urlscan.io logo urlscan.io
SecurityTrails logo

bartsim.xyz Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bartsim.xyz/livetv.php?tv=163
Effective URL: https://bartsim.xyz/livetv.php?tv=163
Submission: On February 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 8 countries across 19 domains to perform 44 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is bartsim.xyz.
TLS certificate: Issued by R3 on December 27th 2021. Valid for: 3 months.
This is the only time bartsim.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.243.59.13 39572 (ADVANCEDH...)
4 104.21.94.254 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 67.202.114.216 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 35.190.41.116 15169 (GOOGLE)
2 139.45.197.238 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 46.105.201.240 16276 (OVH)
1 192.99.8.34 16276 (OVH)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 216.59.63.128 53334 (TUT-AS)
1 91.149.224.185 58110 (IPVOLUME)
44 26
5    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
bartsim.xyz
ashcdn.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pulverizehinder.com
4    104.21.94.254 (None, )

ASN13335 (CLOUDFLARENET, US)
wigistream.to
1    2606:4700:3034::ac43:b683 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
velocitycdn.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
2    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
soaheeme.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
www.cdn4ads.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.34 (Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
3    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
2    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
5    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
snvszxg5lu4t.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
snvszxg5lu4t.n4.adsco.re
1    185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
snvszxg5lu4t.s4.adsco.re
1    216.59.63.128 (United States)

ASN53334 (TUT-AS, US)
PTR: 216-59-63-128.customer.totaluptime.net
cdn4ads.com
1    91.149.224.185 (Norway)

ASN58110 (IPVOLUME, CH)
PTR: static.91.149.224.185.sibyl.li
amxxezfhgvfbtzkp.wzcdn654.net
Apex Domain
Subdomains		 Transfer
13 adsco.re
c.adsco.re — Cisco Umbrella Rank: 20231
6.adsco.re — Cisco Umbrella Rank: 21740
4.adsco.re — Cisco Umbrella Rank: 23529
adsco.re — Cisco Umbrella Rank: 18089
snvszxg5lu4t.l4.adsco.re
snvszxg5lu4t.n4.adsco.re
snvszxg5lu4t.s4.adsco.re
72 KB
4 wigistream.to
wigistream.to — Cisco Umbrella Rank: 639834
37 KB
3 bartsim.xyz
bartsim.xyz
23 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17271
s4.histats.com — Cisco Umbrella Rank: 14990
5 KB
2 cdn4ads.com
www.cdn4ads.com — Cisco Umbrella Rank: 140099
cdn4ads.com — Cisco Umbrella Rank: 111732
10 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 soaheeme.net
soaheeme.net — Cisco Umbrella Rank: 96345
25 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 53428
2 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 14961
widgets.amung.us — Cisco Umbrella Rank: 14759
2 KB
2 velocitycdn.com
velocitycdn.com — Cisco Umbrella Rank: 161382
14 KB
2 ashcdn.com
ashcdn.com — Cisco Umbrella Rank: 161406
14 KB
1 wzcdn654.net
amxxezfhgvfbtzkp.wzcdn654.net
742 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10281
541 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
898 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
36 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
139 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 227260
128 KB
1 pulverizehinder.com
pulverizehinder.com
44 19
Domain Requested by
4 wigistream.to bartsim.xyz
wigistream.to
3 4.adsco.re bartsim.xyz
c.adsco.re
3 c.adsco.re www.cdn4ads.com
c.adsco.re
3 bartsim.xyz 1 redirects bartsim.xyz
2 adsco.re c.adsco.re
2 6.adsco.re bartsim.xyz
c.adsco.re
2 fonts.gstatic.com fonts.googleapis.com
2 soaheeme.net bartsim.xyz
2 youradexchange.com ashcdn.com
velocitycdn.com
2 velocitycdn.com wigistream.to
velocitycdn.com
2 ashcdn.com bartsim.xyz
ashcdn.com
1 amxxezfhgvfbtzkp.wzcdn654.net swarm.video
1 cdn4ads.com www.cdn4ads.com
1 snvszxg5lu4t.s4.adsco.re c.adsco.re
1 snvszxg5lu4t.n4.adsco.re c.adsco.re
1 snvszxg5lu4t.l4.adsco.re c.adsco.re
1 s4.histats.com s10.histats.com
1 s10.histats.com bartsim.xyz
1 www.cdn4ads.com bartsim.xyz
1 www.google-analytics.com www.googletagmanager.com
1 my.rtmark.net soaheeme.net
1 fonts.googleapis.com wigistream.to
1 widgets.amung.us wigistream.to
1 whos.amung.us 1 redirects
1 www.googletagmanager.com wigistream.to
1 cdn.jsdelivr.net wigistream.to
1 swarm.video wigistream.to
1 pulverizehinder.com bartsim.xyz
44 28

This site contains links to these domains. Also see Links.

Domain
adsco.re
youradexchange.com
Subject Issuer Validity Valid
*.bartsim.xyz
R3		 2021-12-27 -
2022-03-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-10 -
2022-07-09		 a year crt.sh
pulverizehinder.com
R3		 2022-01-25 -
2022-04-25		 3 months crt.sh
*.velocitycdn.com
E1		 2022-01-16 -
2022-04-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2022-07-01		 2 years crt.sh
soaheeme.net
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
1037973644.rsc.cdn77.org
R3		 2022-01-09 -
2022-04-09		 3 months crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
*.l4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.n4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.s4.adsco.re
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
cdn4ads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh
amxxezfhgvfbtzkp.wzcdn654.net
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bartsim.xyz/livetv.php?tv=163
Frame ID: 019CAD264FE3474C0F4B898F5E9202ED
Requests: 23 HTTP requests in this frame

Frame: https://wigistream.to/embed/zqeu0hpg
Frame ID: 1056A85D94993D94F91BD29FF9FA4161
Requests: 16 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 21E4FD80CD56B74D9EE1BFB8AEC12657
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bartsim.xyz/livetv.php?tv=163 HTTP 301
    https://bartsim.xyz/livetv.php?tv=163 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

44
Requests

93 %
HTTPS

46 %
IPv6

19
Domains

28
Subdomains

26
IPs

8
Countries

572 kB
Transfer

1751 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bartsim.xyz/livetv.php?tv=163 HTTP 301
    https://bartsim.xyz/livetv.php?tv=163 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=7709&c=000000ffffff&p=

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request livetv.php
bartsim.xyz/
Redirect Chain
  • http://bartsim.xyz/livetv.php?tv=163
  • https://bartsim.xyz/livetv.php?tv=163
66 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a37a1de1dcc62e461a81d897caa0fdae8052ec14d003bb19724539c165c436

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txcJjk2k9lVNB%2BicVu5CVve4ihXI9fmsVxL8colLdoUSahHY71OWcgw3ZUkX9n06DgJOYiPAArnYHgAdhjfve3%2BHpwytKnlCAuoMdRcL9wnrm3B7DdKjIkaS7GMTweMF8RJAS%2FpE4Jq5Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6de0393a4d65f923-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Tue, 15 Feb 2022 17:23:21 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Tue, 15 Feb 2022 18:23:21 GMT
Location
https://bartsim.xyz/livetv.php?tv=163
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH2JYkxQ13X4G9t1v58gPM%2F0KsFepvqQqamFOsaNXzmZFAk4AaC3FGPZieaQnR%2BzzSLjG8drZya6lkTRty9wCNAuYpotfkWIFZNZSWa2tG36dgDMRsmbWtlSIyXpjlOQpVYT9I3aNAtk1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6de03939cbb468e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
suv4.js
ashcdn.com/script/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ashcdn.com/script/suv4.js
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314f3228df2bf5a810714bc58d112483ae3ff32b68e35f6c235d7f298cce1b85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=0kdGXw==, md5=6JAxf0lTq6f/Ttxj80T/RQ==
date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
584
x-guploader-uploadid
ADPycdsANakNXxfKYFmYdZ8hV9NqA3hHRmnarJB88rekTVeDQjVadmV5Nx_Kx7Xvr8iLx7s7bIoqv2OETBLJaZdhzjEY4upfKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 07 Feb 2022 13:32:16 GMT
server
cloudflare
etag
W/"e890317f4953aba7ff4edc63f344ff45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BB%2F%2FuveG1Z%2Bjz6eOfT3Ym0hmFQyP3v1qW3wFZqHWoZ6t6MdOnZE8%2B%2FnAGQjwnpl7vBAH%2B2CP%2BPDOcWeTCngKrT%2BVPMB9CZlEpB8g1JGyLO2dkqL4eu207UPjn%2BogbjMOvLs6ckRX6ArL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1644240736927994
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
25433
cf-ray
6de0393bf85ee8fb-MXP
expires
Tue, 15 Feb 2022 17:34:13 GMT
2a93c21cef8a8be65f71aea8605ec3b9.js
pulverizehinder.com/2a/93/c2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pulverizehinder.com/2a/93/c2/2a93c21cef8a8be65f71aea8605ec3b9.js
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Feb 2022 17:23:22 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
zqeu0hpg
wigistream.to/embed/ Frame 1056 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wigistream.to/embed/zqeu0hpg
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974d09d276b0ce9eb57c3e718bf9df310777e96f0ffd19cc5a0d42acfb077edc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enI%2BZ7ZPtdqSQZtVzLfGU2EhDiU7CBFeaPq%2FaeHwsc5mNDJNaGJMRwgulmsuAms98Qf5RPG81GRbdi7eBObXtKo2faBq%2BiiIIFifJk7NsQem9Wo4ULkNeuBQrGtTA253"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6de0393bebd4008b-AMS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.min.css
wigistream.to/css/ Frame 1056 		1 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wigistream.to/css/embed.min.css?v=0.3
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/embed/zqeu0hpg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
5027
etag
W/"5fa984ce-484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRsyPgC5Ou5f2KvWRoSVmEN948hCv85YoCpG3SXFOoDadW7mO624Hjj2N%2BBAqVDkIZcUR%2F03FqXHsn3CzVTiK0YR9AP6w5qWKrtfyNPvsCfD7YVLNZbmCrVCI8KnAJXf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6de0393c8d44008b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon.png
wigistream.to/imgs/ Frame 1056 		469 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wigistream.to/imgs/icon.png
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/embed/zqeu0hpg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1853
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
469
last-modified
Wed, 11 Nov 2020 18:38:04 GMT
server
cloudflare
etag
"5fac2f8c-1d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8YGplNsPa%2Bh8kQuxuy8MlG8IWsrKje3N14xgm5sCAitIK24hoFRD8PgME4mmNIFapiRG6paZfy%2BxcnsEwxpT2j%2Fr3xTQBK008U%2FXRlx%2FEkv5Y7xzS7KyyKjUQNoBt%2BL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6de0393c8d48008b-AMS
jquery.min.js
wigistream.to/js/ Frame 1056 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wigistream.to/js/jquery.min.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.94.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/embed/zqeu0hpg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
server
cloudflare
age
3594
etag
W/"5fa984ce-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ1Y9Xk0toCIZOqxAQIjXirm9p9s3oPibtAV%2FEiXGzmxSjMVphGiliYIHBGgo6OxG1Kv8HVyzegjpwQJrI9wGQ%2FTqz6Bi4762KDR3AChabl1ojEt5vQFltOAcaqytLjK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6de0393c8d4a008b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wigistream.js
swarm.video/ Frame 1056 		506 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/wigistream.js?version=0.0.80
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1785438
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 22:53:39 GMT
server
cloudflare
etag
W/"7ee26-17a54d407d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acpGIOXwzPli3yVxmjoFwuGhdgQaCb%2B7BCWszZapk9bHk7RCcgDnEbKoVPN29tR3RYCfhukofFiWRZ6VtACiMsqQMwVdssPAbwvobDG5dZez6fl5gdTDmtIPq9CFMxctX8llnZ3r39QDJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-polished
origSize=519718
cf-ray
6de0393cf8227a52-DUS
cf-bgj
minify
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 1056 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
30408
x-jsd-version
0.3.13
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19133-FRA, cache-mxp6962-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6de0393ccad659c5-MXP
su.js
velocitycdn.com/script/ Frame 1056 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/su.js
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=EVjXSA==, md5=UjVfsWmEae7XYypG6KTyOg==
date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1357
x-guploader-uploadid
ADPycdtAtsz7PdzXHH06cZQwTshMx_i34LF-WZBYujQzdtCxQhdpsU6qnXGXB8LtxOdc4AFxfP-l22mcVLkVMFgy2_A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 07 Feb 2022 13:27:32 GMT
server
cloudflare
etag
W/"52355fb1698469eed7632a46e8a4f23a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLAqvrAoroPLTIWV%2FkmIqZSDE5TtN0zV4sMoU1sKfhLmwFIw%2Fwy2VtBmQ6f16jymQKk2TuDz%2Fg9jo0RPBdju08neTByVAkr6wucc8rKsPbBXDbmZDt0x8NzJMEe8HL%2Feu0%2FWU9Tt5EX4rKt677o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1644240452215465
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
25170
cf-ray
6de0393cdee55a43-MXP
expires
Tue, 15 Feb 2022 17:18:07 GMT
js
www.googletagmanager.com/gtag/ Frame 1056 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e86e7766e359eb6a922687efa24ce92478f2a2ed491e74f4471d6e2533e0ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36105
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Feb 2022 17:23:21 GMT
/
widgets.amung.us/draw/ Frame 1056
Redirect Chain
  • https://whos.amung.us/cwidget/y7opzyrraw/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=7709&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=7709&c=000000ffffff&p=
Requested by
Host: wigistream.to
URL: https://wigistream.to/embed/zqeu0hpg
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56dff534d8e42d68277df36be51a543e310782857a77cf3ac6d67990547ce0b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:22 GMT
cf-cache-status
EXPIRED
last-modified
Sun, 13 Feb 2022 03:05:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
6de0393ed9a2912e-FRA
expires
Wed, 16 Feb 2022 17:23:22 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=7709&c=000000ffffff&p=
date
Tue, 15 Feb 2022 17:23:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
ut.js
ashcdn.com/script/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ashcdn.com/script/ut.js?cb=1644945801676
Requested by
Host: ashcdn.com
URL: https://ashcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3282
x-guploader-uploadid
ADPycduvUHcRV3g8nLGrXMqXld_-iiV_Ndj6e9mV6YJDMs_q4NNnQbY33padmuj9M77WxnzRM0IcOQTGC_R6vpNJJM0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Feb 2022 12:22:51 GMT
server
cloudflare
etag
W/"1e3e1b7d88d8f85d315c97184a256f79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZiUJx3UCcMqRXEkio4zzgSwsdZ972qVh%2FRW4ulDs4rxEIFkgsYbBpD0Isc4Di9HL8QLer4GwWFud4ntcL252Sr1EUzRRbLS%2FlL5wZsDmEFMDJaLK2%2BtM1REN%2BTvM4s2z8eXGZhMh3IV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643890971548728
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
15378
cf-ray
6de0393c8916e8fb-MXP
expires
Tue, 15 Feb 2022 17:26:04 GMT
suurl4.php
youradexchange.com/script/ 		954 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=4277827&cbur=0.7337911255951497&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbpage=https%3A%2F%2Fbartsim.xyz%2Flivetv.php%3Ftv%3D163&cbref=&cbdescription=&cbkeywords=&cbcdn=ashcdn.com&aggr=0
Requested by
Host: ashcdn.com
URL: https://ashcdn.com/script/suv4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
1804cecc249aaf354cebc2581a31fb66fb76a05e5144212e99707681ea19dbe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/json; charset=utf-8
livetv.php
bartsim.xyz/ 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bartsim.xyz/livetv.php?tv=163
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/livetv.php?tv=163
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh6sZLRkWBJh9AzgZwOcwAKyeNxmx5kNuXD6AeHzsP61BnnQR2YvVCwFXSYqONXhsF4etYdfRw84D6N8Sqqn40UzyqEyiXRaEUVscDhTNLRkpC%2FTRj6gZDJKiN8kkpXiGAXsHauZQEKuRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6de0393d1c125a37-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
soaheeme.net/5/4659732/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soaheeme.net/5/4659732/?oo=1&aab=1
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9d0becc9e35e5ef430ca96568c010bf52abf145f408cd920c33e61cf430edbb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-trace-id
d796ef066e9bd3bd1e59729db7e35760
pragma
no-cache, no-cache
date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://bartsim.xyz
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
soaheeme.net/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soaheeme.net/tag.min.js
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
76d911de05c9cd4050fa8db68fa4e995119a25646c62697180a06e3fdfc596c4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
22540
x-trace-id
336cfbf6aba75c89c48ee304d941a604
pragma
no-cache
last-modified
Fri, 11 Feb 2022 10:15:34 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
css
fonts.googleapis.com/ Frame 1056 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: wigistream.to
URL: https://wigistream.to/css/embed.min.css?v=0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 15:26:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 17:23:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 17:23:21 GMT
gid.js
my.rtmark.net/ 		65 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=a165bf05a93a4e679ec3ca3116207eee
Requested by
Host: soaheeme.net
URL: https://soaheeme.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f6ce44c19b9aa5e87f1ad562960fdfec464a9927e1a39b69596a24cc546f21ad
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:21 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bartsim.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
ut.js
velocitycdn.com/script/ Frame 1056 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1644945801876
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/su.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-goog-hash
crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
date
Tue, 15 Feb 2022 17:23:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtZZd9Zyf1aRVFxG3jbgaAexzaY20NMF7I9wZK7uJiSv_6cQa-ZxumvR5uDdiV8hdtm3f7wewi-4RVxtvdrwhc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Feb 2022 12:22:51 GMT
server
cloudflare
etag
W/"1e3e1b7d88d8f85d315c97184a256f79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2I1mMCKyNzMmOwwcNb%2FCu5GObs5Xyo7ewvDOq28IVFdvj9a%2Fc0cCrCJsr1F%2BiZ1H3TZDml7%2BVqnCilkfUFwBOaofNwlWMhYov7mroVv8iWk%2FNTFON7%2BPTSwVY4aOVX5rWG6XufU0jPVQA4cO%2FM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1643890971548728
access-control-allow-origin
*
content-type
text/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
15378
cf-ray
6de0393dece80f66-MXP
expires
Tue, 15 Feb 2022 17:26:04 GMT
suurl4.php
youradexchange.com/script/ Frame 1056 		1 KB
936 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=3939411&cbur=0.07754737422077351&cbiframe=1&cbWidth=1584&cbHeight=1184&cbtitle=&cbpage=https%3A%2F%2Fbartsim.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
0b4f2a33990ce47e09eed6c62f4dc0aebd4269beb07453a8b3f9d9514291c688

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Feb 2022 17:23:22 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/json; charset=utf-8
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame 1056 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wigistream.to
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:30:31 GMT
x-content-type-options
nosniff
age
510770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:30:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 1056 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wigistream.to
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:30:30 GMT
x-content-type-options
nosniff
age
510771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:30:30 GMT
analytics.js
www.google-analytics.com/ Frame 1056 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184968220-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6507
date
Tue, 15 Feb 2022 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 15 Feb 2022 17:34:54 GMT
segment.min.js
www.cdn4ads.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn4ads.com/segment.min.js
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
87e36b079dc475ce992e1d8e11d91c0371a88bdfd6a6c4c61de1af49ee4bf092

Request headers

Referer
https://bartsim.xyz/
Origin
https://bartsim.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 15 Feb 2022 17:23:22 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
596974
alt-svc
quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1ry/AV5b/7hsJAA
x-accel-expires
@1644953628
server
CDN77-Turbo
x-77-nzt-ray
nkUj+L18AdI
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Tue, 15 Feb 2022 19:33:48 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:13:32 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
385944467
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4520534&@f16&@g1&@h1&@i1&@j1644945802404&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-127346962&@b3:1644945802&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbartsim.xyz%2Flivetv.php%3Ftv%3D163&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
4d296482bdf523dd35bb2bf4830c3885c40f0cfb0571273431c51ff14f5d503c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 17:23:22 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
/
c.adsco.re/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/segment.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:22 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2503818
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6de039421ee06993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 18 Mar 2022 17:23:22 GMT
/
6.adsco.re/ 		0
104 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bartsim.xyz/
Origin
https://bartsim.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:22 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://bartsim.xyz
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6de039431fbd6958-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
4.adsco.re/ 		0
456 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bartsim.xyz/
Origin
https://bartsim.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 17:23:22 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://bartsim.xyz
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bartsim.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 17:23:22 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://bartsim.xyz
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		45 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
5972cf02de92ee0e8c10817ad7c282aa80bbc3eb1bb3f8b00b8b661db2ed17ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 17:23:22 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://bartsim.xyz
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		54 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e7548adcca2130a87658a32358fbe027252f0ecf90708369e3be97974b5f3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:22 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://bartsim.xyz
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6de039431fba6958-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
snvszxg5lu4t.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://snvszxg5lu4t.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bartsim.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 17:23:22 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
snvszxg5lu4t.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://snvszxg5lu4t.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bartsim.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 17:23:23 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
snvszxg5lu4t.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://snvszxg5lu4t.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bartsim.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 15 Feb 2022 17:23:23 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 21E4 		62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/

Response headers

date
Tue, 15 Feb 2022 17:23:22 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Fri, 18 Mar 2022 17:23:22 GMT
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status
HIT
age
2503818
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6de03943287b5c5c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
6.adsco.re/ Frame 21E4 		0
0
/
4.adsco.re/ Frame 21E4 		0
455 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: bartsim.xyz
URL: https://bartsim.xyz/livetv.php?tv=163
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 17:23:22 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
c.adsco.re/ Frame 21E4 		62 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:23:22 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2503818
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6de03943da625c5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 18 Mar 2022 17:23:22 GMT
/
4.adsco.re/ Frame 21E4 		0
0
p
adsco.re/ 		363 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
a00b397c93fcdcde8b9c9fe22a63cf25a4f0e4fde157de19f0b66821e0891ee5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

AS-P-G
OK
Date
Tue, 15 Feb 2022 17:23:23 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon123
Access-Control-Allow-Origin
https://bartsim.xyz
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
L.asp
cdn4ads.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4ads.com/L.asp?_=BAoAYgvhiwFiC-GLgAGBAsAAIAdypZ7pW7iCkdxDIS2l2VdzxMOY7xov1gU7OsBMK2IlwQBHMEUCIQDCmkB6KiWV8kcz88l10ajUqPdYhaeRLrf1dyCAYwP2xwIgJHBRGZu7Y8fVRTwsQ2lTpkD2Hnht3hIdY_qQRVWuwEnCACDxEOGdUAt1fycu-9yHDrptK_VNC7u_sBZ11jMv--tA6sQAECABCsgAIAMBAAAAAAAAIB7FABAxKhKL2GbWqSFjzL1dE8vJwwBHMEUCIQDJfA76ynf27zliAJUFxvupC9ynK8W1pJLceCnXC_qgJAIgMCptxjLOzIFbNPU9vAKR6KU_Xgnk_8g7rulxBepOWv8&v=4&RnfsBzEc=4697065&minBid=&cBUsZodK=0:1,0&xKyPFRHp=&JbgUPImi=&s=1600,1200,1,1600,1200,0
Requested by
Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/segment.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.59.63.128 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-59-63-128.customer.totaluptime.net
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bartsim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Feb 2022 17:23:23 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
zqeu0hpg.m3u8
amxxezfhgvfbtzkp.wzcdn654.net/hls/ Frame 1056 		555 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amxxezfhgvfbtzkp.wzcdn654.net:8443/hls/zqeu0hpg.m3u8?s=zrTkX0aY51E5k3hMpi1RQg&e=1644967401
Requested by
Host: swarm.video
URL: https://swarm.video/wigistream.js?version=0.0.80
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.149.224.185 , Norway, ASN58110 (IPVOLUME, CH),
Reverse DNS
static.91.149.224.185.sibyl.li
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wigistream.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 15 Feb 2022 17:23:25 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
555
Content-Type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| a7_0x2c56 function| a7_0xac60 function| s2ss215ff boolean| s2ss215 string| k object| _j7skk0w4xf object| lxmw5qvixk9 object| zfgformats function| setImmediate function| clearImmediate function| _tgzigo function| _mkdtrio object| a9_0x1e2e function| a9_0x23bd boolean| utm215 string| utsid-send function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| _pop object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| detectZoom object| iframe object| where object| win object| _pao object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt object| _HistatsCounterGraphics_0_setValues

13 Cookies

Domain/Path Name / Value
soaheeme.net/ Name: OAID
Value: a165bf05a93a4e679ec3ca3116207eee
soaheeme.net/ Name: oaidts
Value: 1644945801
my.rtmark.net/ Name: ID
Value: a165bf05a93a4e679ec3ca3116207eee
bartsim.xyz/ Name: HstCfa4520534
Value: 1644945802404
bartsim.xyz/ Name: HstCla4520534
Value: 1644945802404
bartsim.xyz/ Name: HstCmu4520534
Value: 1644945802404
bartsim.xyz/ Name: HstPn4520534
Value: 1
bartsim.xyz/ Name: HstPt4520534
Value: 1
bartsim.xyz/ Name: HstCnv4520534
Value: 1
bartsim.xyz/ Name: HstCns4520534
Value: 1
bartsim.xyz/ Name: a
Value: TtUx0iBiz1yJ9983owBnWCqiJx4rUvCQ
bartsim.xyz/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYgvhiwFiC-GLgAGBAsAAIAdypZ7pW7iCkdxDIS2l2VdzxMOY7xov1gU7OsBMK2IlwQBHMEUCIQDCmkB6KiWV8kcz88l10ajUqPdYhaeRLrf1dyCAYwP2xwIgJHBRGZu7Y8fVRTwsQ2lTpkD2Hnht3hIdY_qQRVWuwEnCACDxEOGdUAt1fycu-9yHDrptK_VNC7u_sBZ11jMv--tA6sQAECABCsgAIAMBAAAAAAAAIB7FABAxKhKL2GbWqSFjzL1dE8vJwwBHMEUCIQDJfA76ynf27zliAJUFxvupC9ynK8W1pJLceCnXC_qgJAIgMCptxjLOzIFbNPU9vAKR6KU_Xgnk_8g7rulxBepOWv8
bartsim.xyz/ Name: _popprepop
Value: 1

3 Console Messages

Source Level URL
Text
rendering warning URL: https://wigistream.to/embed/zqeu0hpg(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://pulverizehinder.com/2a/93/c2/2a93c21cef8a8be65f71aea8605ec3b9.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://amxxezfhgvfbtzkp.wzcdn654.net:8443/hls/zqeu0hpg.m3u8?s=zrTkX0aY51E5k3hMpi1RQg&e=1644967401
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
amxxezfhgvfbtzkp.wzcdn654.net
ashcdn.com
bartsim.xyz
c.adsco.re
cdn.jsdelivr.net
cdn4ads.com
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
pulverizehinder.com
s10.histats.com
s4.histats.com
snvszxg5lu4t.l4.adsco.re
snvszxg5lu4t.n4.adsco.re
snvszxg5lu4t.s4.adsco.re
soaheeme.net
swarm.video
velocitycdn.com
whos.amung.us
widgets.amung.us
wigistream.to
www.cdn4ads.com
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
4.adsco.re
6.adsco.re
104.21.94.254
139.45.195.8
139.45.197.238
162.252.214.5
185.200.116.90
185.200.118.90
192.243.59.13
192.99.8.34
216.59.63.128
2606:4700:10::ac43:88d
2606:4700:3034::ac43:b683
2606:4700::6810:5714
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:811::200e
2a00:1450:4001:82b::200a
2a02:6ea0:c700::2
2a06:98c1:3120::7
2a06:98c1:3121::7
35.190.41.116
38.132.109.186
46.105.201.240
67.202.114.216
91.149.224.185
0b4f2a33990ce47e09eed6c62f4dc0aebd4269beb07453a8b3f9d9514291c688
0d2556e6fe39f0adea7f7b90515e482645f702c89ff7206bae2514daed52b397
0e8714e1c7ce6159f6bff5085163212294c59e411ed4b10ad956ae0b2800d03d
1804cecc249aaf354cebc2581a31fb66fb76a05e5144212e99707681ea19dbe3
214c55aeae4c8972f62d276447d68481b964e5f98fdac62494da0a09293dc284
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
314f3228df2bf5a810714bc58d112483ae3ff32b68e35f6c235d7f298cce1b85
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
4d296482bdf523dd35bb2bf4830c3885c40f0cfb0571273431c51ff14f5d503c
4e86e7766e359eb6a922687efa24ce92478f2a2ed491e74f4471d6e2533e0ffd
56dff534d8e42d68277df36be51a543e310782857a77cf3ac6d67990547ce0b9
5972cf02de92ee0e8c10817ad7c282aa80bbc3eb1bb3f8b00b8b661db2ed17ff
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
76d911de05c9cd4050fa8db68fa4e995119a25646c62697180a06e3fdfc596c4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87e36b079dc475ce992e1d8e11d91c0371a88bdfd6a6c4c61de1af49ee4bf092
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
974d09d276b0ce9eb57c3e718bf9df310777e96f0ffd19cc5a0d42acfb077edc
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d0becc9e35e5ef430ca96568c010bf52abf145f408cd920c33e61cf430edbb0
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a00b397c93fcdcde8b9c9fe22a63cf25a4f0e4fde157de19f0b66821e0891ee5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
c1e7548adcca2130a87658a32358fbe027252f0ecf90708369e3be97974b5f3b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e05625072af3c4d3ca3bcef620cecc11cad888a0441600f3c43d04c3334d2c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a37a1de1dcc62e461a81d897caa0fdae8052ec14d003bb19724539c165c436
f6ce44c19b9aa5e87f1ad562960fdfec464a9927e1a39b69596a24cc546f21ad