qatar-2022-l1.xyz Open in urlscan Pro
2606:4700:3031::6815:2902  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://worldcup2022-jah1.buzz/4g/?s=1 Page URL
2. https://qatar-2022-l1.xyz/4g/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response worldcup2022-jah1.buzz/4g/	3 KB 2 KB	637ms 554ms	Document text/html	2606:4700:3031::6815:604 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worldcup2022-jah1.buzz/4g/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:604 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9e2e67344c37b4c59b188d0c53fe667028f6820bb0ae527f7a97cbd63405967 Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 6f7a6179ce310fd2-MRS content-encoding br content-type text/html; charset=UTF-8 date Wed, 06 Apr 2022 12:03:32 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c43hfQQI8WeddYiXirWXdvIFs72VgFSMK8BAhKU0CS2kFcY47uVAloBn3DgzO6NRwsSpB6ElDTjsPEsg0rTf328QeeNvTChZakLVVNcKqNPfXm0S4RWWS5u0KFVdh3zxx%2B3AwqgFNXpeCyKrGUKladOsk88z"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	29ms 8ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: worldcup2022-jah1.buzz URL: https://worldcup2022-jah1.buzz/4g/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://worldcup2022-jah1.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Thu, 31 Mar 2022 09:43:00 GMT content-encoding gzip x-content-type-options nosniff age 526832 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 31 Mar 2023 09:43:00 GMT
GET		jquery.min.js qatar-2022-u4.xyz/4g/js/	0 0
GET		jquery.min.js qatar-2022-h5.xyz/4g/js/	0 0
GET H2	200	jquery.min.js Show response qatar-2022-l1.xyz/4g/js/	85 KB 31 KB	244ms 91ms	Script application/javascript	2606:4700:3031::6815:2902 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qatar-2022-l1.xyz/4g/js/jquery.min.js?1649246611&_=1649246612095 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:2902 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers Accept-Language de-DE,de;q=0.9 Referer https://worldcup2022-jah1.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:23 GMT server cloudflare etag W/"6238e18b-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmlN7MYTt3%2FnIm%2B8hq7v%2F%2BGqPQDUa3uV2ioi4Vg0HxFfbb9AAN1Buw9ZV9WVcjx2zKdi5HpVQnAYnFa8wfH5Y3nNLz26IiaG%2B9h9az%2Fn1DqGsX4N5X4XYhMDLtUQL7b0TE63jbxIzzOH9rw0mN%2Fs9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7a617ebe120f7e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 07 Apr 2022 00:03:32 GMT
GET H2	200	Primary Request / Show response qatar-2022-l1.xyz/4g/	79 KB 17 KB	79ms 78ms	Document text/html	2606:4700:3031::6815:2902 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qatar-2022-l1.xyz/4g/ Requested by Host: worldcup2022-jah1.buzz URL: https://worldcup2022-jah1.buzz/4g/?s=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:2902 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0652671161e4343c659637b09ad0f0bb43e0f348c92baad4db3ede795b4429 Request headers Accept-Language de-DE,de;q=0.9 Referer https://worldcup2022-jah1.buzz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 6f7a617f5f310f7e-MXP content-encoding br content-type text/html; charset=UTF-8 date Wed, 06 Apr 2022 12:03:32 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0AGi5mt1n3Yr%2BCuJ%2BuhCxLFQZghfV1j9KF3PRt1s03MoYooYEO1%2BW9jwcXYZyaLq8JNh%2Fo3RB3uxApNYBmWOCuhxO64FuKU85ngaq4ZZiGpfzjMiz%2FyJEQMft7fHQmHZwpFMv5iKjRvVbsA9sFsww%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	24ms 9ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Thu, 31 Mar 2022 09:43:00 GMT content-encoding gzip x-content-type-options nosniff age 526832 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 31 Mar 2023 09:43:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	43ms 20ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-174943768-1 Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d0dfb9b321fe86388aa79818ee80a157fbc4418b76a5bc12f0e1895c70d25450 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38122 x-xss-protection 0 expires Wed, 06 Apr 2022 12:03:32 GMT
GET H2	200	i6Tb9Rr.jpeg i.imgur.com/	108 KB 108 KB	32ms 6ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/i6Tb9Rr.jpeg Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash f9bc8d38577f879e7ac9cfd1bf27c1038d49ccb379a97a598b239709977aa4aa Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT x-content-type-options nosniff fastly-original-body-size 110601 age 277269 x-cache HIT, HIT content-length 110601 x-served-by cache-iad-kjyo7100103-IAD, cache-hhn4081-HHN last-modified Sun, 03 Apr 2022 07:02:23 GMT server cat factory 1.0 x-timer S1649246613.512739,VS0,VE0 etag "c34442942d9c7d4ff92258ad08b4be7a" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 99
GET H2	200	ettte.jpg 1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/	34 KB 35 KB	55ms 7ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 09:28:12 GMT x-content-type-options nosniff age 9320 content-disposition inline;filename="ettte.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35100 x-xss-protection 0 server fife etag "v771" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 04 Mar 2022 05:36:51 GMT
GET H2	200	tK6PaRu.jpg i.imgur.com/	46 KB 47 KB	27ms 6ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/tK6PaRu.jpg Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash a9f829ad6752b35f08baed50999da5d4e2f7c0949c66331267ff8e5ebb842b20 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT x-content-type-options nosniff age 1830844 x-cache HIT, HIT content-length 47372 x-served-by cache-iad-kiad7000170-IAD, cache-hhn4081-HHN last-modified Wed, 02 Jun 2021 02:01:52 GMT server cat factory 1.0 x-timer S1649246613.512830,VS0,VE0 etag "a35183ef0f3b04c254b3703a98ba3e66" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 3006
GET H2	200	gUnhWPh.jpg i.imgur.com/	228 KB 228 KB	34ms 13ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/gUnhWPh.jpg Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 8801eae089f4ceec67a090f2b238002fb07ebab7e2007fe1602f51b4b7312639 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT x-content-type-options nosniff fastly-original-body-size 232987 age 623908 x-cache HIT, HIT x-amz-storage-class STANDARD_IA content-length 232987 x-served-by cache-iad-kcgs7200140-IAD, cache-hhn4081-HHN last-modified Mon, 31 May 2021 22:45:30 GMT server cat factory 1.0 x-timer S1649246613.512932,VS0,VE0 etag "da0b931e719073b90e0db02880687c8e" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 151
GET H2	200	A9SxNrC.jpg i.imgur.com/	149 KB 150 KB	38ms 17ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/A9SxNrC.jpg Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash eed7ba35237c207608f52bcd0f5a431e1a9f47ecbe4e16d4afbbb31d711dc102 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT x-content-type-options nosniff age 1830844 x-cache HIT, HIT x-amz-storage-class STANDARD_IA content-length 153082 x-served-by cache-iad-kjyo7100042-IAD, cache-hhn4081-HHN last-modified Mon, 31 May 2021 22:56:22 GMT server cat factory 1.0 x-timer S1649246613.512997,VS0,VE0 etag "d5b43c3d86bb302967f0bb36c37e7e3b" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 151
GET H2	200	Whatsapp%2BDP%2BGirl%2B%252812%2529.jpg 1.bp.blogspot.com/-M9UfqNnbCLg/XjZcNnlB6sI/AAAAAAAANf4/QzxPat0qhac_W7sZu9BxzkEFYiwZPwjSgCLcBGAsYHQ/s1600/	21 KB 21 KB	63ms 16ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-M9UfqNnbCLg/XjZcNnlB6sI/AAAAAAAANf4/QzxPat0qhac_W7sZu9BxzkEFYiwZPwjSgCLcBGAsYHQ/s1600/Whatsapp%2BDP%2BGirl%2B%252812%2529.jpg Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ddd79e024592b5ecf9edac3c1bb0bb33cb1c42124af3169b634b912885f3b625 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 11:13:21 GMT x-content-type-options nosniff age 3011 content-disposition inline;filename="Whatsapp DP Girl (12).jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21272 x-xss-protection 0 server fife etag "v3623" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 09 Mar 2022 10:11:04 GMT
GET H3	200	/ Show response qatar-2022-l1.xyz/4g/	79 KB 17 KB	95ms 95ms	Script text/html	2606:4700:3031::6815:2902 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qatar-2022-l1.xyz/4g/ Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2902 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0652671161e4343c659637b09ad0f0bb43e0f348c92baad4db3ede795b4429 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/4g/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeotCmM%2FetVIjDHzMReAsAb3iOVZqdgmowVkU5htvkKdE8AA3O6BESu0LpRcu9SYOdcHFuPqtVvtQv2esKIBU6LXG%2FPVEziTsc1n10UpV7aoGdWnXovF71SqFGSqVLknxuMrE1oArbSkgRx8%2FAGyRw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 6f7a61803e4fe907-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	33ms 10ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-174943768-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1722 date Wed, 06 Apr 2022 11:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 06 Apr 2022 13:34:50 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	31ms 15ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1929903092&t=pageview&_s=1&dl=https%3A%2F%2Fqatar-2022-l1.xyz%2F4g%2F&dr=https%3A%2F%2Fworldcup2022-jah1.buzz%2F&ul=en-us&de=UTF-8&dt=Holen%20Sie%20sich%20kostenlos%2050%20GB%20WM-Internetdaten!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=828041722&gjid=1980295016&cid=1046609664.1649246613&tid=UA-174943768-1&_gid=926139446.1649246613&_r=1&gtm=2ou3u0&z=1975395542 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://qatar-2022-l1.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Apr 2022 12:03:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://qatar-2022-l1.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 440 B	160ms 49ms	XHR text/plain	2a00:1450:400c:c1b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-174943768-1&cid=1046609664.1649246613&jid=828041722&gjid=1980295016&_gid=926139446.1649246613&_u=YEBAAUAAAAAAAC~&z=1142368774 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://qatar-2022-l1.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 06 Apr 2022 12:03:32 GMT content-type text/plain access-control-allow-origin https://qatar-2022-l1.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery.min.js Show response worldcup2022-jau1.buzz/4g/js/	85 KB 31 KB	417ms 272ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worldcup2022-jau1.buzz/4g/js/jquery.min.js?1649246612&_=1649246612486 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:33 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:23 GMT server cloudflare etag W/"6238e18b-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BYoAQf%2FkVVPFnG9h%2B9iioxApRa7RRU0z8ePwZIOB59L3YBNmTsDy4gwDer91dR73JoVqmfW5AsvxERJ2LFq80CxKt%2BR2ekvuK1UNWe3B2tgNCZmw5pw8yCd5WAa6O5kYn0IkDA9ulJHw7fz3Yzlv8LYVXSG"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7a61820bd741f0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 07 Apr 2022 00:03:32 GMT
GET H3	200	jquery.min.js Show response worldcup2022-jah1.buzz/4g/js/	85 KB 31 KB	858ms 802ms	Script application/javascript	2606:4700:3031::6815:604 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worldcup2022-jah1.buzz/4g/js/jquery.min.js?1649246612&_=1649246612487 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:604 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:33 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:23 GMT server cloudflare etag W/"6238e18b-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cO6TEfEVlBKDCfj9jhfsK0GxXjKYpQ613pw97bLZ5IRBHYM7aPEQlgTVKWVt7WkXMAqUpCmndqIWhbP0%2FwdLK9%2BQgohfm4tyc3jVBjlYsw2vGNNY7T28Ie7ihWry1E730XbY4tiikb2nDLKGVJgKK9taaj1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7a61819a7e7342-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 07 Apr 2022 00:03:33 GMT
GET H2	200	jquery.min.js Show response worldcup2022-jal1.buzz/4g/js/	85 KB 31 KB	288ms 141ms	Script application/javascript	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worldcup2022-jal1.buzz/4g/js/jquery.min.js?1649246612&_=1649246612488 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:32 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Mar 2022 20:35:23 GMT server cloudflare etag W/"6238e18b-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwfhwdzTwnLnAXevfrARYPlotoNKDYrlpirEaf84JIkcOYIjtJULkm%2FI1%2FU7752cYxBqKIx%2BFw8%2BN2iJrhoerfgUuu3jztsdnlw8rZZtlT2hCN%2BG1jOVIR9MQOsZ8IG0ICNgZofQt%2BI9e75DK6FAN%2F3Jraq0"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7a61822842e924-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 07 Apr 2022 00:03:32 GMT
GET H2	200	bootstrap.min.js Show response ajax.googleapix.com/bootstrap/libs/	1 KB 1 KB	1066ms 958ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapix.com/bootstrap/libs/bootstrap.min.js?_=1649246612489 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash addcf97326e87b94a71ab03845d27a97b61cec774e053a050dbf56fc18aeb675 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 12:03:33 GMT content-encoding br cf-cache-status MISS last-modified Sun, 27 Mar 2022 09:36:45 GMT server cloudflare etag W/"6240302d-572" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CWb7%2Fz8meT%2Bv4kBVaO%2BPdmm%2FK9ms6p0C4cuEebl20g3DWWdeJTDWU0M4owEm%2BYBPnd3zczajPFtUUD%2B0dzkIeoDsv5kGbb4L8XjWTkFuyVzV0iplDs4ODJEyDWoU1685KLGtK78ecryCQYAt9FB%2FINs"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7a6181d9d80f5e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 07 Apr 2022 00:03:33 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	35 KB 13 KB	1292ms 418ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?45631c7d5096c897eab07543e0ccfa8d Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 5f54a95cfd5a03aaf480c0030058fdebe2777f48b6e84046cbe66cf2e96c5af6 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 06 Apr 2022 12:03:33 GMT Content-Encoding gzip Server apache Etag 5f5695c2cc64ba54c8a24260a6b66c8b Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 12993
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	35 KB 13 KB	448ms 447ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?a449ddcb1ae1babbcf49fab0aab89bcc Requested by Host: ajax.googleapix.com URL: https://ajax.googleapix.com/bootstrap/libs/bootstrap.min.js?_=1649246612489 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 2eaac407529e11379368e91492f470beb989c08a469ca56e81ef8d4360612fdf Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 06 Apr 2022 12:03:33 GMT Content-Encoding gzip Server apache Etag 9df9456f884aaf390ceba15f4cea62c0 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 12997
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 636 B	446ms 446ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=279180626&si=a449ddcb1ae1babbcf49fab0aab89bcc&su=https%3A%2F%2Fworldcup2022-jah1.buzz%2F&v=1.2.91&lv=1&sn=58340&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fqatar-2022-l1.xyz%2F4g%2F%231649246613137&tt=Holen%20Sie%20sich%20kostenlos%2050%20GB%20WM-Internetdaten! Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Pragma no-cache Date Wed, 06 Apr 2022 12:03:35 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control private, max-age=0, no-cache Content-Type image/gif Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 636 B	402ms 402ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1288162337&si=45631c7d5096c897eab07543e0ccfa8d&su=https%3A%2F%2Fworldcup2022-jah1.buzz%2F&v=1.2.91&lv=1&sn=58341&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fqatar-2022-l1.xyz%2F4g%2F%231649246613137&tt=Holen%20Sie%20sich%20kostenlos%2050%20GB%20WM-Internetdaten! Requested by Host: qatar-2022-l1.xyz URL: https://qatar-2022-l1.xyz/4g/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://qatar-2022-l1.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Pragma no-cache Date Wed, 06 Apr 2022 12:03:36 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control private, max-age=0, no-cache Content-Type image/gif Content-Length 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

qatar-2022-u4.xyz

URL

https://qatar-2022-u4.xyz/4g/js/jquery.min.js?1649246611&_=1649246612093

Domain

qatar-2022-h5.xyz

URL

https://qatar-2022-h5.xyz/4g/js/jquery.min.js?1649246611&_=1649246612094

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| set_Cookie function| get_Cookie function| $ function| jQuery function| gtag object| dataLayer function| prevent object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| rset_Cookie function| rget_Cookie string| landingDomain string| _0xod2 object| _0xod2_ object| _0x346c function| _0x4853 object| DOMString object| objServer function| deadline function| enviar function| tip_text function| messageToSend number| counter number| counter2 number| seconds object| adsLink function| hh1 function| jp function| fh object| _hmt string| _0xodR object| _0xodR_ object| _0xc53a function| _0x5b1c string| id boolean| _bdhm_loaded_a449ddcb1ae1babbcf49fab0aab89bcc object| mini_tangram_log_lbd51l boolean| _bdhm_loaded_45631c7d5096c897eab07543e0ccfa8d object| mini_tangram_log_w6yeaw

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qatar-2022-l1.xyz/4g	1970-01-20 02:50:38	Name: reg Value: 1
			worldcup2022-jah1.buzz/	1970-01-20 02:11:45	Name: loclang Value: de
			.worldcup2022-jah1.buzz/	1970-01-20 02:07:26	Name: godomainl Value: qatar-2022-l1.xyz
			qatar-2022-l1.xyz/	1970-01-20 02:11:45	Name: loclang Value: de
			.qatar-2022-l1.xyz/	1970-01-20 19:38:38	Name: _ga Value: GA1.2.1046609664.1649246613
			.qatar-2022-l1.xyz/	1970-01-20 02:08:53	Name: _gid Value: GA1.2.926139446.1649246613
			.qatar-2022-l1.xyz/	1970-01-20 02:07:26	Name: _gat_gtag_UA_174943768_1 Value: 1
			.qatar-2022-l1.xyz/	1970-01-20 02:07:26	Name: godomain Value: worldcup2022-jal1.buzz
			.qatar-2022-l1.xyz/	1970-01-20 10:53:02	Name: Hm_lvt_a449ddcb1ae1babbcf49fab0aab89bcc Value: 1649246615
			.qatar-2022-l1.xyz/	1969-12-31 23:59:59	Name: Hm_lpvt_a449ddcb1ae1babbcf49fab0aab89bcc Value: 1649246615
			.qatar-2022-l1.xyz/	1970-01-20 10:53:02	Name: Hm_lvt_45631c7d5096c897eab07543e0ccfa8d Value: 1649246616
			.qatar-2022-l1.xyz/	1969-12-31 23:59:59	Name: Hm_lpvt_45631c7d5096c897eab07543e0ccfa8d Value: 1649246616
			.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: E7FA452E93F73D2D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
ajax.googleapix.com
hm.baidu.com
i.imgur.com
qatar-2022-h5.xyz
qatar-2022-l1.xyz
qatar-2022-u4.xyz
stats.g.doubleclick.net
worldcup2022-jah1.buzz
worldcup2022-jal1.buzz
worldcup2022-jau1.buzz
www.google-analytics.com
www.googletagmanager.com
qatar-2022-h5.xyz
qatar-2022-u4.xyz
103.235.46.191
151.101.112.193
2606:4700:3031::6815:2902
2606:4700:3031::6815:604
2a00:1450:4001:801::200e
2a00:1450:4001:810::2001
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
2a00:1450:400c:c1b::9c
2a06:98c1:3120::7
2a06:98c1:3121::7
2eaac407529e11379368e91492f470beb989c08a469ca56e81ef8d4360612fdf
2f0652671161e4343c659637b09ad0f0bb43e0f348c92baad4db3ede795b4429
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5f54a95cfd5a03aaf480c0030058fdebe2777f48b6e84046cbe66cf2e96c5af6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395
8801eae089f4ceec67a090f2b238002fb07ebab7e2007fe1602f51b4b7312639
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9f829ad6752b35f08baed50999da5d4e2f7c0949c66331267ff8e5ebb842b20
addcf97326e87b94a71ab03845d27a97b61cec774e053a050dbf56fc18aeb675
b9e2e67344c37b4c59b188d0c53fe667028f6820bb0ae527f7a97cbd63405967
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dfb9b321fe86388aa79818ee80a157fbc4418b76a5bc12f0e1895c70d25450
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
ddd79e024592b5ecf9edac3c1bb0bb33cb1c42124af3169b634b912885f3b625
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
eed7ba35237c207608f52bcd0f5a431e1a9f47ecbe4e16d4afbbb31d711dc102
f9bc8d38577f879e7ac9cfd1bf27c1038d49ccb379a97a598b239709977aa4aa