbf2304271649114d5cdd1109876cde497df3cecb9c7db29
b9ab167fb4bf6ab63b9f20538f2a3ed1d5668ee7eef1ad6f0cda7441d752b5d6
ba403050400d417145d803b4a585cfc58dd2ab6b021ffc943aa7d568a58b7aa6
c4492147e1e36bd65d7237c1961a3dc3505852b195bd9fd0ca042b3e7427bb65
c8451185eacf7b698c9a136aff165be2f379c3d49711c3232165b34866a0b544
c9f8b046a795172bbbad120e5d39a90333a99975ef1ebd8f43160755e549be8f
d6331111b1ba38ab6d3908e92679dd70919676c28db8cd4b5e1f58695634f57b
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
ea62552723ec3b29815414938ed750f653a9252cde34f109e63f0a197e877adb
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

oneclickplay.xyz 2606:4700:3037::ac43:bf3c Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

67 %IPv6

8 Domains

9 Subdomains

10 IPs

3 Countries

995 kBTransfer

2566 kBSize

10 Cookies

2 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

oneclickplay.xyz
2606:4700:3037::ac43:bf3c Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

995 kB
Transfer

2566 kB
Size

10
Cookies

43 HTTP transactions
1 data transactions