urlscan.io logo urlscan.io
SecurityTrails logo

media.hqmedia.biz Open in urlscan Pro
2606:4700:30::681f:453a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r-skype-reviews.gq/
Effective URL: https://media.hqmedia.biz/
Submission: On September 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::681f:453a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is media.hqmedia.biz.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on April 28th 2019. Valid for: 6 months.
This is the only time media.hqmedia.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 10 2606:4700:30:... 13335 (CLOUDFLAR...)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 88.208.60.53 39572 (ADVANCEDH...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
16 7
1    2606:4700:30::681b:8c93 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
r-skype-reviews.gq
10    2606:4700:30::681f:453a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
media.hqmedia.biz
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    2606:4700:30::6812:282c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
olineman.pro
1    88.208.60.53 (Heemstede, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
leadnote.me
1    2606:4700:30::681b:88c7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
imgstorage.pro
Apex Domain
Subdomains		 Transfer
10 hqmedia.biz
media.hqmedia.biz
581 KB
4 yandex.ru
mc.yandex.ru
94 KB
1 imgstorage.pro
imgstorage.pro
13 KB
1 leadnote.me
leadnote.me
989 B
1 olineman.pro
olineman.pro
2 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
10 KB
1 r-skype-reviews.gq
r-skype-reviews.gq
213 B
16 7
Domain Requested by
10 media.hqmedia.biz 1 redirects media.hqmedia.biz
4 mc.yandex.ru 1 redirects media.hqmedia.biz
1 imgstorage.pro media.hqmedia.biz
1 leadnote.me olineman.pro
1 olineman.pro media.hqmedia.biz
1 maxcdn.bootstrapcdn.com media.hqmedia.biz
1 r-skype-reviews.gq 1 redirects
16 7

This site contains no links.

Subject Issuer Validity Valid
sni167382.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-28 -
2019-11-04		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
sni183435.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-28 -
2020-04-05		 6 months crt.sh
leadnote.me
Let's Encrypt Authority X3		 2019-08-23 -
2019-11-21		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-02 -
2020-09-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://media.hqmedia.biz/
Frame ID: DEC09E0B1FE2D08FE9F2F13F18BABE43
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://r-skype-reviews.gq/ HTTP 301
    http://media.hqmedia.biz/ HTTP 301
    https://media.hqmedia.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

16
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

698 kB
Transfer

1490 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r-skype-reviews.gq/ HTTP 301
    http://media.hqmedia.biz/ HTTP 301
    https://media.hqmedia.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://mc.yandex.ru/watch/55243777?wmode=7&page-url=https%3A%2F%2Fmedia.hqmedia.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569875087589%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190930222448%3Aet%3A1569875088%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A551741072%3Ahid%3A766054357%3Ads%3A0%2C37%2C172%2C27%2C167%2C0%2C0%2C240%2C0%2C%2C%2C%2C620%3Afp%3A598%3Awn%3A34080%3Ahl%3A2%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1569875088%3Au%3A1569875088534237585%3At%3AOpen%20Web%20Book%20Archive HTTP 302
  • https://mc.yandex.ru/watch/55243777/1?wmode=7&page-url=https%3A%2F%2Fmedia.hqmedia.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569875087589%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190930222448%3Aet%3A1569875088%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A551741072%3Ahid%3A766054357%3Ads%3A0%2C37%2C172%2C27%2C167%2C0%2C0%2C240%2C0%2C%2C%2C%2C620%3Afp%3A598%3Awn%3A34080%3Ahl%3A2%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1569875088%3Au%3A1569875088534237585%3At%3AOpen%20Web%20Book%20Archive

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
media.hqmedia.biz/
Redirect Chain
  • https://r-skype-reviews.gq/
  • http://media.hqmedia.biz/
  • https://media.hqmedia.biz/
199 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.1.28
Resource Hash
0777c5b232374c57bb1b3dd1cd9a7e7b66cfda3c261a635b541a22688a1defff

Request headers

:method
GET
:authority
media.hqmedia.biz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 30 Sep 2019 20:24:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dca07a3f1958b055eb34c979431796af81569875087; expires=Tue, 29-Sep-20 20:24:47 GMT; path=/; domain=.hqmedia.biz; HttpOnly PHPSESSID=1e48079789b6fc09e3d9bc0c4d3b293a; path=/; HttpOnly _csrf=35218b444b16b930d25d004af0079aec860bd8afa140e0b2d8f70f947afb80c4a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bPBr-Inl1sOpd8WHyW8TDm7yEGmaCRJu%22%3B%7D; path=/; HttpOnly
vary
Accept-Encoding
x-powered-by
PHP/7.1.28
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51e8ec22cb19cbb4-VIE
content-encoding
br

Redirect headers

Date
Mon, 30 Sep 2019 20:24:47 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 30 Sep 2019 21:24:47 GMT
Location
https://media.hqmedia.biz/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
51e8ec225ee3cbc0-VIE
tag.js
mc.yandex.ru/metrika/ 		355 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd85630e963a6f91f4995e7589ca6fb44e77b1843e5727f2fc3f85113f7d03d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 20:24:48 GMT
Content-Encoding
br
Last-Modified
Tue, 24 Sep 2019 13:01:01 GMT
Server
nginx/1.14.2
ETag
"5d8a138d-16ad7"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
92887
Expires
Mon, 30 Sep 2019 21:24:48 GMT
bootstrap.css
media.hqmedia.biz/assets/976f92dc/css/ 		143 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.hqmedia.biz/assets/976f92dc/css/bootstrap.css?v=1564241758
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
content-encoding
br
last-modified
Sat, 27 Jul 2019 15:35:58 GMT
server
cloudflare
etag
W/"23a0d-58eab6a541380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cf-ray
51e8ec240f5ecbb4-VIE
site.css
media.hqmedia.biz/css/ 		2 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.hqmedia.biz/css/site.css?v=1564241622
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
848709ea2c8b92f9e08195125963c4120ec4392d26c59e1aef869566d002e4b2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
content-encoding
br
last-modified
Sat, 27 Jul 2019 15:33:42 GMT
server
cloudflare
etag
W/"732-58eab6238e180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cf-ray
51e8ec240f60cbb4-VIE
ccorner.png
media.hqmedia.biz/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hqmedia.biz/img/ccorner.png
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
38cbac1e43043d80ef0a0db0878f447932c9e64f339b30f6158730f5165a66c8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Oct 2017 21:39:52 GMT
server
cloudflare
age
4212
etag
"810c-55b2407d67a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51e8ec240f62cbb4-VIE
content-length
33036
expires
Tue, 01 Oct 2019 00:24:48 GMT
jquery.js
media.hqmedia.biz/assets/78d38e53/ 		274 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.hqmedia.biz/assets/78d38e53/jquery.js?v=1564241704
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
content-encoding
br
last-modified
Sat, 27 Jul 2019 15:35:04 GMT
server
cloudflare
etag
W/"4472c-58eab671c1a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
51e8ec240f74cbb4-VIE
yii.js
media.hqmedia.biz/assets/b91a9bf9/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.hqmedia.biz/assets/b91a9bf9/yii.js?v=1565800948
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
796bab2b50aec1d2e2564950f8b912c6ae172281a7ecbe378dd1bc68ce7669bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
content-encoding
br
last-modified
Wed, 14 Aug 2019 16:42:28 GMT
server
cloudflare
etag
W/"51af-59016714b6500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
51e8ec240f75cbb4-VIE
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
content-encoding
gzip
last-modified
Fri, 14 Dec 2018 05:14:43 GMT
status
200
etag
"1544764483"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
10035
bg.jpg
media.hqmedia.biz/img/ 		392 KB
392 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hqmedia.biz/img/bg.jpg
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42b5ca2ece45a429e48568b1a9fe3ae2d478a3579d2f28d0585af2d33c95147c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 07 Oct 2017 16:50:30 GMT
server
cloudflare
etag
"61f52-55af7c14ca180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51e8ec250b2fcbb4-VIE
content-length
401234
expires
Tue, 01 Oct 2019 00:24:48 GMT
white.png
media.hqmedia.biz/img/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hqmedia.biz/img/white.png
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c24f8ca6ef07e5ce555761229551303ad7e85a1816d7640fb3236d84a81840

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
cf-cache-status
HIT
last-modified
Sat, 07 Oct 2017 21:38:30 GMT
server
cloudflare
age
4212
etag
"3a0-55afbc7448180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51e8ec250b35cbb4-VIE
content-length
928
expires
Tue, 01 Oct 2019 00:24:48 GMT
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-halflings-regular.woff2
media.hqmedia.biz/assets/976f92dc/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.hqmedia.biz/assets/976f92dc/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:453a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode
cors
Referer
https://media.hqmedia.biz/assets/976f92dc/css/bootstrap.css?v=1564241758
Origin
https://media.hqmedia.biz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Jul 2019 15:35:58 GMT
server
cloudflare
age
4211
etag
"466c-58eab6a541380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51e8ec250b4ccbb4-VIE
content-length
18028
expires
Tue, 01 Oct 2019 00:24:48 GMT
pops.js
olineman.pro/code/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olineman.pro/code/pops.js?h=waWQiOjEwMTk0MjQsInNpZCI6MTAyNTMyNCwid2lkIjo0NDIxMiwic3JjIjoyfQ==eyJ&si1=media&si2=subid2
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:282c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe9e883dbb60887738f386f5c3b1a6715604c15f39cf8d97ae4825498940744

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
374
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=14400
cf-ray
51e8ec25be2dcbcc-VIE
access-control-allow-origin
https://media.hqmedia.biz
expires
Tue, 01 Oct 2019 00:24:48 GMT
1
mc.yandex.ru/watch/55243777/
Redirect Chain
  • https://mc.yandex.ru/watch/55243777?wmode=7&page-url=https%3A%2F%2Fmedia.hqmedia.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569875087589%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136...
  • https://mc.yandex.ru/watch/55243777/1?wmode=7&page-url=https%3A%2F%2Fmedia.hqmedia.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569875087589%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661...
152 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55243777/1?wmode=7&page-url=https%3A%2F%2Fmedia.hqmedia.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569875087589%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190930222448%3Aet%3A1569875088%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A551741072%3Ahid%3A766054357%3Ads%3A0%2C37%2C172%2C27%2C167%2C0%2C0%2C240%2C0%2C%2C%2C%2C620%3Afp%3A598%3Awn%3A34080%3Ahl%3A2%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1569875088%3Au%3A1569875088534237585%3At%3AOpen%20Web%20Book%20Archive
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0d4c5bfde28646f534fd030ff362d6f2cbb8651579d37296f065f3b6077cedac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 20:24:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30-Sep-2019 20:24:48 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://media.hqmedia.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 30-Sep-2019 20:24:48 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 20:24:48 GMT
Last-Modified
Mon, 30-Sep-2019 20:24:48 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://media.hqmedia.biz
Strict-Transport-Security
max-age=31536000
Location
/watch/55243777/1?wmode=7&page-url=https%3A%2F%2Fmedia.hqmedia.biz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1569875087589%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190930222448%3Aet%3A1569875088%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A551741072%3Ahid%3A766054357%3Ads%3A0%2C37%2C172%2C27%2C167%2C0%2C0%2C240%2C0%2C%2C%2C%2C620%3Afp%3A598%3Awn%3A34080%3Ahl%3A2%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1569875088%3Au%3A1569875088534237585%3At%3AOpen%20Web%20Book%20Archive
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 30-Sep-2019 20:24:48 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 20:24:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 30 Sep 2019 21:24:48 GMT
popup.css
leadnote.me/styles/ 		2 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leadnote.me/styles/popup.css?rev=554ad33ee15a67009ea8c24d85cb70d437e3d007
Requested by
Host: olineman.pro
URL: https://olineman.pro/code/pops.js?h=waWQiOjEwMTk0MjQsInNpZCI6MTAyNTMyNCwid2lkIjo0NDIxMiwic3JjIjoyfQ==eyJ&si1=media&si2=subid2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
1a35e986d048b6241cb61c786ebd080635a3354569005a3ae5c9771a0827cff3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 20:24:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 12:46:50 GMT
Server
nginx/1.17.3
ETag
W/"5d84ca3a-7d6"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Rm6fzmMGsMIjeogqTrd9v_O0WMAyoOOj.png
imgstorage.pro/popup-image/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgstorage.pro/popup-image/Rm6fzmMGsMIjeogqTrd9v_O0WMAyoOOj.png
Requested by
Host: media.hqmedia.biz
URL: https://media.hqmedia.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:88c7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea667795f655316b6adee1d88199b2f3eb13c515b9b98e366b3814406f1a635

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://media.hqmedia.biz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 20:24:48 GMT
cf-cache-status
HIT
server
cloudflare
age
2192
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
cf-ray
51e8ec26cf95cbac-VIE
expires
Tue, 01 Oct 2019 00:24:48 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| ym function| $ function| jQuery object| yii function| mediaRequest object| Ya object| yaCounter55243777 function| DOMLoaded

7 Cookies

Domain/Path Name / Value
.hqmedia.biz/ Name: _ym_visorc_55243777
Value: w
.hqmedia.biz/ Name: _ym_isad
Value: 2
media.hqmedia.biz/ Name: _csrf
Value: 35218b444b16b930d25d004af0079aec860bd8afa140e0b2d8f70f947afb80c4a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22bPBr-Inl1sOpd8WHyW8TDm7yEGmaCRJu%22%3B%7D
.hqmedia.biz/ Name: _ym_d
Value: 1569875088
.hqmedia.biz/ Name: _ym_uid
Value: 1569875088534237585
media.hqmedia.biz/ Name: PHPSESSID
Value: 1e48079789b6fc09e3d9bc0c4d3b293a
.hqmedia.biz/ Name: __cfduid
Value: dca07a3f1958b055eb34c979431796af81569875087

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imgstorage.pro
leadnote.me
maxcdn.bootstrapcdn.com
mc.yandex.ru
media.hqmedia.biz
olineman.pro
r-skype-reviews.gq
2001:4de0:ac19::1:b:2a
2606:4700:30::6812:282c
2606:4700:30::681b:88c7
2606:4700:30::681b:8c93
2606:4700:30::681f:453a
2a02:6b8::1:119
88.208.60.53
0777c5b232374c57bb1b3dd1cd9a7e7b66cfda3c261a635b541a22688a1defff
0d4c5bfde28646f534fd030ff362d6f2cbb8651579d37296f065f3b6077cedac
1a35e986d048b6241cb61c786ebd080635a3354569005a3ae5c9771a0827cff3
38cbac1e43043d80ef0a0db0878f447932c9e64f339b30f6158730f5165a66c8
42b5ca2ece45a429e48568b1a9fe3ae2d478a3579d2f28d0585af2d33c95147c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5fe9e883dbb60887738f386f5c3b1a6715604c15f39cf8d97ae4825498940744
796bab2b50aec1d2e2564950f8b912c6ae172281a7ecbe378dd1bc68ce7669bc
848709ea2c8b92f9e08195125963c4120ec4392d26c59e1aef869566d002e4b2
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
b4c24f8ca6ef07e5ce555761229551303ad7e85a1816d7640fb3236d84a81840
cd85630e963a6f91f4995e7589ca6fb44e77b1843e5727f2fc3f85113f7d03d2
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
dea667795f655316b6adee1d88199b2f3eb13c515b9b98e366b3814406f1a635
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c