urlscan.io logo urlscan.io
SecurityTrails logo

btc-doubler.biz Open in urlscan Pro
104.21.52.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://btc-doubler.biz/
Effective URL: https://btc-doubler.biz/
Submission: On October 22 via api from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 41 HTTP transactions. The main IP is 104.21.52.51, located in United States and belongs to CLOUDFLARENET, US. The main domain is btc-doubler.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 15th 2021. Valid for: a year.
This is the only time btc-doubler.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 104.21.52.51 13335 (CLOUDFLAR...)
1 142.250.185.168 15169 (GOOGLE)
10 142.250.181.238 15169 (GOOGLE)
5 69.16.175.10 20446 (HIGHWINDS3)
1 172.217.23.99 15169 (GOOGLE)
1 2 142.250.186.98 15169 (GOOGLE)
1 142.250.184.198 15169 (GOOGLE)
1 216.58.212.132 15169 (GOOGLE)
1 216.58.212.161 15169 (GOOGLE)
1 142.250.181.246 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
41 12
18    104.21.52.51 (United States)

ASN13335 (CLOUDFLARENET, US)
btc-doubler.biz
1    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
10    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.youtube.com
www.google-analytics.com
5    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
static.doubleclick.net
1    216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f4.1e100.net
www.google.com
1    216.58.212.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f161.1e100.net
yt3.ggpht.com
1    142.250.181.246 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f22.1e100.net
i.ytimg.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.gstatic.com
Domain Requested by
18 btc-doubler.biz 1 redirects btc-doubler.biz
9 www.youtube.com btc-doubler.biz
www.youtube.com
5 code.jquery.com btc-doubler.biz
code.jquery.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com btc-doubler.biz
41 12

This site contains links to these domains. Also see Links.

Domain
www.blockchain.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-15 -
2022-10-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://btc-doubler.biz/
Frame ID: 4FC73E0E21773297E8C68754EAF9D5BE
Requests: 24 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RhfCyI-2xqs
Frame ID: CC2283DCC5AA6EFD6C7F5E1E2D4C174A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

✅ Bitcoin Doubler. Double Your Bitcoin In Just 24 Hours.

Page URL History Show full URLs

  1. http://btc-doubler.biz/ HTTP 301
    https://btc-doubler.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

1
Countries

2162 kB
Transfer

5515 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://btc-doubler.biz/ HTTP 301
    https://btc-doubler.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
btc-doubler.biz/
Redirect Chain
  • http://btc-doubler.biz/
  • https://btc-doubler.biz/
437 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9a99b577a9862956750ed05d1668f8d90805d113328c995d45bf05e5129a10d1

Request headers

:method
GET
:authority
btc-doubler.biz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg; path=/; HttpOnly
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MDs2sWJph00TyN68AkXgljj5bMpa%2F5QrxNWswbEnfRi5w1GNDAnp4GPtdkvNy4r5PNo5mXcPo522sI0H9Q75l2NqcUk65tC9sDTTeMf%2FJgQ1Hz5V2EXMB3nkvx7cCSwoqY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a1f627c0de7eda7-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Fri, 22 Oct 2021 02:44:35 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 22 Oct 2021 03:44:35 GMT
Location
https://btc-doubler.biz/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abkQsxFqzTPgt4k5zTTBatNo%2BGoTX07Tk%2FetnuweY%2B8OLhqMjcyp7JGkTyWT7pGw4hp7dZOUNJsxS0%2F8UiIumDUB0iUVdo3hLVMHERRNMpyLIsl5KpHQaa6TUj2m5BD9x3U%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a1f627baec240bd-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main.css
btc-doubler.biz/css/ 		225 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/css/main.css
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4825a3d6d07c7882df11b1c0ad16fa15476ab5a5c88efdfc88ca7ac7428e07f

Request headers

:path
/css/main.css
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5965
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 08 Nov 2019 16:15:58 GMT
server
cloudflare
etag
W/"5fd565ce4f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlrP%2BTnuFCfHHWELMBmcQZ7i6zr%2FkUZ7Uns9q%2Fj8YMqcq7VbMMtWI5n%2FtEDoTsYvHZ5tPD1%2FSKdkT6FDuloI%2FSD47gdfoYWqVtQLz%2BvNrUoDqO0wo5M2WxDPe01X4oDZ1Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6a1f627d9e8eeda7-CDG
jquery-3.4.1.min.js
btc-doubler.biz/scripts/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/scripts/jquery-3.4.1.min.js
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path
/scripts/jquery-3.4.1.min.js
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5965
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 08 Nov 2019 16:15:09 GMT
server
cloudflare
etag
W/"415027b14f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFVbZX1TtZY8JozQcntpXBTjXGetdOPRcXoV6qJcRp%2FYxg%2FWb%2BgTB86ov2ceA2xMIiIHK%2FN%2FAwrOsPXZVATzCti7vTYexJDEhECtbTcqcyThvQ01qRrMboHSDAvsblzkvpg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
6a1f627d9e8feda7-CDG
date.format.js
btc-doubler.biz/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/scripts/date.format.js
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bf404d0c97c70747c2ff2cb204e1f18c3d45e8e94f268f01e445d5f26028521b

Request headers

:path
/scripts/date.format.js
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5965
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 19:22:38 GMT
server
cloudflare
etag
W/"47fb28714ff3d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD3HdUq0DpRvI6V46bz8zGl3P5zx8OPjDHf%2FOD181pLhvmY0Lwv7pRtChl4yJwErfRO%2FRBITHPzY8Uv8o2GPmiNMcz37QNao0ki0gFjoum90CS%2B4xSC0fTqJibexmY1%2F7ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
6a1f627d9e90eda7-CDG
js
www.googletagmanager.com/gtag/ 		161 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3MKZFRMS56
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ecee1ddb20bf198089748384f6da91f4da6fc01920276125ef09750642bee947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60672
x-xss-protection
0
expires
Fri, 22 Oct 2021 02:44:36 GMT
WebResource.axd
btc-doubler.biz/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/WebResource.axd?d=Nhf6TpUj19KZ9rhEj2xtdXe0jc_66RvT0VmbGjBDVyvyXi4d6AgYNUe0P8h_236KjMnN6nwy-Y6DfFAG_QiojvBr2nzuEmCHjZcPOoh_FIyg5Z5g-kPkxs4kotAy9sFL0&t=636202617920000000
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ed08ad7f0c11f8d9faa287799bbffc6e80408f335934e9418e0a3c672577558f

Request headers

:path
/WebResource.axd?d=Nhf6TpUj19KZ9rhEj2xtdXe0jc_66RvT0VmbGjBDVyvyXi4d6AgYNUe0P8h_236KjMnN6nwy-Y6DfFAG_QiojvBr2nzuEmCHjZcPOoh_FIyg5Z5g-kPkxs4kotAy9sFL0&t=636202617920000000
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 17 Jan 2017 11:26:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCwH9OfvTorZKTMNHFWUuov0UtdamanX9qMoFYsXXZ2wIKlveUewlKPesfzbzgBhFXg%2FclGhO73dlFh6Iku0SP1Pr5mBTyuqEADYnQ1Q5VDVqI9hysIk1cjjFcbzcIdE7QY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public
cf-ray
6a1f627d9e91eda7-CDG
expires
Sat, 22 Oct 2022 02:42:14 GMT
WebResource.axd
btc-doubler.biz/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/WebResource.axd?d=f3r-5Q0ZPKoTNCRK5CAr8p_m-5FHwoWttnHHWZJj6opn369Y47VDZO_P8Wf60dV-8LqtNx5MSF-PvX6xa8xNXLTAl1Lbaeu3Awp3NGfwesKm9s6YwzVwg7715oWh-VyxfTz9yoZ6OIwRVhr8llupxFiboA8iYY9wCfBkef4GsdE1&t=636202617920000000
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8b1819f20fc99f125dd5c44de1242aa6196f7f13f83520b2cfb99b0dbe9cc6fe

Request headers

:path
/WebResource.axd?d=f3r-5Q0ZPKoTNCRK5CAr8p_m-5FHwoWttnHHWZJj6opn369Y47VDZO_P8Wf60dV-8LqtNx5MSF-PvX6xa8xNXLTAl1Lbaeu3Awp3NGfwesKm9s6YwzVwg7715oWh-VyxfTz9yoZ6OIwRVhr8llupxFiboA8iYY9wCfBkef4GsdE1&t=636202617920000000
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 17 Jan 2017 11:26:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMoJFhxPyZ9YppY7hXsSr5qfymnHPxFb8yBy1JCLlXEGhx5EZZ7zbB0k8oyOPLGuZRtbh8ijD5DsM45fb9C7nzsEe0jSaSeIfrwCPDKLL6sFawjPqP3SyFAUlneH1jhrL0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public
cf-ray
6a1f627d9e92eda7-CDG
expires
Sat, 22 Oct 2022 02:42:14 GMT
index.png
btc-doubler.biz/Images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/Images/index.png
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e1f93477d75b19b3a681c6fcdf6284b78c69a03c76f1963005824d8a2bff0828

Request headers

:path
/Images/index.png
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5964
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4428
last-modified
Fri, 08 Nov 2019 16:16:08 GMT
server
cloudflare
etag
"67c2dd44f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6l4P35agG%2FTt52cDWvxnKx9bLZtu71zrCIc43NsbqXjv7arice1PWPHqW%2BZjM4pwmRZBfRYhUbhn4BwWe7gQ5AmLW%2FMr2%2FHesBZKavEPrOk3TjH62nLen5fcxmxPbz%2FxUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a1f627e08edee44-CDG
bitcoin-doubler.png
btc-doubler.biz/Images/ 		413 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/Images/bitcoin-doubler.png
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d5ce46113fd02945c5f4d1737c9a80e6889204a2ae01274d14f752eba9607411

Request headers

:path
/Images/bitcoin-doubler.png
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5964
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
423018
last-modified
Fri, 08 Nov 2019 16:16:08 GMT
server
cloudflare
etag
"2b6925d44f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7Y%2Be8rEnzvUY8hXvbGeUyF9afEm%2F8amWThkWQ6Dpzkt%2BhK9kiKqeKSdITfMm368jqMIFqkIKPwsa2z3cG6DR%2BhQlmdZjTcVil2jSyRZDdyi%2B2P2Vr6PvPE7M%2Fm%2FcAB2Hog%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a1f627e08efee44-CDG
RhfCyI-2xqs
www.youtube.com/embed/ Frame CC22 		57 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/RhfCyI-2xqs
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
b6d65006604d67fa385df12ac53b6ff0ca3804516f26c5fc303f4ee733bedd23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/RhfCyI-2xqs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://btc-doubler.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 22 Oct 2021 02:44:36 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=3Meju_XieC4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=toXzQare-KU; Domain=.youtube.com; Expires=Wed, 20-Apr-2022 02:44:36 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+320; expires=Sun, 22-Oct-2023 02:44:36 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
WebResource.axd
btc-doubler.biz/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDyNpJQ0o3KdrHXVqVTI87rpupmKb-uNF5hy7C-41gRMjh8ZFloB2dMqM17rcr9JbA2&t=636893357460000000
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

:path
/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDyNpJQ0o3KdrHXVqVTI87rpupmKb-uNF5hy7C-41gRMjh8ZFloB2dMqM17rcr9JbA2&t=636893357460000000
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Mar 2019 21:39:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiyZlGO%2FpWyqTI5FXB0j9nQn17FbhdzCCJ%2BZ2v%2FqAL66TchUwcChYZ1yxxSpkDwrV57WwstyUWQrhaiT5Z4tLD%2B6jkWkro7ZvqRdspnNNP5t0lVbUlZhouex4fdlBIoPDMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public
cf-ray
6a1f627e28ffee44-CDG
expires
Sat, 22 Oct 2022 02:42:14 GMT
Telerik.Web.UI.WebResource.axd
btc-doubler.biz/ 		678 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a5dfa896e-6fe6-4fa7-9072-7445abba58a1%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2017.1.118.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3ae5f799c1-ae8d-47dd-a4eb-e98a7cefaaeb%3a16e4e7cd%3a33715776%3a58366029%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a5dfa896e-6fe6-4fa7-9072-7445abba58a1%3a76254418
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
071256b4a38dee570ba545f67daecc039b2cb587113f7fa9eac04aa8b121f5ef

Request headers

:path
/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=RadScriptManager1_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a5dfa896e-6fe6-4fa7-9072-7445abba58a1%3aea597d4b%3ab25378d2%3bTelerik.Web.UI%2c+Version%3d2017.1.118.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3ae5f799c1-ae8d-47dd-a4eb-e98a7cefaaeb%3a16e4e7cd%3a33715776%3a58366029%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3a5dfa896e-6fe6-4fa7-9072-7445abba58a1%3a76254418
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Jan 2017 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PM2DhUZF2rDv%2BPoOSi6TaRBlftOQxsE9IWMvq0cbRRReBS5QDAMCYO0JTAE1%2B1GGf7DyR5zRfHPwYEa%2BDlEO4qH0zDOfmv4AfDzEsm6UkFa%2BDaAnMZ7btgzMiPLLrjPOLgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
6a1f627e2900ee44-CDG
expires
Sat, 22 Oct 2022 02:44:36 GMT
bitcoin-doubler-icon-for-table-btc.png
btc-doubler.biz/Images/ 		806 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/Images/bitcoin-doubler-icon-for-table-btc.png
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
33d6efa0a639556b17b25ad78384fc9f7eeb50426fa2b73060e8742b870ad895

Request headers

:path
/Images/bitcoin-doubler-icon-for-table-btc.png
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5962
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
806
last-modified
Fri, 08 Nov 2019 16:16:08 GMT
server
cloudflare
etag
"edec2d44f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ5axem1d6aGq4NfpuIlSRzolnF1oq3lgKzCFda9lLwNqI%2FjFLD4FK5%2FTig3zC%2FhNJiFtVKJc2Jt45y2NrDg98zTXBLW%2Bc56GbC2oGTo5sAhBCfzi6mKKiwnpPKt44LZrlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a1f627e2901ee44-CDG
bitcoin-doubler-payout_icon.png
btc-doubler.biz/Images/ 		1020 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/Images/bitcoin-doubler-payout_icon.png
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b55f5779ee7e44f8b6cc5dd240cca214bba73becd9f3989e84db6035d3351828

Request headers

:path
/Images/bitcoin-doubler-payout_icon.png
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5962
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1020
last-modified
Fri, 08 Nov 2019 16:16:08 GMT
server
cloudflare
etag
"859fbd44f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FypKTe9yz1%2FfribD1SvyqQX9TsVvPLFXe3xdITLdkcTROKExVyybBpNMihrwdvA%2FyxRefimcVEtfzbAAc0m%2Bynyg0VhV3ZDPkNorIvIqqOPJkpMJ7vMaTNG24MaXB4Q1BJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a1f627e2903ee44-CDG
bitcoin-multiplier.png
btc-doubler.biz/Images/ 		413 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/Images/bitcoin-multiplier.png
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ef749bba754a5fd0b3c4a91db0e152eb33d22cc9fcde9cc8a54f7e81cf9114c7

Request headers

:path
/Images/bitcoin-multiplier.png
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5961
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
423018
last-modified
Fri, 08 Nov 2019 16:16:08 GMT
server
cloudflare
etag
"cf6029d44f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8s0szgZ6%2BJu17PK95ga7nWfTLDUQhsUuI9GUgHqirJ5PKnqCUcw7edFJNIK6%2FtBr2ygaIZSISmKD16k%2FTUzgPSIo0dCbZ%2BG3nk7icY1L%2BuTGpvIhf6BtlW8%2BSOsP980VGB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a1f627e6934ee44-CDG
certificate.jpg
btc-doubler.biz/Images/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/Images/certificate.jpg
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f79682ca37ca613ab7d2a849baf9cf0d9b6db2cfe82295c526f5ba14ab2368b

Request headers

:path
/Images/certificate.jpg
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5961
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
90821
last-modified
Fri, 08 Nov 2019 16:16:08 GMT
server
cloudflare
etag
"e95b22d44f96d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2Bv2FeM7%2B97HbxN1nLJYYWjMQ35cNClfgd%2F%2B%2B3iou2ouJMc%2FuCY%2BbBJj%2Fo9OIzduE0hMJBz%2F4la0yx8uo5m7J1Xb9mCoV2EUO7fFI2FcAKWENNJMlZFXSuwzGbONmO5N0QU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a1f627e6935ee44-CDG
email-decode.min.js
btc-doubler.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUB4eAI2AKYko2AlVMNj%2BT6WJiMrc7hwMWzfHHghKg0UCxGx5fwyn2svFavBEmvOAdBsXh0KFZwlEMudlveCufxkpVTvARCKL8LBhtsM0Zh6w3mvRwRlEZeD5GUP05%2Bvv74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a1f627e6936ee44-CDG
vary
Accept-Encoding
expires
Sun, 24 Oct 2021 02:44:36 GMT
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
etag
W/"57d97c08-3dee4"
vary
Accept-Encoding
x-hw
1634870676.dop205.am5.t,1634870676.cds239.am5.hn,1634870676.cds263.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
js.cookie.min.js
btc-doubler.biz/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btc-doubler.biz/scripts/js.cookie.min.js
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8

Request headers

:path
/scripts/js.cookie.min.js
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5964
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 19 Jan 2021 08:00:52 GMT
server
cloudflare
etag
W/"30c993539eed61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tyZXwA5lw7jSKr8V%2FXlSoWTfysPFD5ySacUaAZmL8KExKbTox%2BFKixSsTrWAYjoQ9WfWNRC2V1B1uXy8Fy7SPQim1kbMqnm3w6xnQM0bguYeduaLN%2BpcbqVyDKKbLgAjCg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
6a1f627e6937ee44-CDG
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/smoothness/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:17 GMT
server
nginx
etag
W/"57d97c09-8eb8"
vary
Accept-Encoding
x-hw
1634870676.dop205.am5.t,1634870676.cds239.am5.hn,1634870676.cds114.am5.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8422
WebResource.axd
btc-doubler.biz/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://btc-doubler.biz/WebResource.axd?d=IKYv4k_MTLpxskuFVxpAQA9TZWnf0j-ILjJOJcVcWmMbgRU--pR7v2Qqk9bCXzcANI3GsbxlQ5QZIAPPsVdZiNyZnoQdXZStY8y1_Dj54JJs6Drm6ukgs4PQaeSGVGqxvVUCiBZgERk8haeomD9ZQ5TipvLr0xmdatlpRrZYGxQ1&t=636202617920000000
Requested by
Host: btc-doubler.biz
URL: https://btc-doubler.biz/WebResource.axd?d=f3r-5Q0ZPKoTNCRK5CAr8p_m-5FHwoWttnHHWZJj6opn369Y47VDZO_P8Wf60dV-8LqtNx5MSF-PvX6xa8xNXLTAl1Lbaeu3Awp3NGfwesKm9s6YwzVwg7715oWh-VyxfTz9yoZ6OIwRVhr8llupxFiboA8iYY9wCfBkef4GsdE1&t=636202617920000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
600eba42cfc31a361f7fa0e02d524ef3c9cded95fbd6af0cb046db7b0422504a

Request headers

:path
/WebResource.axd?d=IKYv4k_MTLpxskuFVxpAQA9TZWnf0j-ILjJOJcVcWmMbgRU--pR7v2Qqk9bCXzcANI3GsbxlQ5QZIAPPsVdZiNyZnoQdXZStY8y1_Dj54JJs6Drm6ukgs4PQaeSGVGqxvVUCiBZgERk8haeomD9ZQ5TipvLr0xmdatlpRrZYGxQ1&t=636202617920000000
pragma
no-cache
cookie
ASP.NET_SessionId=omia54as4ktnkceegkks0xtg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
btc-doubler.biz
referer
https://btc-doubler.biz/WebResource.axd?d=f3r-5Q0ZPKoTNCRK5CAr8p_m-5FHwoWttnHHWZJj6opn369Y47VDZO_P8Wf60dV-8LqtNx5MSF-PvX6xa8xNXLTAl1Lbaeu3Awp3NGfwesKm9s6YwzVwg7715oWh-VyxfTz9yoZ6OIwRVhr8llupxFiboA8iYY9wCfBkef4GsdE1&t=636202617920000000
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://btc-doubler.biz/WebResource.axd?d=f3r-5Q0ZPKoTNCRK5CAr8p_m-5FHwoWttnHHWZJj6opn369Y47VDZO_P8Wf60dV-8LqtNx5MSF-PvX6xa8xNXLTAl1Lbaeu3Awp3NGfwesKm9s6YwzVwg7715oWh-VyxfTz9yoZ6OIwRVhr8llupxFiboA8iYY9wCfBkef4GsdE1&t=636202617920000000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 17 Jan 2017 11:26:32 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwN%2BPPlGHXynbjPSTSAOKsoh74Ke7CWfIU2c6VG0G%2Bej5w8ja8LJzpNdzXOGVTbngPXJhc9LhUqlxYjMpS4%2F8MRy63jZKtGKyZtW9gUiSPfXVKoY6QPkRnMrq92tuzTejcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public
cf-ray
6a1f627faa31ee44-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8427
expires
Sat, 22 Oct 2022 02:42:16 GMT
collect
www.google-analytics.com/g/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3MKZFRMS56&gtm=2oeak0&_p=668223620&sr=1600x1200&ul=en-us&cid=1349057530.1634870676&_s=1&dl=https%3A%2F%2Fbtc-doubler.biz%2F&dt=%E2%9C%85%20Bitcoin%20Doubler.%20Double%20Your%20Bitcoin%20In%20Just%2024%20Hours.&sid=1634870676&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MKZFRMS56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://btc-doubler.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 02:44:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://btc-doubler.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ui-bg_highlight-soft_75_cccccc_1x100.png
code.jquery.com/ui/1.12.1/themes/smoothness/images/ 		325 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.12.1/themes/smoothness/images/ui-bg_highlight-soft_75_cccccc_1x100.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
8247a197fd9e3127c1e16e93c5c56e2d9a26e1ff34f11d90dee49d28bd3b5c73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
last-modified
Wed, 14 Sep 2016 16:34:17 GMT
server
nginx
etag
"57d97c09-145"
x-hw
1634870676.dop205.am5.t,1634870676.cds239.am5.hn,1634870676.cds258.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
325
ui-bg_glass_75_e6e6e6_1x400.png
code.jquery.com/ui/1.12.1/themes/smoothness/images/ 		324 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.12.1/themes/smoothness/images/ui-bg_glass_75_e6e6e6_1x400.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
5a970afa3a0dad7aec1d5ce6c7675cfceaaeab66935e41300910f2ebcbb7e44a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
last-modified
Wed, 14 Sep 2016 16:34:17 GMT
server
nginx
etag
"57d97c09-144"
x-hw
1634870676.dop205.am5.t,1634870676.cds239.am5.hn,1634870676.cds262.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
324
ui-icons_888888_256x240.png
code.jquery.com/ui/1.12.1/themes/smoothness/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.12.1/themes/smoothness/images/ui-icons_888888_256x240.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a2346a7e5d7938346660902f4dbe51671bf8b09cd5070247874eddae3c7db62b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://code.jquery.com/ui/1.12.1/themes/smoothness/jquery-ui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:36 GMT
last-modified
Wed, 14 Sep 2016 16:34:17 GMT
server
nginx
etag
"57d97c09-1bc7"
x-hw
1634870676.dop205.am5.t,1634870676.cds239.am5.hn,1634870676.cds117.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7111
www-player-webp.css
www.youtube.com/s/player/9e457a67/ Frame CC22 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 07:06:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
70659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
46953
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 07:06:57 GMT
www-embed-player.js
www.youtube.com/s/player/9e457a67/www-embed-player.vflset/ Frame CC22 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
a94e60203c4a1d8371c22e4410baf6dbec30875599730d8ca8a22adaf23518d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:53:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
100259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70183
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 22:53:37 GMT
base.js
www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/ Frame CC22 		2 MB
512 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
a728f23ae512668f87d868b76ec44f5117c840fc4ac3809fa66ecf2ccb54d97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:25:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
65966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
524366
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 08:25:10 GMT
fetch-polyfill.js
www.youtube.com/s/player/9e457a67/fetch-polyfill.vflset/ Frame CC22 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2830
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Oct 2022 01:32:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC22 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 09:07:47 GMT
x-content-type-options
nosniff
age
236209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 09:07:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CC22
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
48874b1792216366df57ae6f7543a3ae1a62a40ba584d015bcddbfad29e2cef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Oct 2021 02:44:37 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CC22 		29 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:43:00 GMT
x-content-type-options
nosniff
age
97
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Oct 2021 02:58:00 GMT
remote.js
www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/ Frame CC22 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
29b93a0c7ce944834a9841b7ed98b20f1c19e871ff4f3361db76a026f46d6a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
298308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29594
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 15:52:48 GMT
LOmHOoAv0oJwm2BB9so6lRy8TBRhtyNZy_JhYGjOIrE.js
www.google.com/js/th/ Frame CC22 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/LOmHOoAv0oJwm2BB9so6lRy8TBRhtyNZy_JhYGjOIrE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f4.1e100.net
Software
sffe /
Resource Hash
2ce9873a802fd282709b6041f6ca3a951cbc4c1461b72359cbf2616068ce22b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 05:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
164075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13444
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 05:10:02 GMT
embed.js
www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/ Frame CC22 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
5086b34a1e9d368fcf3c5ef99cddc58a9ca924649f90bccde0ac0a20f327f9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
71477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7355
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 06:53:19 GMT
truncated
/ Frame CC22 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
zDxIndcRxFxa5tTKXjJuXA2fV2pT-KMO7M0gCFjEzJ7EUgh0rbM4X05uqNr0LcLeOznpCnaPZvo=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CC22 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/zDxIndcRxFxa5tTKXjJuXA2fV2pT-KMO7M0gCFjEzJ7EUgh0rbM4X05uqNr0LcLeOznpCnaPZvo=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
fife /
Resource Hash
429fce08f53be686c60c2a1dd29780e2a82356192595fd441c8ab5afe136a3e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 00:43:26 GMT
x-content-type-options
nosniff
age
7271
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 16 Oct 2021 10:09:29 GMT
sddefault.webp
i.ytimg.com/vi_webp/RhfCyI-2xqs/ Frame CC22 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/RhfCyI-2xqs/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
sffe /
Resource Hash
4bab438c6dd17ca04c315dd18232ac48d45c35ce43f4fd67ab8b1af463dd005e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 01:53:54 GMT
x-content-type-options
nosniff
age
3043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13392
x-xss-protection
0
server
sffe
etag
"1634291528"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Oct 2021 03:53:54 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CC22 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Oct 2021 02:44:37 GMT
generate_204
www.youtube.com/ Frame CC22 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?NBIcCQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/RhfCyI-2xqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:44:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame CC22 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 11:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Fri, 22 Oct 2021 11:28:47 GMT
log_event
www.youtube.com/youtubei/v1/ Frame CC22 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/RhfCyI-2xqs
X-YouTube-Client-Version
1.20211017.0.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt0b1h6UWFyZS1LVSiUy8iLBg%3D%3D
X-YouTube-Ad-Signals
dt=1634870676736&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C338&vis=1&wgl=true&ca_type=image&bid=ANyPxKrm_vgzwaddF7KdpjO4drSZ79I6FMjIheJ7Ytx6A1ZoeteRBbnvcy1cmpuVdFTLPwwUh2KAujGt3Xz0i4qqg2k5TCpBOA

Response headers

date
Fri, 22 Oct 2021 02:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 22 Oct 2021 02:44:39 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| dateFormat function| gtag object| dataLayer object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| google_tag_manager function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find object| commonScripts function| Type object| Sys object| _events object| Telerik object| $telerik object| TelerikCommonScripts object| google_tag_data object| gaGlobal object| modal object| btn object| span object| translator object| prm object| Cookies function| show_dialog function| OnRowCreated object| null function| onYouTubeIframeAPIReady

6 Cookies

Domain/Path Name / Value
btc-doubler.biz/ Name: ASP.NET_SessionId
Value: omia54as4ktnkceegkks0xtg
.youtube.com/ Name: YSC
Value: 3Meju_XieC4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: toXzQare-KU
.btc-doubler.biz/ Name: _ga_3MKZFRMS56
Value: GS1.1.1634870676.1.0.1634870676.0
.btc-doubler.biz/ Name: _ga
Value: GA1.1.1349057530.1634870676
.doubleclick.net/ Name: IDE
Value: AHWqTUkjj2mAce6jlk13xhBZTbK_Qc42cH3dNRQdUNlWdF-5sZpVDBwKYEIcMKpJ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btc-doubler.biz
code.jquery.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
static.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.21.52.51
142.250.181.238
142.250.181.246
142.250.184.198
142.250.185.168
142.250.185.99
142.250.186.98
172.217.23.99
216.58.212.132
216.58.212.161
69.16.175.10
071256b4a38dee570ba545f67daecc039b2cb587113f7fa9eac04aa8b121f5ef
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29b93a0c7ce944834a9841b7ed98b20f1c19e871ff4f3361db76a026f46d6a06
2ce9873a802fd282709b6041f6ca3a951cbc4c1461b72359cbf2616068ce22b1
33d6efa0a639556b17b25ad78384fc9f7eeb50426fa2b73060e8742b870ad895
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
429fce08f53be686c60c2a1dd29780e2a82356192595fd441c8ab5afe136a3e3
48874b1792216366df57ae6f7543a3ae1a62a40ba584d015bcddbfad29e2cef6
4bab438c6dd17ca04c315dd18232ac48d45c35ce43f4fd67ab8b1af463dd005e
4f79682ca37ca613ab7d2a849baf9cf0d9b6db2cfe82295c526f5ba14ab2368b
5086b34a1e9d368fcf3c5ef99cddc58a9ca924649f90bccde0ac0a20f327f9bf
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5a970afa3a0dad7aec1d5ce6c7675cfceaaeab66935e41300910f2ebcbb7e44a
600eba42cfc31a361f7fa0e02d524ef3c9cded95fbd6af0cb046db7b0422504a
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
8247a197fd9e3127c1e16e93c5c56e2d9a26e1ff34f11d90dee49d28bd3b5c73
8b1819f20fc99f125dd5c44de1242aa6196f7f13f83520b2cfb99b0dbe9cc6fe
9a99b577a9862956750ed05d1668f8d90805d113328c995d45bf05e5129a10d1
a2346a7e5d7938346660902f4dbe51671bf8b09cd5070247874eddae3c7db62b
a728f23ae512668f87d868b76ec44f5117c840fc4ac3809fa66ecf2ccb54d97e
a94e60203c4a1d8371c22e4410baf6dbec30875599730d8ca8a22adaf23518d0
b55f5779ee7e44f8b6cc5dd240cca214bba73becd9f3989e84db6035d3351828
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b6d65006604d67fa385df12ac53b6ff0ca3804516f26c5fc303f4ee733bedd23
bf404d0c97c70747c2ff2cb204e1f18c3d45e8e94f268f01e445d5f26028521b
c4825a3d6d07c7882df11b1c0ad16fa15476ab5a5c88efdfc88ca7ac7428e07f
d5ce46113fd02945c5f4d1737c9a80e6889204a2ae01274d14f752eba9607411
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e1f93477d75b19b3a681c6fcdf6284b78c69a03c76f1963005824d8a2bff0828
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecee1ddb20bf198089748384f6da91f4da6fc01920276125ef09750642bee947
ed08ad7f0c11f8d9faa287799bbffc6e80408f335934e9418e0a3c672577558f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef749bba754a5fd0b3c4a91db0e152eb33d22cc9fcde9cc8a54f7e81cf9114c7
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702