jiotv.cf Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jiotv.tk/
Effective URL:
https://jiotv.cf/
Submission Tags: demotag1 demotag2 Search All
Submission: On April 10 via api (April 10th 2023, 10:44:40 pm UTC) from IN — Scanned from NL

Summary HTTP 53 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 23 domains to perform 53 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is jiotv.cf.
TLS certificate: Issued by E1 on March 6th 2023. Valid for: 3 months.

This is the only time jiotv.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a0d:2787:1b:... 2a0d:2787:1b:1f6::a	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3036::ac43:a54e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3035::ac43:a802	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3034::ac43:a283	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
2	148.251.233.147 148.251.233.147	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:303... 2606:4700:3035::ac43:8726	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9167:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	109.206.162.211 109.206.162.211	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	109.206.168.17 109.206.168.17	50245 (SERVEREL-AS) (SERVEREL-AS)
4 4	109.206.162.121 109.206.162.121	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:b4a:1:8:... 2a02:b4a:1:8::9313:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.32 45.133.44.32	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:303... 2606:4700:3038::6815:ea32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	23

1 2a0d:2787:1b:1f6::a (Netherlands) 1 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)

jiotv.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jiotv.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jscdn1.abxyz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xdiwbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:a54e (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a802 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fastcdn111.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:a283 (United States)

ASN13335 (CLOUDFLARENET, US)

btcx.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.233.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.147.233.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:8726 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x1.wb4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9167:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

prhzxq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.211 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 211.162.serverel.net

js.cdnspace.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.17 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.168.17.serverel.net

jswww.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 109.206.162.121 (United States) 4 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net

icdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:8::9313:1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

rlnlsk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.32 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea32 (United States)

ASN13335 (CLOUDFLARENET, US)

imcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	200 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	60 KB
4	icdns.net 4 redirects icdns.net — Cisco Umbrella Rank: 22802	961 B
4	jdi5.com fastcdn.jdi5.com counter.jdi5.com imgcdn1.jdi5.com	3 KB
4	jiotv.cf jiotv.cf	21 KB
3	imcdn.co imcdn.co — Cisco Umbrella Rank: 81328	12 KB
3	wb4.xyz 1337x1.wb4.xyz	3 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	2 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
3	btcx.sbs btcx.sbs	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	166 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 23747 static.a-ads.com — Cisco Umbrella Rank: 32285	110 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 8940 adservice.google.nl — Cisco Umbrella Rank: 14602	939 B
1	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 22958	58 KB
1	rlnlsk.com 1 redirects rlnlsk.com — Cisco Umbrella Rank: 838099	132 B
1	jswww.net jswww.net	21 KB
1	cdnspace.io js.cdnspace.io	28 KB
1	prhzxq.com prhzxq.com — Cisco Umbrella Rank: 85624	128 B
1	github.io afarkas.github.io — Cisco Umbrella Rank: 220030	4 KB
1	xdiwbc.com xdiwbc.com — Cisco Umbrella Rank: 95690	51 KB
1	fastcdn111.site 1 redirects fastcdn111.site	585 B
1	abxyz.top jscdn1.abxyz.top	1 KB
1	jiotv.tk 1 redirects jiotv.tk	369 B
53	23

	Domain	Requested by
6	pagead2.googlesyndication.com	btcx.sbs pagead2.googlesyndication.com tpc.googlesyndication.com
4	icdns.net	4 redirects
4	www.google-analytics.com	counter.jdi5.com www.google-analytics.com www.googletagmanager.com
4	jiotv.cf	jiotv.cf
3	imcdn.co	srcdoc
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	1337x1.wb4.xyz	btcx.sbs
3	btcx.sbs	jscdn1.abxyz.top jiotv.cf
3	www.googletagmanager.com	jiotv.cf btcx.sbs 1337x1.wb4.xyz
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google.com	jiotv.cf tpc.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.jdi5.com	jiotv.cf counter.jdi5.com
1	i.wmgtr.com	srcdoc
1	rlnlsk.com	1 redirects
1	jswww.net	js.cdnspace.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	js.cdnspace.io	1337x1.wb4.xyz
1	prhzxq.com	xdiwbc.com
1	static.a-ads.com	ad.a-ads.com
1	ad.a-ads.com	btcx.sbs
1	afarkas.github.io	btcx.sbs
1	xdiwbc.com	btcx.sbs
1	www.google.nl	jiotv.cf
1	stats.g.doubleclick.net	www.google-analytics.com
1	fastcdn111.site	1 redirects
1	imgcdn1.jdi5.com	jiotv.cf
1	jscdn1.abxyz.top	jiotv.cf
1	fastcdn.jdi5.com	jiotv.cf
1	jiotv.tk	1 redirects
53	31

This site contains links to these domains. Also see Links.

Domain
www.hotstar.com
www.sonyliv.com
t.me
www.jiocinema.com
iamsom99.netlify.app
ipldekho.wapkiz.com
mhdtvworld.me
www.criclive.store
ckthd.cfd
live4wap.online
varun-iptv.netlify.app
watchtvs.live
madstream.live
jiocinema.tk
birthdaysongswithnames.com
adblockplus.org

Subject Issuer	Validity	Valid
*.jiotv.cf E1	`2023-03-06` - `2023-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.abxyz.top GTS CA 1P5	`2023-04-07` - `2023-07-06`	3 months	crt.sh
*.btcx.sbs GTS CA 1P5	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.xdiwbc.com GTS CA 1P5	`2023-04-07` - `2023-07-06`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
prhzxq.com R3	`2023-03-21` - `2023-06-19`	3 months	crt.sh
cdnspace.io R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
jswww.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://jiotv.cf/
Frame ID: B5F284F3D0DA4CFCF8CBBEDF3D4D5B49
Requests: 14 HTTP requests in this frame

Frame: https://btcx.sbs/december-signal-results-2022/
Frame ID: 20EF55BA2A364F903A737885107BC656
Requests: 16 HTTP requests in this frame

Frame: https://jiotv.cf/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681156800
Frame ID: E9CC2A06ECB56EA0D681E22D7BAAE73C
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/2195865?size=320x50
Frame ID: F7BC15C7C810675B5DA60709549556DD
Requests: 3 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Frame ID: 48E511234C540AF0FF54F6804FA99D13
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: B5DE8608944700D01F0CDAAA16C8EF0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093222770486918&output=html&adk=1812271804&adf=3407277731&plat=1%3A1536%2C2%3A1536%2C3%3A2097664%2C4%3A2097664%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbtcx.sbs%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681166676693&bpp=3&bdt=599&idt=383&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&nras=1&correlator=5886007435556&frm=8&ife=1&pv=2&ga_vid=553379557.1681166677&ga_sid=1681166677&ga_hid=2026449701&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=59&ifk=1631042221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C42532089%2C42532185%2C31073584%2C44782467%2C44786502&oid=2&pvsid=1323033340690972&tmod=1525538447&uas=0&nvt=1&top=https%3A%2F%2Fjiotv.cf&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C59&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.dlv43r7bg1mo&fsb=1&dtd=397
Frame ID: 7FA9B624194D11B47282AACBEB1BEC10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F85C284D31AF192296D8890C5F56E1A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 340424AAE20AD23AEECE8F7A2B9287CE
Requests: 2 HTTP requests in this frame

Frame: https://i.wmgtr.com/cim/LEITrYiJkz9dzkQyqXFdKQMq3bwEcPzR.png
Frame ID: 464F52D6237C91E8AF6C0995007A1D93
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

jiotv.cf

Page URL History Show full URLs

http://jiotv.tk/ HTTP 302
https://jiotv.cf/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

91 %
HTTPS

81 %
IPv6

23
Domains

31
Subdomains

23
IPs

4
Countries

750 kB
Transfer

1677 kB
Size

8
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hotstar.com/in/sports/cricket
Title: Hotstar.com

Search URL Search Domain Scan URL

URL: https://www.sonyliv.com/
Title: Sonyliv.com

Search URL Search Domain Scan URL

URL: https://t.me/s/Jiotrickss
Title: Join Our Telegram Channel 🤙💌📲

Search URL Search Domain Scan URL

URL: https://www.jiocinema.com/sports
Title: Jiocinema.com ( IPL 4K ) 🏏

Search URL Search Domain Scan URL

URL: https://t.me/s/Cricket_King_Live
Title: Live Cricket Links Telegram 1 🏏

Search URL Search Domain Scan URL

URL: https://t.me/s/FreeIPLT20
Title: Live Cricket Links Telegram 2 🏏

Search URL Search Domain Scan URL

URL: https://iamsom99.netlify.app/
Title: Live Cricket Full HD 👌

Search URL Search Domain Scan URL

URL: https://ipldekho.wapkiz.com/
Title: Live Cricket HD

Search URL Search Domain Scan URL

URL: https://mhdtvworld.me/live/live-cricket-tv/
Title: Live Cricket Channels HD 👌

Search URL Search Domain Scan URL

URL: https://www.criclive.store/
Title: Live Cricket HD 1

Search URL Search Domain Scan URL

URL: https://ckthd.cfd/
Title: Live Cricket HD 2

Search URL Search Domain Scan URL

URL: https://live4wap.online/
Title: Live Cricket HD 3

Search URL Search Domain Scan URL

URL: https://mhdtvworld.me/
Title: All TV Channels Live HD 📺

Search URL Search Domain Scan URL

URL: https://varun-iptv.netlify.app/
Title: Varun IpTV

Search URL Search Domain Scan URL

URL: https://watchtvs.live/
Title: Jio TV Plus

Search URL Search Domain Scan URL

URL: https://madstream.live/
Title: All TV Channels Live

Search URL Search Domain Scan URL

URL: https://jiocinema.tk/
Title: Watch nd Download Movies n TV Shows 🎦

Search URL Search Domain Scan URL

URL: https://birthdaysongswithnames.com/
Title: Download Birthday Songs With Names 🎁

Search URL Search Domain Scan URL

URL: https://t.me/s/Jiotrickss/35
Title: Mobile Users Do this setting to Remove Ads 👈

Search URL Search Domain Scan URL

URL: https://adblockplus.org/en/download
Title: PC Users Download AdBlock to Remove Ads 👈

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jiotv.tk/ HTTP 302
https://jiotv.cf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://fastcdn111.site/red2.php?rand=xO331b4ee0f7fc826230aef69a1dd9f72f&id=27 HTTP 302
https://btcx.sbs/submit.php

Request Chain 49

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=5a2d36eb23cc114ab472b735&nid=1&sid=KW15YJ9EW%2FM%2B3xfDRUgZbJX7bmO%2BEdI0gxfYdZWCNgPBpvbn8T18D46vRvD66sUi%2FxcLMY86OEg9PjhB36RXue5MKyqhv5ayErXgkR3N%2FDwEeIK1MRi3MK8SuaIUAJd%2FdZfgLqT3uQX3DpeVQie%2FKkaOjKK7TABVma9a0%2FxAW40q9IuIEHlh2Q%2BKMh9K5%2Fp8dYJMRP5Ctn5vxuIdCqR5zZdeTDRTVhhRpR6ok8HU7hzLUkpVzNnze%2FSVRh0KY5JnITG1Crq3MIwjn0VO3KIzEOf4neHmi%2FQ2Y24PFBUfBsRl6neDF5i4dqgksxSqPLeJJ3ex4hUtkqMhciruJIR2I4ETGEzMImBiMRCFn3F6rnaYOVIRWvgiwxRg6FBup4rKn97REfcmqD0VR4a8Vh%2BPoGdJFP5I858wLG8%2FC7K4BCM68oOoApJY7iIk%2FjWldxd2KddP%2BnDv%2B0yoyAvsUmcA6eMEemVHD2SMDEajkx2mIREexglt7uJvrPG1uGzfMHknmJsYAZtiqCyMWHn99c%2F5Ix1%2BqkqtDaVfXYcLwVKm4ZQkxZeHDVCLOuKkCHq1ym72YvFRmLaY1WrzpXJ4xD3KRTaPdf34QMOiPtbA80VlB3W6KJdlrZtizuWanxcdelclSZJVrv1iwmA3W10RCmw4L5pDdXkNxMum6QWJIAtOyhkWOl6bANzIyal8fC7xAs8Uleq0bQPCFQosSb9Tu95oXZhyuh6ZqKBWOePbceaIm1L%2F3dkuzKYmX3TAc%2Bb98wlQoM2O04D3KYho3ZNKQunZpHe4zUJZJynXH4p2rYgnZhm75HxUnvH%2FOjprU0OXXzKob0DkkiPSDgwrIII2BG7s3c6pUdl4JdbJIx1V4oJFNmjEHTnyhajfdTlIm0bxFGge%2BcejpCdUmsmm9KHEjhxVp5Cc4ah7daAGsTQVk6fLX9WR7VZS5vZ1WUpxfFnK%2Fz0fdK7q6Hyq4XvaRevuA3sa7iUyrENotrTLQaapkIztuIhhfXc4mNgdM1wYSuc57Z5a6O3%2BKs%2B3tINpyVkYaqi5TQXuQ7YE2JYKwNS0QxrLQzRpHjkcvS2Ozivu93EqWTpVKu2RXBpchTxzezQoMLMvXqQe5VrI66zVSmIOkwI7NOvggfwq%2BaqioENSTuKdA6etIyyDj3m2EJ91iAKA4isPZ8atm0kew4OOZ%2Bgq0jB%2BjF5BiJn71Tq4gPe%2FUHzzsJDGn23zwWpfOWCkR0179fE73lmA86UWAMQv8DN4K8eVCfURwX97InrGXgPqz%2F1x0D36wdXoqLbYHkLNKju56PfOkh9iyZxHgM3ZaI%2B79SdGKy5TDiHbn4yTiVKidrMcJWxQAsoyCkXTc%2F0j5OtmzJbbDKr4F%2BEKsFfmhsPgPtvsGUhuGCETmUdDG%2BGhDJ37kvpp0fQbAEwvXuft6lUH9UU06N7dC4j0eqG6rRXiHzpx%2FDziihls3xznzPoCeQ3%2FdmF%2Bpe1xd1tWcnRPhnHhWJrz2tN%2BRR8HrwqO8d6LffS6ZnvsBzEXgeUMQ3UztLpxWzEAPLPPwg27F8DOhaEH2xQhVEEztQwB%2BGL0oA%2BfeK1ilPvoO0geZiplH2nhBzcENc5dS3V8GCfCr32WOzUO%2FXts3P7Bw%2BQ9QooZ5m3AgMjqZGDjwmE2AXJJ8FKWTfkK8lpcfq%2BcJzb5iww7mJOBJRtyUoRcKbsCTNfgoCUotTD3ig2Q2YpBT6oIZ3Y2tC3ZB1pVHEd4iGmB6MOoUzCxB08b%2FjUjxmm7MUKmh2dH%2FpNoMDYVZet1ayQOpmMYx10xVRMH%2Bn8%2FRW8IxuvlpwJ5t7eVKDVjaTpi01tTAczVV9xAsiKElxd0%2BABw8E2v4g8vO%2FIQ3Kuf6NR%2Fgg&ts=1681166678&ttl=7200&v=v5.6.15 HTTP 302
https://rlnlsk.com/dsp/nt/img?aid=15762132510481662689&mid=0&t=1681166678&sid=1327 HTTP 302
https://i.wmgtr.com/cim/LEITrYiJkz9dzkQyqXFdKQMq3bwEcPzR.png

Request Chain 50

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=2196affd551b85dd651ed889&nid=1&sid=zz6%2BTriNlEqTVZlcsbcO9QrfOfaYwJDQmnAiym8Io1FBWhuPwFPDa7y405g5qcNxcapklQ7dsnRQd64IlKkPIM0GEtOAwXKrVKULrX17gMoO3q%2FUZcUlNS82f4iOTn66zDziM5ml0Sr%2FM8luI9gDFtq1cVv9YOi9FYu7nkTx6OpInTXea%2Fr29aM7OcDe7Pu6bKdb4UhrZbs8AQGz1XW%2BqoMt0tBr%2FCP8LBIt%2B6sRhIOXpyYcOY5iwrexhDNmheylSZW6OoFQXgE8n43aXUJ2vMef38IJOkF0HK%2BqT7qRvDAi04wwbAqRXvloqeaJViNxgtVgHS%2BSH8ahu%2F9GWYbY8xuuh5W9HDsdEtFlpLhwDVNcltk%2F0KIkF6093rEyu1Il2Aw1NOkAjkMh%2FJGJq4SvqqLETjSILXUYn%2FUGy8v%2FLPbUnF%2B1hCPCPltNjz6bnQJVazuc4U4iB81rwySkKFxF%2BwwN8wazYVPLRKa1%2B1YGQH2V3JT3WdC6xMdBx94WbIxBy4AM8jq%2B1HGgqCm5KAvj2md1v1RFp2HKs2GSp8QHO7iLzyiBbxB1hH9GG22uSZw3qFPbjjW93GhMEhLOXTme1%2FOX5ie7HXx6yundtYf4YDiIF3ea7st2V9B1t0ck0zhQ%2Bmn9cSa7pASlo1H%2BxoZKx5DDZzn4X5FyXEFpanH500TNXcgEWKgGkdzj5hrTVMxuFLpXQ78zJB5UQpF9a9q3sun2f%2BgbhcmijuWoHodiq14b7zq1NdS9pvvAeouTguLM4MyML4xcyxTD%2FdyfkoqdtSl7QAiGYGpdDTWnJh6zEE%2Fq9hui6pbQhJZLdtjko6Hw10jaqzP7%2FDw4rJzybAPQ9lUJy3ACT39DVQzeQiXruncH5K2TWrSoC4Qrz5Fqg2BG9B8X1p80WoK6JekhDlMgK84k0KmPwwIPK3MnMTfIEa5OKj3d5D%2B%2FkArKa8Ej9f%2FbAmY3WxBUdXpYs729t8IsB6Sw%2BU8HWs6wl7UaS3YNajW5UxgwaAvItQptgti8bRQaKTCOnILTrC0HauekvJyO%2BWTnU5mhDsAHEpadoMQx%2F5kd2GBtMV%2BMa8%2Bxgot0fqi89icG5nFHitMPQEmRoH9m961f%2Fmng5XEhtl9aOyfKrSxYpDtoYVimjumFlcGyZibGC62HjpubHTCX%2BS3XknUfiMATwvIWRjyREh9FYED3Foa5%2FtOcQrLPEFbMQGaEzW86Z1gRsY36sCXSkabjMOHxTcLuTJGKALIbJdHdmseQcIgHfe0FgQfIqL5vxm4%2FBP%2BnnK0cKdc4F7KkDBWZXdavrfA9tQuXYyG4qCooOqveVg5nwC7whtdKlSXdJ88vaZdi08kEe1oGoDaKA8g9oKBSJA3uvhlUCmp0n9cYACS%2FurHlzn3jKQxTP9HtCMkWc5QS0v7TMH%2F5ouwJvq6506WlMukhwzrqTYjHwCjWGlXs%2Fc2GRxkstbsq7f1XJ0B7zKZVsWs8yYtacoU6dgfT%2Bx5Fp2BSRZMXciqK%2BY5YntBQD1wF05loRtS8rG40DTSIAiCt8DpLulDlE7h3wn7FPiiJioWu569aPHeeMuKr9U5UHxEndRnuv6J27Ojl1ayfdrVOojwf%2Bw0dtXHa0DuiQONMOxgym0sPcg67LMM9WtKA4o%2Fu8Cy2F42ksFWsN8bXFND6N9jVyUlowdVSGUkAd3d9fsx2vvjEfwkvQkTNtfc05xehFUc4oUudL4vfe5NSbvVZWPibM2C%2BWLPg64qRV63TirgqtPcGQ7cv28i9Bu%2Ba6BWH7cEBeKNZcl01QybdQaFfgmohU%2Bphnp7BS%2B4YMVMG3VumrR%2Bbi4P3euA6%2FVlHgLp5L6aoYr46ig6CJpApbqNRRXblengeoOtNmtNQiqAmj0A7IzvUHvqWDkxK92nbNtmTZ6hPsfE5MTn4Ls0&ts=1681166678&ttl=7200&v=v5.6.15 HTTP 302
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png

Request Chain 51

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=b89663e76ae2b63b2ec15fdd&nid=1&sid=PC3VZuJE%2Ba%2BQM2szz%2FnPgw9xENBdwJwhAGS%2BV83G8Dv8b91Jm7b1pCkLANqZ4dF62nzp1IRGqv%2Bb7gbSBhJALN2QteULZSQDVQGMUqDWvIwMbojUCH%2BNGWQjWxWsbt1ZchsRdOoIolgWr8ohESvEJDtvCJvs1Xf%2FFnuBheFzk36vlVhNHbgluZ4EjjhaER8byVnt%2BikQrK1LUO0M1d%2BtJ8rYPrODQ5z95ggZ7BcrNr1PisGR3KCXBVmR3%2FVa1%2FJZzP1%2B5SX99jUbH8T%2FMKlwz9GFzEYYPV024qCVATcE%2BVYOk8QV6dJdOMjQ%2FgF6rgA2dETkMkc7VAAKObVeCv6IyAPRuwRdt9TivUMCd58fKbRSkwHJvDNZNJU6MGFC%2BaIpjz%2FFibh4fdjufpJu42IliylDO1Y3QNcR8ABM9kN%2FUlH9sy1lYJYMJsdZf70t9EqC0VVtgUr7FfmjujUuZzdSzoLRAH6oaPtosUyVKyRV6xcgklCAgNJgRtI1B82BvbbpBf20brYRwVWtAxghJP8ZFJg%2BGj%2ByE8mvFh%2B4z6Is%2BL1hIH3hM8VwFdFLrGE%2FhVnVIPT%2BZBzRih2UqBHyEpZKfcPw43DH69Rw3RP8cWqOjqy2SB95FbDlHR6D%2FNZXroeel93jTAqldld0TK5qPrz07OcdiwLKgJ%2BTkKyAxzbIztvJVHlZ%2BMS%2B%2BmUDv2AKfr4t1QrA8xMxTuqJz6JI2TibrZzZT9qmQAphQtw40DQb%2FXBdEQMjOAI2hn6%2BJMSrR%2FnNrm41Ap%2FWBrbeKUrE5I7lQBCXynhE2d2CHTVZ9Q%2B97vfE4bIuThj%2F7dDk4gSN0aWwSV6ZfpwCyBzqkcDI%2FcHaNqPjym8y0%2BPNlklMUmPvhrc8oVIuYekwKlEf2MumsGQFEF%2FvA9tKX0m%2BtxnfQFeWrdXPnXyzJmi%2BMWDUrUDbK%2BrM6lcyEnvz6b2GqbJXUBtyAdJO%2B8xxzi1wjv7DkSfHeQFt0XXy2xS4uDun7wH5chyHIYLSL1jZpFRmLm%2BG1ghZ%2F8RL1jsJLFgAUpZFmutCut6%2FnW7fcEkEN8ma36SRztUgFGxt7Fwdkx9iH8TpUF7ywpvIrdIf27tszT1XkPAuD1Jo7D8Zrb%2BqPLqbVo%2Fyb2ZX6wzxueXlBWcrrufM6sY0GSVBFM9SqKwjFtwu616ZKWwGDDGOKAVJcZn2dCndNHw8sGMid9za0bC4Jh3fuc3ST7tznQg3UlUbhUz%2F%2FCHcS8DwfhSL%2BSKXddNIcuTtms1RSqEdARn8VwwKn4C5OKicaeHenN%2FpgKikpQoMTtNHGVtY88P6CVrwfcr9S%2BFv%2BAvq87%2Ff6AKlNQSMI%2F6SJp34GZwgXc9T1auRj4pTvaPfdkpCHWu6CFpC83B3fqV9Z3gqBAPldOgpBXLb5x5XICc%2Bo38IcwpmxBfXFfjlNfdkCyJzmC5u7OkSPAJo2XkE7gaKFKt4C8oLorHmdrulA71wXW%2BAbKUvqF01ddtpYnrqB%2Bd7WANxDPAwJOHKThTjzmXUV1YanV5TI7CJbwckndv%2FNN7Zp3G%2FAy9NjN3d9YxwqcUJ6nyeMOCermg1qya53afLNLbzAwIlhnwgRz22hANfE5Tr1jc9IDsheFg%2B%2Bwc8mLC6DKwtrU8fxujD%2Fgifl%2B1ohBvXX%2FoHF5Izg%2FMmwiZ4pwAoLN5%2FhwwBSDuMDNlh2Kz1%2F25ZRGRBddaSgqhMg1H8Oa0QL3oB3HwF%2BLZMmbgEcyRnSFznXH804htFsdGd%2Flc5ngQZoGVv%2FyaOSvO%2BsSGLRr0jtLRya%2BQqNlf0%2B6NdKbYxt8IvhbZMoRp4z3bevLya3tUTGzWq%2FIISppv57TwdkvQyDk7gxvApi1JPigqZr0TsYJKpqUPFOfNTx5ssPj3YZrnggsmRjLpiB05vEGnpI6xD21dgahoyqPI&ts=1681166678&ttl=7200&v=v5.6.15 HTTP 302
https://imcdn.co/ZSOLXbH24nVRLMYtLZM175DldgzqSPFiNUi5FiOp.png

Request Chain 52

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=5bb26bbae6092495544ebeae&nid=1&sid=qb5waPse6F3gV0i04OMUgSr8fRe4qVX7cgLA%2BkQLcH6mQZmVPKuNIFUvkv0zkD%2FcmuyxkUTSmLARDqdjJrImd8iZ62bVQ8OJkOnKLlJOzgo8FE1powHcmO118pYpr%2BYl2d8GXvBkzmhCqs6j2ds%2BKqk5bzWSAj4WxemI8ptrHQX0qeXUYzGSX60SeUE9dU8PIA9f117uUoWbXv8qmiFwahwBvvYxg1obQD%2BCeXVfPTMaq0kf5bUSkAtxpnNHl9wQA1KEbqD1DzgVki%2FQWfS4J7MWcEnk0hzX31c8U1s3AOk1SBWIsvsCI7KZgKNHPjiVJfq492M67RLmT1lAekI8rTlcZD2%2FQrlDPYOclI0zNQaG4HBpKPMubkvn9yeysQ7YrjmF%2BlEkbcLqOl%2FgXIt33SV2TICqLrhGNVVcxqoEQWn1%2B8kdYrBYPhwAYkk2v2GgbvRHlOBU6MHJHmzDouGD2Pt0wNmjpMNjENv6%2BPKJ0pRl38irXbyggiwe814o7OW3L6rq%2BqdmO%2B9M4ou1B6aw%2BH6cWGS%2FIMsonw6VUNgfHssWpcgzG9XE0iRs3ddEJ4m%2BD9bFgxcDwX%2B9xxRY0bCIojQMElKBrs6b2TdBCXeFYTsqSeDBLDobgcqCx4biqYzFcatCFqxvmirYGH28OJQ%2BZxIiA1VoxXAHl3VyhEnl%2BBxQ2q4Ui%2ByI3b%2Fuzo8C%2Fx8XZphx6lZhqiu2fZHsgbpM2kthIzrYvdGntLuiPKyDqyKtcK62DYkv%2B58ZxLlzKPJvN%2FVHl6dS8xoheTqzV8bTxsp%2FsA0IurIhWNdb3L9LlEcw%2BXEtALNoMxyGcAid6ONXP1rOhIQx7IuNbrdsa4dCgUP%2BLLOWSECU4DD5bOYRDIv31MBd%2FdW2FwDUoAGEwiiQUTXK6RjNISIwr4Oy1qNA6p2hyHDNjwIrpcO4Smsu9ojyONO%2FwX4Ou7obwMlsr2HfB8QmdIHESzhUnsV5Q4wcPEA0NtK%2Bw8m8VSqh1I0PEwxdKVdHX%2FO%2FH6ABGI4QeUG65d1oTru8bQ5n5IhqDB2T%2FxRUlOZYA%2BvCmM8K%2BwWHvzeS%2B98FHmUTSEFdLk7IzWcFQGitB9bGRhZGekHUeI2Zn1Y5Tqh0lejANnurH20aKF8aEnKcJplGp1wP9RcLVtaGTqc1UZyHsXMYirkeBWdSgelfw8hS4LogXi6AwFb4O9uP%2FzjpyEFsfZZQVSyMhIP%2FDL67setMCUU3jXB164l525ILhiHQI36Ivvqcht%2BP7WWRQ5lj7RGbDcMu%2BwcuVwZbgPW6xJn3JnOIOxSslsNGZHY8NLo2sb5LEOCP8wDDHzBKjFnUs8%2FERrL%2FOVPRiKFHq7mS%2FWg36dZX%2F1QaeL%2FXcAMX86O6vIstH7Cf4PanIjkyYpijBkJ6a2mJEGNTAVPZ4P%2BBWbYTTaiW9fiJosAKiWK9MpKiJolCms11JBif5Uz3uWWbeMAXbGcJToJIl1z%2FFF%2FAACuTQmdi6zuYX1%2Bct2LFsbxBhnDzl0r%2FHVcUAWpP6xApJSQwTJ3Dpjs08x28u3V6F5PqKRc2v26rbFm%2BRvtqc93%2FVzCQpOZs0OT2qsx33URs0LEOwCz1p%2FoGHlmIThF%2F3QNTrJGUuLt2NNdAo1i4P2VCccg%2FjD5LgWTFSeWqEQgs2fIsG4WYpS31b1DnBh8jr%2FfRj%2BbAAKIIyKC9AR0lZBOif0wnkhY9QTSYYZExIxAl4VG9C0gGstUNiMld5HRjmWtMpbSaZ0ZwwfY%2FkYQ5pMZFp2r%2B2VRSPo0dbMiLBT318bA7Sv6IxHGB4V%2FmNxVoZoBwDh9CcZTueOie0kurtE5uwHc%2BCaUejVBEh12lw4m6hU3FK2tC7PN9sKvr6DC1uuMhevpCz6KAz%2FN1JKgU%2BwTUnqXmRkCud4EFTuHk9u5mTlHD3JSrREg&ts=1681166678&ttl=7200&v=v5.6.15 HTTP 302
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jiotv.cf/
Redirect Chain

http://jiotv.tk/
https://jiotv.cf/

6 KB
3 KB

281ms
53ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a9495882b646aa622ebe77c3c4c25b63b213f264d7cfa86057f52311a9a289b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 7b5e83e8ab251c14-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:35 GMT
expires: Mon, 10 Apr 2023 22:51:24 GMT
last-modified: Mon, 10 Apr 2023 22:41:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRHmxAmfjUIwJUNijylHuLppdI7mKIlBS5BxDb4d8MYQzi2iBxqMcaYYyHfNTxOV7MhU6Jxqf2v1CCl5pNcj1DBtVRVSNWyf0GNOUfvfuGuYWBU7df0TiexCbXuJAAdmnWuDuE69VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Apr 2023 22:44:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://jiotv.cf
Pragma: no-cache
Server: nginx

GET
H2 200 style.css
fastcdn.jdi5.com/css/jiocinema.wapkiz.com/ 0
531 B 143ms
74ms Stylesheet
text/css 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/jiocinema.wapkiz.com/style.css
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 10 Apr 2023 20:25:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.0RC6
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj%2FxQI8poVuLo10fWwUYVNN2V37fB8yeXrkdpx0y8DnCv72WlWwGCapIxUB0xb4bc0swYJZHotiRFDd%2BTFlXBvNUUbRBEOWaH1ho9N47%2F4RW6OtVS4J%2B5ItbD4BwRXRN6aZPgwwfHrDGKRluLgKh"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-ray: 7b5e83e97ce30a79-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 online.js Show response
counter.jdi5.com/ 3 KB
2 KB 102ms
31ms Script
application/javascript 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12338559
cf-polished: origSize=4470
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 17:12:31 GMT
server: cloudflare
etag: W/"63405dff-1176"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV2E983XJ6ov4HjQFVvWYicqcoPabxEngDikqEizXHPHARqAGHdgA8V3eNlUJBFcZqSf8VYuuXqWGfsS1651Co4JSf6JzSG%2FeRY3NxnX6KEY26W%2BSSAo63GymWL7nthCpw9LQ8kWLZUl%2FcXX7eyJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7b5e83e97fa10bdb-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 206ms
79ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EFRKRPXK2Z

Requested by

Host: jiotv.cf
URL: https://jiotv.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3982a6ca087cdc26a5036c599bfc50748dbfb0fae0b9afe80f4af713ed846935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Apr 2023 22:44:35 GMT

GET
H2 200 lib.js Show response
jscdn1.abxyz.top/ 3 KB
1 KB 102ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jscdn1.abxyz.top/lib.js
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59489d26df7d9ade53957bfc3b351b14c58e47fc4ae1f4a8669d4a6852f587c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 10 Apr 2023 21:23:02 GMT
server: cloudflare
age: 4893
cf-polished: origSize=3395
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce02UPPh05BWdeyUPmGtuErSuPxvHCN1XXMhDvk1yKTE3M%2FbjuaK145HhXMr3cwQPLu0SmxsGBq98g65asvn8Z3tqyMo%2BJBOlRvnKAy7%2BcRtfGLrLlMNiNVni%2BSusRAdQ%2F0YbO5cymrEd7atkR6P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b5e83ea59400ea4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
25ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Apr 2023 22:43:13 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 82
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 00:43:13 GMT

GET
H2 200 fc.php Show response
counter.jdi5.com/ 50 B
424 B 74ms
73ms Script
application/x-javascript 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/fc.php?id=4a39244e8da077daa1cad06c90366144&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&ref=&pn=https%3A%2F%2Fjiotv.cf%2F&wh=1600x1200&rand=6
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb3586309c5ddb1d3edf95b85a4ab20e5c5f99cd3a36e62fa2ac12467feeb0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvEM0pLQlOKZUyDnemnudUKcZHyUZIcJFDlaBZtW%2FX%2Fb3A2jJKJkeOeMHQsT9kFj46PxOG90N9qOX3UlA1eSKaJZgp42I5XbBk6O1mJZ32z3rsoUE2DhGbYRgcG40qJooXJz63toUNDTTno1gCuA"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 7b5e83e9f8240bdb-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 EF0808.png
imgcdn1.jdi5.com/img/ 133 B
516 B 50ms
36ms Image
image/png 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/EF0808.png
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12210088
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133
last-modified: Sun, 20 Nov 2022 15:03:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcH6C2DlY9H9%2BwsbX8TTvnKl3rSKYJW%2B6zgAHajPyCwreTtTxLrkV0ACk9dUDVdoFQuazSSE3xZHJyWc4ftVqjnBmL8KElLwUq5qP3XUHWyYgp9WpzUnsZBhf%2FZ1N4YZkDifq7smIne%2F2TvtHaaK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7b5e83ea8e880a79-AMS
expires: Mon, 20 Nov 2023 15:03:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
204 B 29ms
28ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1865337768&t=pageview&_s=1&dl=https%3A%2F%2Fjiotv.cf%2F&ul=en-us&de=UTF-8&dt=jiotv.cf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1045198136&gjid=239394750&cid=1916027817.1681166676&tid=UA-46789381-10&_gid=1233253070.1681166676&_r=1&_slc=1&z=1695486996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jiotv.cf/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 22:44:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jiotv.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

submit.php Show response
btcx.sbs/ Frame 20EF
Redirect Chain

https://fastcdn111.site/red2.php?rand=xO331b4ee0f7fc826230aef69a1dd9f72f&id=27
https://btcx.sbs/submit.php

338 B
623 B

132ms
53ms

Document
text/html

2606:4700:3034::ac43:a283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btcx.sbs/submit.php
Requested by: Host: jscdn1.abxyz.top
URL: https://jscdn1.abxyz.top/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d

Request headers

Referer: https://jiotv.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5e83ebfc950b5a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp0NNjdpMJlkfz6QMzkDv8%2Bd1xRk3QUy9LBfzjWBSXceRJe2LkccOD3qhGcZwP9Y%2B5kWd5y46H7YVhgSOMNCQCs7vlFxEszJOSLRWiUZSBdqj9Sx0h5TlMMUT6uJno%2BTOP49wt0xPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b5e83eb1e820e40-AMS
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://btcx.sbs/submit.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv7HbbLobHQyiCcD%2BUtQG4ji0AuLi8HTcZYqp4lhP1J0mPSFRUhqpRwB5GRj5S1GoS8Aixct9v6yf58ExGLegXXS5j5j2qCs631%2BLEaMIbrB%2BQX9ib4w%2B6QrMYRyaZvwNXD3ZqsVXdYWk95sP3I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

GET
H2 200 invisible.js Show response
jiotv.cf/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame E9CC 31 KB
14 KB 34ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jiotv.cf/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681156800
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896044ffbc788637ae2c98bbbb522ad82a6846aa110424cfec3d21af84ea2e22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BjBWvqLRl%2FyiF8SjCenkbRCIeKkUdovG2f21oQyvRsLYoyiqQm0Cu5jVLAyFOTGNeGAlm0%2F1S6Bbte6ZEaW7Jxsg4tEjdAsnAImY4EG5624FPtUqWXprnNFsmh9IZJ4XdJKQQsaeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b5e83eaac591c14-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 98ms
32ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-46789381-10&cid=1916027817.1681166676&jid=1045198136&gjid=239394750&_gid=1233253070.1681166676&_u=IEBAAEAAAAAAACAAI~&z=379538253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jiotv.cf/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Apr 2023 22:44:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jiotv.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pica.js
jiotv.cf/cdn-cgi/challenge-platform/h/b/scripts/ Frame E9CC 7 KB
3 KB 35ms
35ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jiotv.cf/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86414eed07e288fe0d3b0bc79b50ea034c6f3581c56686540a6413e93e6c2bc3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuleMMZY45SUAYOgKRRrKRdlaQR%2BG1YsOryXXMRHhdw%2BvdW0JCxgGE%2BRZiZPmcwX7Yc3lWMDTTTk6YxdrfqKrwMdjuZilKOgIXWlZThvYCmlbSTr%2FJD51UqEl9joq6WvXf7CKG8J0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b5e83eafc9f1c14-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
240 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EFRKRPXK2Z&gtm=45je3430&_p=1865337768&cid=1916027817.1681166676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681166675&sct=1&seg=0&dl=https%3A%2F%2Fjiotv.cf%2F&dt=jiotv.cf&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFRKRPXK2Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 22:44:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jiotv.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 75ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EFRKRPXK2Z&gtm=45je3430&_p=1865337768&cid=1916027817.1681166676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1681166675&sct=1&seg=0&dl=https%3A%2F%2Fjiotv.cf%2F&dt=jiotv.cf&en=jiotv.cf&_ee=1&ep.event_category=jiotv.cf&ep.event_label=jiotv.cf&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EFRKRPXK2Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 22:44:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jiotv.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 115ms
43ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46789381-10&cid=1916027817.1681166676&jid=1045198136&_u=IEBAAEAAAAAAACAAI~&z=773212013

Requested by

Host: jiotv.cf
URL: https://jiotv.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 22:44:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 126ms
42ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-46789381-10&cid=1916027817.1681166676&jid=1045198136&_u=IEBAAEAAAAAAACAAI~&z=773212013

Requested by

Host: jiotv.cf
URL: https://jiotv.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jiotv.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 22:44:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7b5e83e8ab251c14 Show response
jiotv.cf/cdn-cgi/challenge-platform/h/b/cv/result/ Frame E9CC 2 B
692 B 52ms
51ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jiotv.cf/cdn-cgi/challenge-platform/h/b/cv/result/7b5e83e8ab251c14
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681156800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYO%2F7M367U7pNrxrCY4zSStGnl6BLZ8p4LzVH%2BSn%2BSP%2Bh50C3DJ6saCy73Atzl%2FVGskjlLA%2BBhtkv5kbaeQwBbUYx%2B3Kgd8EaQC4urLYVJAB6VDMA5Zd8lGsuppm2fOG565K920%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7b5e83ecfb700b4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 / Show response
btcx.sbs/ Frame 20EF 368 B
546 B 45ms
44ms Document
text/html 2606:4700:3034::ac43:a283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btcx.sbs/
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe52059cc4cdb3b484eebf550a20e5c9782b0f78a6fbe2f70869e69104625228

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://btcx.sbs
Referer: https://btcx.sbs/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5e83ed0dc00b5a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tzoG%2BUDNeXEtwMfGo2lUmU5bkju2j2%2BxumVPifH2Q3qWBZBYlt5A7q%2Fm6pnkRY%2F1eFNKlvqFNk%2FhBOJHpH0WAWozOhhj0uuYM733KS%2By0%2FTRwSdNto%2Bsb3bcWSx6mDOBELXuGhebA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 / Show response
btcx.sbs/december-signal-results-2022/ Frame 20EF 4 KB
2 KB 50ms
50ms Document
text/html 2606:4700:3034::ac43:a283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btcx.sbs/december-signal-results-2022/
Requested by: Host: jiotv.cf
URL: https://jiotv.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99353dc0be144a4d901291e08312d983fd5dac379d5f29828ef88008089690db

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://btcx.sbs
Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5e83ed5e250b5a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNqxp5Yk1GzibiO13MfHptcDYniJPftqt0g1KqLnLPTyplirAk889BXBamXwxhbzfmBLRhDmlD21w4pb5xeyn545%2F%2FJ02g1p2dX8fV2QfbUO9SdMOhkvWeH0iXe4BVyQKLKd6pqdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 20EF 138 KB
47 KB 160ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2093222770486918

Requested by

Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0dcaa9f195d39ba3059d7efd7dac92af1f150348c6ea2db86dbc6ba96020caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://btcx.sbs/
Origin: https://btcx.sbs
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47963
x-xss-protection: 0
server: cafe
etag: 12588447196222024704
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 22:44:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 20EF 113 KB
44 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0120e2d61305f8cd1dc6fb93068a6c202a43c58bf3d5143f3af3e84ba197e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44969
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 21:28:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Apr 2023 22:44:36 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTE5ODk2OCwid2lkIjo0NDI3OTMsInNyYyI6Mn0=eyJ.js Show response
xdiwbc.com/pw/ Frame 20EF 134 KB
51 KB 101ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTE5ODk2OCwid2lkIjo0NDI3OTMsInNyYyI6Mn0=eyJ.js
Requested by: Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b584d769808ab7f0a230e2729e6423e76f8b20bf402452f54555626f1b778b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 21:25:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: 6a8dcdf929263006b4f8b17f500e335d
age: 4771
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ68yfXsbuYB95f%2FGbX3MNICyfN5vdasgQPWEjmJ3EgegX0UsXJ0YComvU8hgNE2cvn9DvpdnkNsHyCIRS6ralhkd5LCEHekRGJQ4X6DiJLJKSeD3zR%2Bhm8q2Cy3WDfSmGJT%2FmNjTB31"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://btcx.sbs
cache-control: max-age=14400
cf-ray: 7b5e83ee3a330b4c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 20EF 8 KB
4 KB 313ms
112ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-fastly-request-id: ac2b133786bf8275673d5f85c41fa140d9c948fc
date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 469
x-cache: HIT
x-proxy-cache: HIT
content-length: 3497
x-served-by: cache-ewr18140-EWR
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 8396:0D7A:1ECE9DE:281FC64:641024AE
x-timer: S1681166676.367062,VS0,VE14
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 14 Mar 2023 07:49:15 GMT

GET
H2 200 2195865 Show response
ad.a-ads.com/ Frame F7BC 12 KB
5 KB 174ms
61ms Document
text/html 148.251.233.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2195865?size=320x50

Requested by

Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.147.233.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

e2bec70120ba1fbdec2ff95d26c7df9b95dd303583852ed862ede41544aba9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 10 Apr 2023 22:44:36 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://btcx.sbs/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 submit.php Show response
1337x1.wb4.xyz/ Frame 48E5 1 KB
957 B 114ms
41ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/submit.php
Requested by: Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5e83ee4d6eb903-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16rw9PfK2W3MI47%2BUHWh%2FpPYjcvQPjNKNfQSxRtv7wd5xGCgvokBWVJpsxghuq8aWXR1tZCbpYS4ccdiDGV8g3U2mZk5PE7EiaGiwBUMY%2Fh97rsqtiapWv5kT2VcOcg5JiOIUDT%2B2bN7ySJTzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.29

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 20EF 49 KB
20 KB 26ms
25ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Apr 2023 22:43:13 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 83
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 00:43:13 GMT

POST
H2 200 / Show response
1337x1.wb4.xyz/ Frame 48E5 1 KB
828 B 42ms
42ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/
Requested by: Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 16a273954e382a0d8968fdc919213200ca0dcf3fc3d7b37c0d759269557dd72f

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5e83f1482bb903-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6Ioe895xVQsAEK4emvs3CdMbiEx8avaOz2N5210BeQ21bQ%2Bhd1er1rh7xhDVsWcGSuddv68375vreGAnCJUOpvYOrAU%2BYanyHh7ES2oJoTSMrtSVIPnymxJJL%2FlU%2FokUDzR4oQxPqy21SGv3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.29

GET
H2 200 320x50
static.a-ads.com/a-ads-banners/117602/ Frame F7BC 105 KB
106 KB 104ms
89ms Image
image/gif 148.251.233.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117602/320x50?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2195865?size=320x50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.147.233.251.148.clients.your-server.de
Software: nginx /
Resource Hash: aba38fc961c0ae884b2d27d10096c00c1892bca79b24e5cc242f33ad614b626e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
x-amz-version-id: CkCc7WSleRzimj5RWMf_cK.MWSGudpga
last-modified: Sun, 19 Apr 2020 16:05:30 GMT
server: nginx
x-amz-request-id: GYAKE9ANEMJMEANS
etag: "b0a3059b226c3f9f0bfa161de8a449c3"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 107679
x-amz-id-2: V9ZFCAY4/LwwZT5MMuZoxDe2uW5NSrNOMpA4jYK8dzPaFBBe2GJawQpsCcGYK/bsWxXnOkJd+5c=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK e358659c-a250-4cee-b8e6-23fb14e23510
https://btcx.sbs/ Frame 20EF 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://btcx.sbs/e358659c-a250-4cee-b8e6-23fb14e23510
Requested by: Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 wnload Show response
prhzxq.com/ Frame 20EF 0
128 B 81ms
25ms Fetch
application/javascript 2a02:b4a:1:7::9167:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTE5ODk2OCwid2lkIjo0NDI3OTMsImQiOiJidGN4LnNicyIsImxpIjoyfQ==&tz=0&if=1&u=aHR0cHM6Ly9idGN4LnNicy9kZWNlbWJlci1zaWduYWwtcmVzdWx0cy0yMDIyLw==&inc=0
Requested by: Host: xdiwbc.com
URL: https://xdiwbc.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTE5ODk2OCwid2lkIjo0NDI3OTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9167:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Apr 2023 22:44:36 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame F7BC 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ Frame 20EF 348 KB
116 KB 237ms
118ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2093222770486918&plah=btcx.sbs

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2093222770486918

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebbcebaae0fd5ca1c775a2f8ff5dd53897e537ba18014fea5a170e1144761a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119045
x-xss-protection: 0
server: cafe
etag: 6719942391210944654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 22:44:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame B5DE 10 KB
5 KB 122ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2093222770486918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 45535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:41 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 10:05:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 chargha-recipe.html Show response
1337x1.wb4.xyz/2019/05/ Frame 48E5 3 KB
2 KB 58ms
58ms Document
text/html 2606:4700:3035::ac43:8726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Requested by: Host: btcx.sbs
URL: https://btcx.sbs/december-signal-results-2022/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 74a5f5a90410fb9206ec545eb47367d4388cf3c950eeb12390c598566ba7b13c

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b5e83f19fbc0b6c-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 22:44:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOAomabtEUWjqogPJMhTKrzm4vp%2B6Y%2BBdbi%2BwThe80vv4Ds2FDWf%2BbC4aU6QI64LdwitjINGFIrSl45KZIixCzJus2Ly0H4JW232GDibJZPbkM%2FbvUWv0wN%2B5Ok2DzWmxjUGc%2BSHP01lN0pNhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.29

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 48E5 113 KB
44 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Requested by

Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f68bda364ce906323a57ef24f315b7b277a03f5fa5fc2bff05a2b2edce40c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44969
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 21:28:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Apr 2023 22:44:36 GMT

GET
H/1.1 200
OK script.js Show response
js.cdnspace.io/1/ Frame 48E5 90 KB
28 KB 122ms
53ms Script
application/javascript 109.206.162.211
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cdnspace.io/1/script.js?t=202331022
Requested by: Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.206.162.211 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 211.162.serverel.net
Software: nginx /
Resource Hash: 72f569946944e6e14fe7f480177f78285ac4d9523131f8bdcadf507e754255c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 22:44:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Nov 2022 10:14:23 GMT
Server: nginx
ETag: W/"6376097f-168ea"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, public
Connection: keep-alive
Expires: Mon, 10 Apr 2023 23:14:36 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 48E5 49 KB
20 KB 26ms
26ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Apr 2023 22:43:13 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 83
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 11 Apr 2023 00:43:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 20EF 107 B
531 B 125ms
40ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=btcx.sbs

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2093222770486918&plah=btcx.sbs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 20EF 107 B
456 B 122ms
40ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=btcx.sbs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7FA9 603 B
245 B 83ms
82ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2093222770486918&output=html&adk=1812271804&adf=3407277731&plat=1%3A1536%2C2%3A1536%2C3%3A2097664%2C4%3A2097664%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbtcx.sbs%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681166676693&bpp=3&bdt=599&idt=383&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&nras=1&correlator=5886007435556&frm=8&ife=1&pv=2&ga_vid=553379557.1681166677&ga_sid=1681166677&ga_hid=2026449701&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=59&ifk=1631042221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C42532089%2C42532185%2C31073584%2C44782467%2C44786502&oid=2&pvsid=1323033340690972&tmod=1525538447&uas=0&nvt=1&top=https%3A%2F%2Fjiotv.cf&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C59&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.dlv43r7bg1mo&fsb=1&dtd=397

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 22:44:37 GMT
expires: Mon, 10 Apr 2023 22:44:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 20EF 15 KB
11 KB 80ms
79ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7304af45849f11d208a17c2b4f1986462294f7e1605b4a91967aae2c3724e438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11307
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 20EF 17 KB
7 KB 204ms
68ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 22:44:37 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F85 13 KB
5 KB 61ms
59ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 20:52:18 GMT
expires: Tue, 09 Apr 2024 20:52:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3404 783 B
972 B 42ms
42ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38b6134d81adda17f01d39591864abd751860f6afa30d6a1f64f5fdc331ac6c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zt05koHCEOOzQ9xUg8XLUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://btcx.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Zt05koHCEOOzQ9xUg8XLUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 22:44:37 GMT
expires: Mon, 10 Apr 2023 22:44:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3404 0
0 91ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=1323033340690972&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F85 36 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 20:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14136
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 20:03:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F85 0
10 B 31ms
31ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cndUTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 w.js Show response
jswww.net/ Frame 48E5 21 KB
21 KB 294ms
225ms Script
text/javascript 109.206.168.17
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=944291&t=2058&sid=1337x1.wb4.xyz&r=0.32325565359650565
Requested by: Host: js.cdnspace.io
URL: https://js.cdnspace.io/1/script.js?t=202331022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.17 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.168.17.serverel.net
Software: binder-v5.6.15 /
Resource Hash: 7b94f7db5f3b2d489c4ab43e3a0093769d9f844da6cc9d7d71ff7bf79ba96f5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Apr 2023 22:44:37 GMT
x-response-code: 20200
server: binder-v5.6.15
content-length: 21201
access-control-allow-methods: GET, POST
content-type: text/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 20EF 0
0 95ms
95ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=1323033340690972&bg=!j4yljNjNAAYIJb0jKCU7ADkAdvg8WidCcjgYJ8Gb_lD-UTSnVyyOX7Udt-Iy9jVux42n60DxOHOLBXohV3hqYa6Aeo4uMklh5LsCAAAASlIAAAACaAEHCgAI-0VIKmJJogaZAsj1BYN_k1V7g0zfiIsbqDMtWHBjzKQC-i96zsUi3lCZ9mraYraKlmcJXUoSrzknUoZGYNNO_DUZ06f0bqhIILlNFNWr-4fYiDVYdIR356gTGyAlRYe4LC5seWv-OtC0gwy4SyYUZx1VzHR821W6650xD-usKP0zabBACMZwqFNmC82H3udY9G5ucepQn8MfmybjElcYJ5uYMsSKm9Wq6RuQjevP5YsumdmYogLhXXyltNQmTLYYSXEjGXWxm9hxnmc9x50SBsYrylZnH2A4U1gZIRyLWo51YlHaBbG9eg7L6ePW6KLd2Wn_QGlMYqQ8bGfgvNMIkrKyy9tZrH7zshFxWFbF05EoSHO6WTLdkhUP1slxg9iZF1zdADYHYUncMdjnXpxDSHp09eA9C3t27UgGD7qEGSUq48M1L4SMHEXgWjni_F_GjG7QTm5y7tpwkcKzhu0S1_FhUlbFPDXlaOPzFjX5MxdJ4jMuoAC2Y0CZir-E1ehr8obvzuZ28Z_ctlQ_WC0s8v7xVGywKbzvc4MOfYu3lgml16S-o3G7GaBjhuiZ4JzPe07qVpk4qHa_tQSf1263BzR9ZdhbuWjF_9CuRvs6G3Sav4fGqkW5-0FuQvVec0Weta-yi0i9-yRKB0GpWDysX05nz4bUWTTQDAMpL1JQw6BBMzamEujM5Fbk-Ya8mNvURTjPpgzQL0Rs25vA5IJObTJwbjMFQ8AbzE9HnUbaWoRYWHgWQMs-XI9rzurNzgUQjqutgardTl7mMvQPrmdOlviR6ek3Z_HGoky8S3DveYxJkQrBNpSwEnUO--F7RHtbDYOfiQDl31zE2B66Z-1HnmsJlZKUFwY38ZQ6Ftcubl2mtVN-wJ7g2BY5Thh7zR8FZObmXFNS3ovqUw7st_T59dH4kmHFoJBTqoWS8l2bnzZHdvR65zEpOIXod4axSkqevAeF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://btcx.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2

200

LEITrYiJkz9dzkQyqXFdKQMq3bwEcPzR.png
i.wmgtr.com/cim/ Frame 464F
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=5a2d36eb23cc114ab472b735&nid=1&sid=KW15YJ9EW%2FM%2B3xfDRUgZbJX7bmO%2BEdI0gxfYdZWCNgPBpvbn8T18D46vRvD66sUi%2FxcLMY86OEg9PjhB36RXue5MKyqhv5ayErXgkR3N%2...
https://rlnlsk.com/dsp/nt/img?aid=15762132510481662689&mid=0&t=1681166678&sid=1327
https://i.wmgtr.com/cim/LEITrYiJkz9dzkQyqXFdKQMq3bwEcPzR.png

57 KB
58 KB

108ms
24ms

Image
image/png

45.133.44.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/LEITrYiJkz9dzkQyqXFdKQMq3bwEcPzR.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

45.133.44.32 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

73cb8813e80c673c13f2908ebd5e9f3e447a5d8ba45df1647bf124a97542ccaa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 21:44:39 GMT
date: Mon, 10 Apr 2023 22:44:39 GMT
content-encoding: gzip
server: nginx/1.19.0
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

access-control-allow-origin: *
location: https://i.wmgtr.com/cim/LEITrYiJkz9dzkQyqXFdKQMq3bwEcPzR.png
date: Mon, 10 Apr 2023 22:44:39 GMT
server: nginx/1.18.0
content-length: 0

GET
H2

200

C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
imcdn.co/ Frame 464F
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=2196affd551b85dd651ed889&nid=1&sid=zz6%2BTriNlEqTVZlcsbcO9QrfOfaYwJDQmnAiym8Io1FBWhuPwFPDa7y405g5qcNxcapklQ7dsnRQd64IlKkPIM0GEtOAwXKrVKULrX17gMoO3q%2...
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png

4 KB
4 KB

101ms
37ms

Image
image/webp

2606:4700:3038::6815:ea32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 2606:4700:3038::6815:ea32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:39 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 19:50:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1824847
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FILVDtFGtpza2fMP476fzqa8wX%2B%2FsEEPkxO0wAWWr%2B8kf6e8vOkLpcuhRx2SMkUqhHqAK1Ia8%2FzRxJE8%2FbzR4vICy5d9Vn5UMfgWiPTJ5EpJbVIuhHfXhaQp3cAYRtBC4%2BHzT1mgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b5e8400df3f1cba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4028
expires: Wed, 19 Apr 2023 19:50:32 GMT

Redirect headers

location: https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
date: Mon, 10 Apr 2023 22:44:38 GMT
referrer-policy: no-referrer
server: dspclick-v3.8.7
content-length: 0

GET
H2

200

ZSOLXbH24nVRLMYtLZM175DldgzqSPFiNUi5FiOp.png
imcdn.co/ Frame 464F
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=b89663e76ae2b63b2ec15fdd&nid=1&sid=PC3VZuJE%2Ba%2BQM2szz%2FnPgw9xENBdwJwhAGS%2BV83G8Dv8b91Jm7b1pCkLANqZ4dF62nzp1IRGqv%2Bb7gbSBhJALN2QteULZSQDVQGMUqDW...
https://imcdn.co/ZSOLXbH24nVRLMYtLZM175DldgzqSPFiNUi5FiOp.png

3 KB
3 KB

100ms
36ms

Image
image/webp

2606:4700:3038::6815:ea32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imcdn.co/ZSOLXbH24nVRLMYtLZM175DldgzqSPFiNUi5FiOp.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 2606:4700:3038::6815:ea32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14f257345fe881101b2b17e988c3e83086885e9c60ba9f3076786ea5ae66da7e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:39 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 02:03:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1111246
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYlfYMazt1TCVG7rpIy0Kcw%2FbdXdMBzZA1n%2BLYWUzW0gsgSh%2FEiyBcK4I3FddUr%2Fk0qzJdL9FOoFzMZU2gv2h3DphEBw1cQfrROOGxRdKneAix0Zj6KmlXGuH%2Bgpp0DXYAuH4uPmhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b5e8400df411cba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2574
expires: Fri, 28 Apr 2023 02:03:53 GMT

Redirect headers

location: https://imcdn.co/ZSOLXbH24nVRLMYtLZM175DldgzqSPFiNUi5FiOp.png
date: Mon, 10 Apr 2023 22:44:38 GMT
referrer-policy: no-referrer
server: dspclick-v3.8.7
content-length: 0

GET
H2

200

ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
imcdn.co/ Frame 464F
Redirect Chain

https://icdns.net/b2/l/i/icon?cid=1&eid=10592&n=5bb26bbae6092495544ebeae&nid=1&sid=qb5waPse6F3gV0i04OMUgSr8fRe4qVX7cgLA%2BkQLcH6mQZmVPKuNIFUvkv0zkD%2FcmuyxkUTSmLARDqdjJrImd8iZ62bVQ8OJkOnKLlJOzgo8FE...
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png

4 KB
4 KB

99ms
35ms

Image
image/webp

2606:4700:3038::6815:ea32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Server: 2606:4700:3038::6815:ea32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:44:39 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 01:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 853335
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOnTHbFyh5lxq967%2BRk8BHDUze6aflJFkfq87UiLXoAbx7snedNGKMCSl21X9rd9NP8Wz2GN9tPnV9FASEOLsHFBkGZxLAe%2BdQDLItwpvtUI8bmffJo%2BWSS0njryx536yVekmKJq%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7b5e8400df3e1cba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3970
expires: Mon, 01 May 2023 01:42:24 GMT

Redirect headers

location: https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
date: Mon, 10 Apr 2023 22:44:38 GMT
referrer-policy: no-referrer
server: dspclick-v3.8.7
content-length: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jiotv.tk/	1969-12-31 23:59:59	Name: jiotv_tk Value: hp4a4oq1kqp3venks667jis90v
.jiotv.cf/	1969-12-31 23:59:59	Name: jiotv_cf Value: 4qi4409e4hghhr9i4e2hitkraq
.jiotv.cf/	1970-01-20 11:00:53	Name: _gid Value: GA1.2.1233253070.1681166676
.jiotv.cf/	1970-01-20 10:59:26	Name: _gat Value: 1
.jiotv.cf/	1970-01-20 20:35:26	Name: _ga Value: GA1.1.1916027817.1681166676
.jiotv.cf/	1970-01-20 20:35:26	Name: _ga_EFRKRPXK2Z Value: GS1.1.1681166675.1.0.1681166675.0.0.0
.jiotv.cf/	1970-01-20 10:59:28	Name: __cf_bm Value: SEVCWK6trT49TGYghZIjvzMFh1mTh8utawbZrQtxaLE-1681166676-0-AeP7UH5FkbjuuLajvay7SJdm0PaNitnMOGhKWLdKD98ZqyFBXSpupzStctvlpnoF7YX/Sq7uq1wWYPCbtsUqvpGezL1DR+2NxMLmqbUUvfe83Hh/c9lxQwOJQN9V+vhNxw==
.doubleclick.net/	1970-01-20 10:59:27	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
ad.a-ads.com
adservice.google.com
adservice.google.nl
afarkas.github.io
btcx.sbs
counter.jdi5.com
fastcdn.jdi5.com
fastcdn111.site
googleads.g.doubleclick.net
i.wmgtr.com
icdns.net
imcdn.co
imgcdn1.jdi5.com
jiotv.cf
jiotv.tk
js.cdnspace.io
jscdn1.abxyz.top
jswww.net
pagead2.googlesyndication.com
prhzxq.com
region1.google-analytics.com
rlnlsk.com
static.a-ads.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
xdiwbc.com
109.206.162.121
109.206.162.211
109.206.168.17
148.251.233.147
2001:4860:4802:32::178
2001:4860:4802:32::36
2606:4700:3034::ac43:a283
2606:4700:3035::ac43:8726
2606:4700:3035::ac43:a802
2606:4700:3036::ac43:a54e
2606:4700:3038::6815:ea32
2606:50c0:8003::153
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c09::9d
2a02:b4a:1:7::9167:1
2a02:b4a:1:8::9313:1
2a06:98c1:3121::3
2a0d:2787:1b:1f6::a
45.133.44.32
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a
068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392
0a9495882b646aa622ebe77c3c4c25b63b213f264d7cfa86057f52311a9a289b
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
14f257345fe881101b2b17e988c3e83086885e9c60ba9f3076786ea5ae66da7e
16a273954e382a0d8968fdc919213200ca0dcf3fc3d7b37c0d759269557dd72f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
38b6134d81adda17f01d39591864abd751860f6afa30d6a1f64f5fdc331ac6c5
3982a6ca087cdc26a5036c599bfc50748dbfb0fae0b9afe80f4af713ed846935
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59489d26df7d9ade53957bfc3b351b14c58e47fc4ae1f4a8669d4a6852f587c7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
72f569946944e6e14fe7f480177f78285ac4d9523131f8bdcadf507e754255c5
7304af45849f11d208a17c2b4f1986462294f7e1605b4a91967aae2c3724e438
73cb8813e80c673c13f2908ebd5e9f3e447a5d8ba45df1647bf124a97542ccaa
74a5f5a90410fb9206ec545eb47367d4388cf3c950eeb12390c598566ba7b13c
7b94f7db5f3b2d489c4ab43e3a0093769d9f844da6cc9d7d71ff7bf79ba96f5f
86414eed07e288fe0d3b0bc79b50ea034c6f3581c56686540a6413e93e6c2bc3
896044ffbc788637ae2c98bbbb522ad82a6846aa110424cfec3d21af84ea2e22
8f68bda364ce906323a57ef24f315b7b277a03f5fa5fc2bff05a2b2edce40c6b
92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
99353dc0be144a4d901291e08312d983fd5dac379d5f29828ef88008089690db
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aba38fc961c0ae884b2d27d10096c00c1892bca79b24e5cc242f33ad614b626e
ac03b241013f29a29e2960d28b74ac3a15da00d084cc70fbb4595a0e4b734a3d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c0120e2d61305f8cd1dc6fb93068a6c202a43c58bf3d5143f3af3e84ba197e6b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
e2bec70120ba1fbdec2ff95d26c7df9b95dd303583852ed862ede41544aba9a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb
ebb3586309c5ddb1d3edf95b85a4ab20e5c5f99cd3a36e62fa2ac12467feeb0c
ebbcebaae0fd5ca1c775a2f8ff5dd53897e537ba18014fea5a170e1144761a31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dcaa9f195d39ba3059d7efd7dac92af1f150348c6ea2db86dbc6ba96020caa
f6b584d769808ab7f0a230e2729e6423e76f8b20bf402452f54555626f1b778b
fe52059cc4cdb3b484eebf550a20e5c9782b0f78a6fbe2f70869e69104625228

jiotv.cf Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

91 %HTTPS

81 %IPv6

23 Domains

31 Subdomains

23 IPs

4 Countries

750 kBTransfer

1677 kBSize

8 Cookies

20 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jiotv.cf Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

91 %
HTTPS

81 %
IPv6

23
Domains

31
Subdomains

23
IPs

4
Countries

750 kB
Transfer

1677 kB
Size

8
Cookies

53 HTTP transactions
1 data transactions