series-de.online Open in urlscan Pro
172.67.143.215  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response series-de.online/	645 B 1 KB	380ms 344ms	Document text/html	172.67.143.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://series-de.online/?trembed=2&trid=24476&trtype=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.143.215 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.24 Resource Hash 2b303914b32b30d611d5084f89192bfe79dbbd39d238c99db461912b19a3e902 Request headers :method GET :authority series-de.online :scheme https :path /?trembed=2&trid=24476&trtype=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.24 link <https://series-de.online/wp-json/>; rel="https://api.w.org/" x-litespeed-cache miss vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-turbo-charged-by LiteSpeed cache-control max-age=1800 cf-cache-status MISS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F5nOejMuop7KcjUgwAj6hWRk3z%2B0rdD%2F6RK3uD0HKA4Ir4dn49NJXoXtd58MoHHmuQRs%2F6%2FzyMg1udr1NNN2msKWVrZeU1nEwwgCFh8TheSCKMN1NNrY%2FKonMwsuDYwKoyP"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a02adefaf956934-FRA content-encoding br
GET H2	200	TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Show response hqq.to/e/ Frame FB16	99 KB 27 KB	100ms 58ms	Document text/html	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Requested by Host: series-de.online URL: https://series-de.online/?trembed=2&trid=24476&trtype=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c76c865d6d68f05c6f093f57ad1c339702efd3c942886190bdd29348fc74ea66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers :method GET :authority hqq.to :scheme https :path /e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://series-de.online/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://series-de.online/ Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-type text/html; charset=utf-8 vary Accept-Encoding x-robots-tag noindex referrer-policy unsafe-url x-new 1 x-content-type-options nosniff x-xss-protection 1; mode=block; p3p policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR" link <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.netu.tv>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin cache-control public, stale-if-error=30, max-age=30 x-inferno-loc 1 x-cache-status-inferno-pl EXPIRED cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S04Tjkz2aE2N7HPzUMzc%2FFCGQcXan%2Bqw7TtjK%2FqGv85mzAJrATnkIMptT%2FGDjJihSLzWxJou%2F1WJzSrdWN%2FOol1elZnF090iTiumSYYZZRBSkevOG6ChUlQ%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a02adf2cd9627c0-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	invisible.js Show response hqq.to/cdn-cgi/challenge-platform/h/b/scripts/ Frame FB16	46 KB 16 KB	81ms 78ms	Script text/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8175ebe3e83e6f881a2a1de40e4c92b9fa0c44fe05cd37d45a8b93892d500395 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrusPpZ2g46jfkfZQMUrlBAVmW%2B29DkwifGzjEhvwlhFZ8ej1%2FYSdLS0cLZhSqOZLi2cHG7moY%2FHrmV6jLKakJh2uMwn3We3WNStudPHQjknrdmBwHBYMBI%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public x-control-type-options nosniff cf-ray 6a02adf35eee27c0-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	embed_player.3.css hqq.to/styles/global/ Frame FB16	6 KB 2 KB	22ms 19ms	Stylesheet text/css	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/styles/global/embed_player.3.css?130 Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15413731 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 accessing-static 1 pragma cache last-modified Wed, 09 Dec 2020 22:16:37 GMT server cloudflare etag W/"5fd14cc5-1701" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FiXdeaPLptWFsygEpWmZhfzLsM85AQW384S3kysdGAA1yL43vVcB0mf8O6mpYfEWQlHi65NOjWMa0m%2BJw1jSZq0uHvqFZCAlwZp72WygPA%2B5gCITjQTmVU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 cf-ray 6a02adf35ef327c0-PRG x-cache-status-inferno-l HIT
GET H2	200	modernizr.js Show response hqq.to/js/video.jquery_plugs/ Frame FB16	1 KB 901 B	29ms 26ms	Script application/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/js/video.jquery_plugs/modernizr.js?12 Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15413733 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 accessing-static 1 pragma cache last-modified Sun, 03 Jun 2018 17:19:35 GMT server cloudflare etag W/"5b142327-4cb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68rMamgYFnCI%2BtLY8vvs%2F0KVso3POxNPgr%2BYffDX%2BQQiNgT%2FSTmXuwPqPlAKecKj%2BXlld8Wk7W6NR8OqRHQ1G6n1e5%2BGfN4oAw24tzviY0d4cq0qJhWaqZk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 cf-ray 6a02adf35ef527c0-PRG x-cache-status-inferno-l HIT
GET H2	200	progressbar.min.js Show response unpkg.com/progressbar.js@1.1.0/dist/ Frame FB16	29 KB 9 KB	64ms 24ms	Script application/javascript	104.16.126.175 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.126.175 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 15413732 fly-request-id 01F3YKE09V363BW1R0BN0EHBST content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6a02adf399744125-PRG
GET H2	200	jquery.min.js Show response unpkg.com/jquery@2.2.4/dist/ Frame FB16	84 KB 30 KB	73ms 33ms	Script application/javascript	104.16.126.175 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/jquery@2.2.4/dist/jquery.min.js Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.126.175 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 15413731 fly-request-id 01F3YKE095NE7WX2TAXNPADF6S content-encoding br vary Accept-Encoding last-modified Fri, 20 May 2016 17:24:42 GMT server cloudflare etag W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6a02adf399764125-PRG
GET H2	200	jquery.cookie.js Show response unpkg.com/jquery.cookie@1.4.1/ Frame FB16	3 KB 1 KB	69ms 29ms	Script application/javascript	104.16.126.175 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.126.175 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 15413732 fly-request-id 01F3YKE1GZRJ0VZ9H8P69899Y0 content-encoding br vary Accept-Encoding last-modified Sun, 27 Apr 2014 20:04:54 GMT server cloudflare etag W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6a02adf399784125-PRG
GET H2	200	d_check.js Show response hqq.to/js/ Frame FB16	3 KB 1 KB	26ms 24ms	Script application/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/js/d_check.js?34 Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15413733 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 accessing-static 1 pragma cache last-modified Thu, 27 Feb 2020 14:57:53 GMT server cloudflare etag W/"5e57d8f1-d8a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gljlJ6hbQeMk77Nl6Y7BRJkwMmZyrigQKaHC3kn9zKxfsDeNkPcmfO3fWZVBoX7%2FYQibk%2FTQUmRvyKVwKeLmRB77GoSeklWgNSETnIjW17Fz5pkfBiwgJ3M%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 cf-ray 6a02adf35ef627c0-PRG x-cache-status-inferno-l HIT
GET H2	200	embed.185.js Show response hqq.to/js/ Frame FB16	111 KB 32 KB	28ms 27ms	Script application/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/js/embed.185.js?716 Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa12c496ae18565c4c5ab653cf384df50dd241a6f59966f8a6d15729fd0752e4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2542890 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 accessing-static 1 pragma cache last-modified Sun, 19 Sep 2021 04:46:06 GMT server cloudflare etag W/"6146c08e-1bd15" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXpUJBVPGcd8EW%2BAxH4VJBO0UxqH39JQE%2FJp0W1C9Ot%2FQJwuctCDPA6Fc1MJDUU9fPEdu5x%2FnP3D%2B%2BPIgFS9OweQwBypllrjDFeTEZJxxqBpngmx4JF8%2Bf4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 cf-ray 6a02adf35ef727c0-PRG x-cache-status-inferno-l HIT
GET H2	200	popunder.js Show response hqq.to/ad/api/ Frame FB16	21 B 374 B	26ms 25ms	Script application/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/ad/api/popunder.js Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2854741 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 21 accessing-static 1 pragma cache last-modified Wed, 15 Sep 2021 14:06:22 GMT server cloudflare etag "6141fdde-15" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FfeVdMZvTSvsg8WOi%2FfA1ue3F4%2BOiC1vakUuY7VR7%2BSle67Alts0EJrACUX8a4t3XPFI2S%2FN8MU1v6eNeHH%2BG5NmsyflKhM6DQ4rqXlBWS21dQivMC0zeQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 accept-ranges bytes cf-ray 6a02adf35ef927c0-PRG x-cache-status-inferno-l HIT
GET H2	200	fuckadblock.js Show response hqq.to/js/adv/ Frame FB16	14 KB 4 KB	26ms 25ms	Script application/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/js/adv/fuckadblock.js?2 Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:07:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15413733 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 accessing-static 1 pragma cache last-modified Tue, 27 Aug 2019 17:39:04 GMT server cloudflare etag W/"5d656ab8-369e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfDxjLlz68UjnknobGaENdwitqIqBFqOVDnSFuq9z2cwOeXidJKXwqQczHVZUz6N1ShanV%2FY2HW5%2BkosGfhdpi%2FjvE%2FY5SZC8kMthaZOyU3zQ%2B8hIucctp8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 cf-ray 6a02adf35efa27c0-PRG x-cache-status-inferno-l HIT
GET H/1.1	206 Partial Content	video_short.mp4 h4ahsm.cfeucdn.com/ Frame FB16	3 KB 4 KB	106ms 61ms	Media video/mp4	84.16.243.193 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://h4ahsm.cfeucdn.com/video_short.mp4 Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 84.16.243.193 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software YouTube Frontend Proxy / Resource Hash 7e3c990c8c3e6ad1a07710e7032c1ff22975d6322937e80b0446a07de1b227cb Request headers Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Range bytes=0- Response headers Date Mon, 18 Oct 2021 15:07:59 GMT Last-Modified Sat, 03 Apr 2021 21:17:34 GMT server YouTube Frontend Proxy Access-Control-Allow-Origin * ETag "6068db6e-c06" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type video/mp4 Content-Range bytes 0-3077/3078 Access-Control-Expose-Headers Content-Range,Content-Length,ETag Cache-Control max-age=2592000 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,Range Content-Length 3078 Expires Wed, 17 Nov 2021 15:07:59 GMT
GET H3	200	script-2.12.5.js Show response hqq.to/js/ Frame FB16	19 KB 5 KB	33ms 32ms	Script application/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/js/script-2.12.5.js Requested by Host: hqq.to URL: https://hqq.to/js/embed.185.js?716 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:00 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 15413732 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 accessing-static 1 pragma cache last-modified Tue, 01 Dec 2020 19:28:37 GMT server cloudflare etag W/"5fc69965-4cb8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsJ%2FA26wZlvVkIpOAWoH8F2EAP87qafSMa65C%2BQTFyFaxbS0IRS2GpevtosZX2HRcWGNU6dUgYyoG1PVwgoersSvR%2FRtxSBuFPN7mG5CkQKO7qiStrkpUEY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 cf-ray 6a02adf4786d2780-PRG x-cache-status-inferno-l HIT
GET H3	200	trace Show response hqq.to/cdn-cgi/ Frame FB16	268 B 387 B	21ms 21ms	XHR text/plain	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/cdn-cgi/trace Requested by Host: unpkg.com URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60ae4cf3be02502a32b260e03dc08c28f308e70bf35afc3452f44f4c83aa9aa8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:00 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY content-type text/plain access-control-allow-origin * cache-control no-cache cf-ray 6a02adf4786f2780-PRG expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	8243e44dc8ddb2938bb8c1d3a6930ba5.js Show response noisysortcasualty.com/82/43/e4/ Frame FB16	31 KB 11 KB	305ms 101ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://noisysortcasualty.com/82/43/e4/8243e44dc8ddb2938bb8c1d3a6930ba5.js Requested by Host: hqq.to URL: https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash 32d4e56e18ff45ec94d8a3cc2e3dc9eb6db9568cfe8f3c5ca2392396cb522e2b Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:00 GMT content-encoding gzip server nginx/1.17.9 strict-transport-security max-age=0; includeSubdomains p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * cache-control no-cache content-type application/javascript x-request-id 862db3c0abbf0846450b8ea15312586f expires Thu, 01 Jan 1970 00:00:01 GMT
POST H3	200	get_player_image.php Show response hqq.to/player/ Frame FB16	54 KB 16 KB	94ms 94ms	XHR application/json	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/player/get_player_image.php Requested by Host: unpkg.com URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dba16f5122bb73b8e83715b9600d7383ca37bed1515c2a824974437728ab303a Request headers Accept */* Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers x-img-cr j date Mon, 18 Oct 2021 15:08:00 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a02adf4c8d22780-PRG x-clickarr-add-e 1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4kPUeGSKPMGDr4GJHLJsEGSqJcvaBfx9d8V4uAlp%2BkAnBJqwxvWcnmSWtXjJuUg4p2aiY2ei3Ffi%2FhLCuZaxdmMb1zV7mcO9T%2FajrXzEHaIAxxSI6gYU0Q%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control no-store, no-cache, must-revalidate, max-age=0 x-inferno-loc 1 x-robots-tag noindex x-file-located temp, filename:../files/temp/video_images/3/6/1607604995ygm63-1.jpg
GET DATA	200 OK	truncated / Frame FB16	40 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9ed3d24027f4081f9134d636ba6d273a64208b6da9f425b076b2ececdf833e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	stats Show response venetrigni.com/ Frame FB16	40 B 282 B	42ms 13ms	XHR text/html	18.194.64.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://venetrigni.com/stats Requested by Host: noisysortcasualty.com URL: https://noisysortcasualty.com/82/43/e4/8243e44dc8ddb2938bb8c1d3a6930ba5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.64.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-64-181.eu-central-1.compute.amazonaws.com Software fasthttp / Resource Hash 40411937459322065add5324e4944df0aecf2420ff3341f55219051ad6b13e25 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin https://hqq.to date Mon, 18 Oct 2021 15:08:00 GMT access-control-allow-credentials true server fasthttp content-length 40 content-type text/html; charset=UTF-8
GET H3	200	_adview_.ad.json Show response hqq.to/ad/banner/_adsense_/_adserver/ Frame FB16	2 B 648 B	50ms 50ms	XHR application/json	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=53446070 Requested by Host: hqq.to URL: https://hqq.to/js/adv/fuckadblock.js?2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:00 GMT x-cache-status-inferno-s MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2 accessing-static 1 pragma cache last-modified Wed, 28 Aug 2019 03:13:33 GMT server cloudflare etag "5d65f15d-2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weD%2BPZnCwM773hXF0VzYom%2BANUohZUtgxfDCAIUH%2BabxQLMCYZ2tf%2FgQbgCB%2B%2FJGjGsJMHyPOVZ5vJAOYInxpnof4dNziKu%2B51OdshNgGTAbjHuH%2BEM%2B4%2FQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 accept-ranges bytes cf-ray 6a02adf72c432780-PRG
GET H3	200	_adview_.ad.json Show response hqq.to/ad/banner/_adsense_/_adserver/ Frame FB16	2 B 640 B	52ms 51ms	XHR application/json	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=40317563 Requested by Host: hqq.to URL: https://hqq.to/js/adv/fuckadblock.js?2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:00 GMT x-cache-status-inferno-s MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2 accessing-static 1 pragma cache last-modified Wed, 28 Aug 2019 03:13:33 GMT server cloudflare etag "5d65f15d-2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lmLy2UQY56RJcKUK4x%2BJg921TGFu7VuGwlGKYbAXh%2BoXH01M7fIOQyK%2B4ccP9yBfoALyRsgZdotoRC%2FXPCCQsJQRLoW%2Bi75oKogHXeTsA8gaqX4COaIjTw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 accept-ranges bytes cf-ray 6a02adf77caa2780-PRG
GET H/1.1	200 OK	1607604995ygm63-640x480-1.jpg cdn-s4.cfeucdn.com/flv/api/files/thumbs_new/2020/12/10/1607604995ygm63/ Frame FB16	44 KB 44 KB	233ms 98ms	Image image/jpeg	213.186.120.163 UKRTELNET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-s4.cfeucdn.com/flv/api/files/thumbs_new/2020/12/10/1607604995ygm63/1607604995ygm63-640x480-1.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.186.120.163 , Ukraine, ASN6849 (UKRTELNET, UA), Reverse DNS as8263.seedbox.org.ua Software cloudflare / Resource Hash 0351b8e4626925e89bf9053235584a77c2e9b6a36d3ca70081bc067c70112bf2 Request headers Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Origin https://hqq.to Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 15:08:00 GMT Last-Modified Thu, 10 Dec 2020 13:06:06 GMT server cloudflare ETag "5fd21d3e-ae9d" Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin https://hqq.to Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control max-age=3122064000 Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Range,X-Kl-Ajax-Request,Sec-Ch-Ua-Mobile,Sec-Ch-Ua,Accept-Language,Save-Data,X-Forwarded-Proto,Dnt,X-Forwarded-For,Accept-Encoding Content-Length 44701 Expires Tue, 24 Sep 2120 15:08:00 GMT
GET		sbar.json jeopardyloo.com/ Frame FB16	0 0
GET H3	200	blocked.html Show response hqq.to/ Frame FB16	3 KB 2 KB	56ms 55ms	Document text/html	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/blocked.html Requested by Host: hqq.to URL: https://hqq.to/js/embed.185.js?716 Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a57c105fc7fb6b8c4775b7003c66a2aeff542bbc4666fb66c071ea239b585de2 Request headers :method GET :authority hqq.to :scheme https :path /blocked.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 accept-encoding gzip, deflate, br cookie uid=HkpWaTJwVnLI7fi*ngG9_wV9HomqGVDi; dom3ic8zudi28v8lr6fgphwffqoz0j6c=a1d3a019-32ff-4c30-9ccc-2c21a84053bb%3A3%3A1; sb_main_8243e44dc8ddb2938bb8c1d3a6930ba5=1; sb_count_8243e44dc8ddb2938bb8c1d3a6930ba5=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/e/TTRaNG16YW91RkhQRnIveXhvNjMrZz09 Response headers date Mon, 18 Oct 2021 15:08:01 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding last-modified Thu, 30 Apr 2020 05:17:14 GMT access-control-allow-origin * accessing-static 1 cache-control public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30 pragma cache x-cache-status-inferno-s HIT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbDi6XhiS5m8ioN56tkZ5y9VWVtElwAEKRUw5ziCERUeHXBlSmQ3%2FCc56ljAL3r8ROOHC2jpIxulQ%2FSHdWRtw5O445bOHLdVqlPs%2FUag74ihefl0MTFiW4c%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a02adfd3db12780-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	invisible.js Show response hqq.to/cdn-cgi/challenge-platform/h/b/scripts/ Frame FB16	45 KB 16 KB	33ms 32ms	Script text/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Requested by Host: hqq.to URL: https://hqq.to/blocked.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7043e369c24d23763d8633e41071685ee96fc3fc92bc51e1e5572d3479261984 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/blocked.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:01 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWQpZPcVKjFb8%2B%2FRqgomyj5Urq9FrWrin4o%2BJqL4fkUjKmCgI2sVhmO1hvhVbyNC%2BKnkbVvF1ecne1uNyVrTv9Ox9aCQ4uN5wIXAMZv29rDuxxUNPJg8T8Y%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public x-control-type-options nosniff cf-ray 6a02adfdce822780-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	blocked.png www.greenlanemarketing.com/wp-content/uploads/2015/03/ Frame FB16	490 KB 490 KB	675ms 207ms	Image image/png	104.196.247.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.greenlanemarketing.com/wp-content/uploads/2015/03/blocked.png Requested by Host: hqq.to URL: https://hqq.to/blocked.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.247.193 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 193.247.196.104.bc.googleusercontent.com Software nginx / Resource Hash 11fc82362e782179a0fa1cc4ec21299e2cb7bcfebb8a0c1781c0ca6533277f23 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:02 GMT last-modified Thu, 12 Mar 2020 14:03:01 GMT server nginx etag "5e6a4115-7a655" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 501333
GET H3	200	pica.js hqq.to/cdn-cgi/challenge-platform/h/b/scripts/ Frame FB16	20 KB 8 KB	40ms 36ms	Other text/javascript	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: hqq.to URL: https://hqq.to/blocked.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2c791cd7efcd780016c3bfced7cd3d31deb047967b049a24aeab0a4a064265 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hqq.to/blocked.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 15:08:01 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQOk8xooMAEXF%2BI4UZ1H%2F%2B6br5eNRHlThu%2Fp5TCsOepPMBXUAiBCRwqOUEiS9ML9E1ViHnehPJdiZd36bOCnx9EpL1QPOFIbLB0liP5f%2B0Uv9KSXRdvulKs%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public x-control-type-options nosniff cf-ray 6a02adfe3f322780-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	200	result Show response hqq.to/cdn-cgi/challenge-platform/h/b/cv/ Frame FB16	2 B 743 B	104ms 103ms	XHR text/plain	172.64.134.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hqq.to/cdn-cgi/challenge-platform/h/b/cv/result?req_id=6a02adfd3db12780 Requested by Host: hqq.to URL: https://hqq.to/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.134.20 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://hqq.to/blocked.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers date Mon, 18 Oct 2021 15:08:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwVl9bmDJC9eWuo3R2UO%2FceqaVB%2FxruHbkz6yOyEQj6j74qRKYp0zxvJKGRCqFnVbNREKkYedqXA7kfDgsJoyrlG56exP7aklQ4v%2B9e2NZAIQ3dSfuRXr24%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cf-ray 6a02ae0b4ca62780-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

jeopardyloo.com

URL

https://jeopardyloo.com/sbar.json?key=8243e44dc8ddb2938bb8c1d3a6930ba5&uuid=a1d3a019-32ff-4c30-9ccc-2c21a84053bb%3A3%3A1

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hqq.to/	1970-02-07 04:02:49	Name: uid Value: HkpWaTJwVnLI7fi*ngG9_wV9HomqGVDi
			venetrigni.com/	1970-01-23 13:38:49	Name: uid_id2 Value: a1d3a019-32ff-4c30-9ccc-2c21a84053bb:3:1
			hqq.to/	1970-01-19 22:12:54	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: a1d3a019-32ff-4c30-9ccc-2c21a84053bb%3A3%3A1
			hqq.to/	1970-01-19 22:02:49	Name: sb_main_8243e44dc8ddb2938bb8c1d3a6930ba5 Value: 1
			hqq.to/	1970-01-19 22:02:49	Name: sb_count_8243e44dc8ddb2938bb8c1d3a6930ba5 Value: 1
			jeopardyloo.com/	1970-01-19 22:04:16	Name: u_pl Value: 15597731
			jeopardyloo.com/	1970-01-19 22:12:54	Name: uid_id2 Value: a1d3a019-32ff-4c30-9ccc-2c21a84053bb:3:1
			jeopardyloo.com/	1970-01-19 22:04:16	Name: pdhtkv Value: true
			jeopardyloo.com/	1970-01-19 22:04:16	Name: uncs Value: 1
			jeopardyloo.com/	1970-01-19 22:04:16	Name: pdhtkv29 Value: true
			jeopardyloo.com/	1970-01-19 22:04:16	Name: uncs29 Value: 1
			jeopardyloo.com/	1970-01-19 22:02:49	Name: slec8243e44dc8ddb2938bb8c1d3a6930ba5 Value: [2986959]
			.hqq.to/	1970-01-19 22:02:51	Name: __cf_bm Value: L6cC5mLE4.NxM4R6.A3A8S7qvqwaVMXzr51d8T1uZmI-1634569683-0-AYPa2DYynBlS2jIO0D5R7b9ZZv5e+4Ic2QFDbtKFjmodoIV0nqO77BNGFH6lhTlnrgY4m8BZHLa+HAU0al7+c064/1Ww1aQzsqUcWjEPJg+GNYarQ4Ys8L3e0eKbzb2CDg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://hqq.to/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-s4.cfeucdn.com
h4ahsm.cfeucdn.com
hqq.to
jeopardyloo.com
noisysortcasualty.com
series-de.online
unpkg.com
venetrigni.com
www.greenlanemarketing.com
jeopardyloo.com
104.16.126.175
104.196.247.193
172.64.134.20
172.67.143.215
18.194.64.181
192.243.59.20
213.186.120.163
84.16.243.193
0351b8e4626925e89bf9053235584a77c2e9b6a36d3ca70081bc067c70112bf2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
11fc82362e782179a0fa1cc4ec21299e2cb7bcfebb8a0c1781c0ca6533277f23
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615
2b303914b32b30d611d5084f89192bfe79dbbd39d238c99db461912b19a3e902
32d4e56e18ff45ec94d8a3cc2e3dc9eb6db9568cfe8f3c5ca2392396cb522e2b
40411937459322065add5324e4944df0aecf2420ff3341f55219051ad6b13e25
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712
60ae4cf3be02502a32b260e03dc08c28f308e70bf35afc3452f44f4c83aa9aa8
7043e369c24d23763d8633e41071685ee96fc3fc92bc51e1e5572d3479261984
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7e3c990c8c3e6ad1a07710e7032c1ff22975d6322937e80b0446a07de1b227cb
7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
8175ebe3e83e6f881a2a1de40e4c92b9fa0c44fe05cd37d45a8b93892d500395
9ed3d24027f4081f9134d636ba6d273a64208b6da9f425b076b2ececdf833e49
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
a57c105fc7fb6b8c4775b7003c66a2aeff542bbc4666fb66c071ea239b585de2
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c76c865d6d68f05c6f093f57ad1c339702efd3c942886190bdd29348fc74ea66
dba16f5122bb73b8e83715b9600d7383ca37bed1515c2a824974437728ab303a
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7
eb2c791cd7efcd780016c3bfced7cd3d31deb047967b049a24aeab0a4a064265
fa12c496ae18565c4c5ab653cf384df50dd241a6f59966f8a6d15729fd0752e4