forum.bitmmgp.ru Open in urlscan Pro
188.165.29.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Submission: On April 14 via manual (April 14th 2020, 5:03:41 pm UTC)

Summary HTTP 103 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 103 HTTP transactions. The main IP is 188.165.29.121, located in Lithuania and belongs to OVH, FR. The main domain is forum.bitmmgp.ru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 12th 2020. Valid for: a year.

This is the only time forum.bitmmgp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	188.165.29.121 188.165.29.121	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	95.163.118.168 95.163.118.168	12695 (DINET-AS) (DINET-AS)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
2	88.198.46.158 88.198.46.158	24940 (HETZNER-AS) (HETZNER-AS)
9	2606:4700:20:... 2606:4700:20::681a:1c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:20:... 2606:4700:20::681a:b4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	85.119.149.6 85.119.149.6	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	5.9.100.69 5.9.100.69	24940 (HETZNER-AS) (HETZNER-AS)
1	85.119.149.9 85.119.149.9	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
3	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
1	88.198.46.180 88.198.46.180	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6812:2f06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::200d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
103	27

32 188.165.29.121 (Lithuania)

ASN16276 (OVH, FR)
PTR: bitmmgp.ru

forum.bitmmgp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.118.168 (Russian Federation)

ASN12695 (DINET-AS, RU)
PTR: ulogin.ru

ulogin.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.46.158 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: texto.click

texto.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cusok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:1c9 (United States)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:b4a (United States)

ASN13335 (CLOUDFLARENET, US)

ad.bitmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.119.149.6 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: bestchange.ru

www.bestchange.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.100.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: www.people-group.su

ads.people-group.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.119.149.9 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: bestchange.net

www.bestchange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.239.209.209 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.46.180 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nolix.ru

a.contextbar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6812:2f06 (United States)

ASN13335 (CLOUDFLARENET, US)

new.skyway.capital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

plus.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	bitmmgp.ru forum.bitmmgp.ru	359 KB
11	bitmedia.io ad.bitmedia.io	19 KB
9	google.com www.google.com adservice.google.com plus.google.com apis.google.com accounts.google.com	120 KB
9	linkslot.ru linkslot.ru	43 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
4	bestchange.ru www.bestchange.ru	7 KB
4	ulogin.ru ulogin.ru	32 KB
3	a-ads.com ad.a-ads.com
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	doubleclick.net googleads.g.doubleclick.net
2	googleapis.com fonts.googleapis.com	2 KB
1	skyway.capital new.skyway.capital	58 KB
1	gstatic.com www.gstatic.com	92 KB
1	contextbar.ru a.contextbar.ru	770 B
1	googletagservices.com www.googletagservices.com	28 KB
1	cusok.ru cusok.ru	1 KB
1	google.de adservice.google.de	839 B
1	bestchange.net www.bestchange.net	35 KB
1	people-group.net ads.people-group.net	7 KB
1	jsdelivr.net cdn.jsdelivr.net	49 KB
1	texto.click texto.click	803 B
1	vk.com vk.com	24 KB
103	24

	Domain	Requested by
32	forum.bitmmgp.ru	forum.bitmmgp.ru pagead2.googlesyndication.com cdn.jsdelivr.net
11	ad.bitmedia.io	forum.bitmmgp.ru ad.bitmedia.io
9	linkslot.ru	forum.bitmmgp.ru
4	platform.twitter.com	forum.bitmmgp.ru platform.twitter.com
4	www.bestchange.ru	forum.bitmmgp.ru www.googletagservices.com
4	ulogin.ru	forum.bitmmgp.ru ulogin.ru
4	pagead2.googlesyndication.com	forum.bitmmgp.ru pagead2.googlesyndication.com
3	apis.google.com	plus.google.com
3	ad.a-ads.com	forum.bitmmgp.ru
3	www.google.com	forum.bitmmgp.ru www.gstatic.com
3	maxcdn.bootstrapcdn.com	forum.bitmmgp.ru
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	counter.yadro.ru	1 redirects forum.bitmmgp.ru
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	forum.bitmmgp.ru cdn.jsdelivr.net
1	syndication.twitter.com	forum.bitmmgp.ru
1	accounts.google.com	apis.google.com
1	plus.google.com	forum.bitmmgp.ru
1	new.skyway.capital	forum.bitmmgp.ru
1	www.gstatic.com	www.google.com
1	a.contextbar.ru	forum.bitmmgp.ru
1	www.googletagservices.com	pagead2.googlesyndication.com
1	cusok.ru	texto.click
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.bestchange.net	forum.bitmmgp.ru
1	ads.people-group.net	forum.bitmmgp.ru
1	cdn.jsdelivr.net	forum.bitmmgp.ru
1	texto.click	forum.bitmmgp.ru
1	vk.com	forum.bitmmgp.ru
103	30

This site contains links to these domains. Also see Links.

Domain
nolix.ru
linkslot.ru
www.bestchange.ru
freedoge.co.in
radiopotok.ru
payeer-bonus.bitmmgp.me
bittubeapp.com
chrome.google.com
www.bestchange.net
perfectmoney.is
payeer.com
www.myetherwallet.com
blockchain.info
site.com
webnull.info
www.liveinternet.ru
payeer-kran.bitmmgp.me
payeer-razdacha.bitmmgp.me
payeer-money.bitmmgp.me
payeer-rub.bitmmgp.me

Subject Issuer	Validity	Valid
forum.bitmmgp.ru Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
ulogin.ru Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
vk.com Sectigo ECC Extended Validation Secure Server CA	`2019-07-11` - `2020-07-09`	a year	crt.sh
texto.click Let's Encrypt Authority X3	`2020-04-03` - `2020-07-02`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-06-24` - `2020-06-23`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
www.bestchange.ru RapidSSL RSA CA 2018	`2020-01-07` - `2021-03-07`	a year	crt.sh
ads.people-group.net Sectigo ECC Domain Validation Secure Server CA	`2019-03-07` - `2021-04-05`	2 years	crt.sh
www.bestchange.net RapidSSL RSA CA 2018	`2019-08-11` - `2020-09-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
cusok.ru Let's Encrypt Authority X3	`2020-04-03` - `2020-07-02`	3 months	crt.sh
*.a-ads.com COMODO RSA Domain Validation Secure Server CA	`2018-11-14` - `2020-12-09`	2 years	crt.sh
a.contextbar.ru Let's Encrypt Authority X3	`2020-04-03` - `2020-07-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Frame ID: E1DFA0CBEAAFFB4139E9C02A7E0F6157
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html
Frame ID: 72C67DB70398A70CC846A1E30D18E632
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272108095515714&output=html&adk=1934523412&adf=3164131733&lmt=1586883797&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586883797812&bpp=1146&bdt=47&fdt=1857&idt=1858&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3767444251677&frm=20&pv=2&ga_vid=1444126634.1586883800&ga_sid=1586883800&ga_hid=16696151&ga_fc=0&iag=0&icsg=46909094912&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530312&oid=3&pvsid=3476101972763964&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=1873
Frame ID: 9374AE92E3D7ABCD816BE35C57CF35CD
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/951821?size=728x90&background_color=6a6b45&text_color=11e827&title_color=cff008&link_color=d06bd9
Frame ID: 2988B83106347BAC0D553D2CA4CAB547
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/951827?size=728x90&background_color=373e46&text_color=00ff29&title_color=ebff00&title_hover_color=ff0000&link_color=00f0ff
Frame ID: 2A613732CD46271BFCA840EEC6751753
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/908429?size=200x200&background_color=261d1d&text_color=d9d119&title_color=ddd6f7&title_hover_color=ffffff&link_color=13e60f&link_hover_color=ffffff
Frame ID: A1526EF6C3B6E05D318EEF1760A130A9
Requests: 1 HTTP requests in this frame

Frame: https://ad.bitmedia.io/p/5db7ec63494d9fac1309fd7b/?source=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ref=&ent=44&we=1&fid=7350885aabc814b9f670ddbdedcf468f&fidnoua=54d1b6c1d6f715ffe72d6c57c27ff7c4&impid=c940b4dcea67bad9afe702dde13ce574&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&sig=0x00000&blocksubid=0
Frame ID: 195DEF676C38DFD78EEB13684DD80B2B
Requests: 1 HTTP requests in this frame

Frame: https://ulogin.ru/stats.html?r=79048&type=small&xdm_e=https%3A%2F%2Fforum.bitmmgp.ru&xdm_c=default6668&xdm_p=1
Frame ID: DADA843D50F5C35762E193F0497C4A46
Requests: 1 HTTP requests in this frame

Frame: https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Fforum.bitmmgp.ru%2Fulogin%2F%26back%3DaHR0cHM6Ly9mb3J1bS5iaXRtbWdwLnJ1L3BsdXNidGMtb2ZpZ2VubnlqLXNlcnZpcy1zLWJvbnVzb20udDkzMjIv&callback=&providers=twitter,google,yandex,livejournal,openid,flickr,lastfm,linkedin,liveid,soundcloud,steam,webmoney,youtube,foursquare,tumblr,googleplus,instagram,wargaming&fields=first_name,last_name,email,photo,photo_big&force_fields=&popup_css=&optional=sex,bdate,country,city&othprov=vkontakte,odnoklassniki,mailru,facebook&protocol=https&host=forum.bitmmgp.ru&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&version=3&xdm_e=https%3A%2F%2Fforum.bitmmgp.ru&xdm_c=default6669&xdm_p=1
Frame ID: C15D51B05FDE2AA6FB6E28179FDE6BED
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEhVEUAAAAAK0KLjVcaHGeKyKDL6hW3-1udtUw&co=aHR0cHM6Ly9mb3J1bS5iaXRtbWdwLnJ1OjQ0Mw..&hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&size=normal&cb=z038ubhswtvt
Frame ID: 55043496AB96CD6CF14F37549FC8272C
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=ru-RU&origin=https%3A%2F%2Fforum.bitmmgp.ru&url=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
Frame ID: E8E7DA5A382C5B576AF58B97D565C2E2
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fforum.bitmmgp.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
Frame ID: 771A96229752825230777B3917684937
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fforum.bitmmgp.ru
Frame ID: B5889CF01BABF90B24371DB64738CB15
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&k=6LfEhVEUAAAAAK0KLjVcaHGeKyKDL6hW3-1udtUw&cb=670w8awsobxg
Frame ID: 6B7871E087CCD011F36657DC0FB45F1C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.ru.html
Frame ID: 25E48A36C7E9B90A23457CCFFEC946C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 9699FF12B32A7D837726BA7F5F2BB432
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

103
Requests

99 %
HTTPS

54 %
IPv6

24
Domains

30
Subdomains

27
IPs

5
Countries

1126 kB
Transfer

2610 kB
Size

0
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://nolix.ru/go.php?f=538004&d=MjM5Ny0xMjM2ODctMjE1NTIxMg%3D%3D&to=L29ibWVuLWJpdGNvaW4uY2FzaA%3D%3D
Title: Анонимный обмен Биткоин на наличные рубли

Search URL Search Domain Scan URL

URL: https://nolix.ru/site/41229/
Title: Добавить рекламу за 38 рублей

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=194300

Search URL Search Domain Scan URL

URL: https://www.bestchange.ru/?p=24820
Title: Надежные обменники

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=234753

Search URL Search Domain Scan URL

URL: https://www.bestchange.ru/index.php?ct=tab&sc=1&p=24820
Title: Открыть все валюты

Search URL Search Domain Scan URL

URL: https://freedoge.co.in/?r=238302

Search URL Search Domain Scan URL

URL: http://radiopotok.ru/
Title: FM

Search URL Search Domain Scan URL

URL: http://payeer-bonus.bitmmgp.me/
Title: Краны

Search URL Search Domain Scan URL

URL: https://bittubeapp.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/bittube-airtime/cnogbbmciffpibmkphohpebghmomaemi
Title: Install AirTime extension

Search URL Search Domain Scan URL

URL: https://www.bestchange.net/?p=24820

Search URL Search Domain Scan URL

URL: http://perfectmoney.is/

Search URL Search Domain Scan URL

URL: https://payeer.com/ru/

Search URL Search Domain Scan URL

URL: https://www.myetherwallet.com/

Search URL Search Domain Scan URL

URL: https://blockchain.info/ru/wallet

Search URL Search Domain Scan URL

URL: http://site.com/
Title: Brivium

Search URL Search Domain Scan URL

URL: https://webnull.info/
Title: Плагины для XenForo

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://payeer-kran.bitmmgp.me/
Title: Пайер Кран

Search URL Search Domain Scan URL

URL: http://payeer-razdacha.bitmmgp.me/
Title: Payeer Раздача

Search URL Search Domain Scan URL

URL: http://payeer-money.bitmmgp.me/
Title: Пайер Деньги

Search URL Search Domain Scan URL

URL: http://payeer-rub.bitmmgp.me/
Title: Payeer Рубли

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://counter.yadro.ru/hit?t38.3;r;s1600*1200*24;uhttps%3A//forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/;0.27872227181666487 HTTP 302
https://counter.yadro.ru/hit?q;t38.3;r;s1600*1200*24;uhttps%3A//forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/;0.27872227181666487

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/ 64 KB
21 KB 344ms
218ms Document
text/html 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

7450185e942b0f16212641afd3714c8ca474e9963c304a39b43935f0b1ba83e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: forum.bitmmgp.ru
:scheme: https
:path: /plusbtc-ofigennyj-servis-s-bonusom.t9322/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Tue, 14 Apr 2020 17:03:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
set-cookie: xf_session=35f931c2782abce361d5638c9af6abe7; path=/; secure; httponly
last-modified: Tue, 14 Apr 2020 17:03:17 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: Engintron
content-encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39657
x-xss-protection: 0
server: cafe
etag: 5984455608614455518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Apr 2020 17:03:17 GMT

GET
H2 200 css.php
forum.bitmmgp.ru/ 128 KB
26 KB 169ms
166ms Stylesheet
text/css 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1586883090

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

a060511a784b091928b94f7eaa6d596801d703ab889abd43901af16c09fa06ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Apr 2020 16:51:30 GMT
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 css.php
forum.bitmmgp.ru/ 25 KB
6 KB 152ms
149ms Stylesheet
text/css 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/css.php?css=BRC_message_user_info_extra,bb_code,genesis,login_bar,message,message_user_info,rank_user,rellect_favicon,share_page,si_links_footer,siropu_ads_manager_ad_common,siropu_ads_manager_ad_type_code,svg_adblock_detected,thread_view,topicstarter,ulogin,waindigo_navigation_links_threadnavigation,xengallery_tab_links&style=2&dir=LTR&d=1586883090

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

585581050cdc676502b8823efe15798a8b22a37af8d46781a18139b228f4c6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Apr 2020 16:51:30 GMT
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
cache-control: public
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 1118ms
1053ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6241

GET
H2 200 jquery-1.11.0.min.js Show response
forum.bitmmgp.ru/js/jquery/ 94 KB
33 KB 95ms
93ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/jquery/jquery-1.11.0.min.js
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sun, 25 Jun 2017 19:13:30 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 xenforo.js Show response
forum.bitmmgp.ru/js/xenforo/ 164 KB
52 KB 125ms
122ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/xenforo/xenforo.js?_v=19efdf29
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 22e506dd2404ae9da01876a137afe7cdef2419dd64b353cea5f44b5eb18b2958

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sun, 25 Jun 2017 19:13:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 iframe.js Show response
forum.bitmmgp.ru/js/Siropu/AM/ 782 B
576 B 76ms
73ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/Siropu/AM/iframe.js?_v=78
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 2de83f2e770c760404a8ebfde9a4cd6b4f0de99760abaa5a734f28a022ff705a

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sat, 24 Sep 2016 22:44:08 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 display.js Show response
forum.bitmmgp.ru/js/Siropu/AM/ 3 KB
1 KB 118ms
115ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/Siropu/AM/display.js?_v=78
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 6ddf790abc1581dd25bc7a2d9e2e2b69c8bc72a7bd84feeb6b62023a5de78dfd

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sat, 24 Sep 2016 22:44:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 extend.js Show response
forum.bitmmgp.ru/js/KL/FontsManager/ 883 B
689 B 144ms
142ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/KL/FontsManager/extend.js?_v=19efdf29
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 7d9d02b627bbf10dba162c842420abf30bd549f2dd6c9d0b97409e1162ead64f

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2018 13:04:39 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 load.js Show response
forum.bitmmgp.ru/js/KL/FontsManager/ 363 B
488 B 145ms
142ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/KL/FontsManager/load.js?_v=19efdf29
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: ca75fd7bdad5c586aa293fadab3799e3737f1802ec9744841e6dfec121c8ff3c

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2018 13:04:40 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 FaviconForLinks.min.js Show response
forum.bitmmgp.ru/js/rellect/FaviconForLinks/ 923 B
693 B 145ms
143ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/rellect/FaviconForLinks/FaviconForLinks.min.js?_v=19efdf29
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: c75140c598c2289f2a91fa8a8e684ad0807dcfc47e0c41624cfeeee4a1a0e08c

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Sat, 20 May 2017 20:06:52 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 jquery.validate.min.js Show response
forum.bitmmgp.ru/js/gx/GoogleCaptcha/ 21 KB
7 KB 148ms
146ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/gx/GoogleCaptcha/jquery.validate.min.js?_v=19efdf29
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Fri, 06 Apr 2018 18:26:53 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H2 200 xtop.js Show response
forum.bitmmgp.ru/js/xenforo/ 3 KB
1 KB 148ms
146ms Script
application/javascript 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://forum.bitmmgp.ru/js/xenforo/xtop.js
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 73f764531b45d861525c181c819c0f7fc97afc8b5a8e3e527e3f8bd8491109a9

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2016 18:35:17 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Thu, 14 May 2020 17:03:17 GMT

GET
H/1.1 200
OK ulogin.js Show response
ulogin.ru/js/ 54 KB
19 KB 755ms
276ms Script
application/x-javascript 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/js/ulogin.js
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: b990748ef3bf77ccebc3af529f80b05aa5c449a28ba150c9f1fd58cae99900a2

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Mar 2019 07:56:20 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 17 Apr 2020 17:03:19 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 99 KB
24 KB 646ms
131ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?105
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software: VK /
Resource Hash: 2dd467b68fe5e457aaaa6e85389d9322c31db6a4e57612ecf09478edaf1d7dda

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
content-encoding: gzip
x-frontend: front605107
last-modified: Tue, 14 Apr 2020 15:48:44 GMT
server: VK
etag: "5e95db5c-5d9f"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23967
expires: Sat, 18 Apr 2020 17:03:18 GMT

GET
H/1.1 200
OK nx.js Show response
texto.click/ 507 B
803 B 276ms
59ms Script
application/javascript 88.198.46.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://texto.click/nx.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.198.46.158 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

texto.click

Software

nginx/1.12.1 /

Resource Hash

80cd69c9d9190b156246346218ba82f4639d9f0d4583a86184285b5af06659a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:19 GMT
Last-Modified: Sun, 24 Sep 2017 17:21:25 GMT
Server: nginx/1.12.1
ETag: "59c7e995-1fb"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 507

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
4 KB 117ms
74ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=194300
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fdae2f5b5be637bb3c98c04b2dc825a44b6d0e0cfd48348b9e21ee887ef9a4f

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 583effdf9a0a1f4d-FRA

GET
H2 200 bancode.php Show response
linkslot.ru/ 0
321 B 116ms
74ms Script
text/html 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=194301
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251
status: 200
cf-ray: 583effdf9a101f4d-FRA
content-length: 0

GET
H2 200 tc_blue.gif
forum.bitmmgp.ru/styles/default/xenforo/custom/topicstarter/ 371 B
559 B 115ms
92ms Image
image/gif 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/default/xenforo/custom/topicstarter/tc_blue.gif
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 4c47b1139344ea5252493318938ae272692e437e93394d4375efcca0b0294602

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Fri, 24 Mar 2017 21:16:11 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 371
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.2/css/ 28 KB
7 KB 1422ms
1422ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.2/css/font-awesome.min.css

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6636

GET
H2 200 5db7ec63494d9fac1309fd7b Show response
ad.bitmedia.io/js/adbybm.js/ 70 KB
17 KB 215ms
172ms Script
application/javascript 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e5cffe0c4b5b538465bc2cad04134bf235ff3837357ee1c23fa2fce33c2ec55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public
cf-ray: 583effdf993a1f35-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 14 Apr 2020 17:33:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
639 B 37ms
15ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

101258d5a715cebf03e663d8a30b6e5c6cc260089e7da452fbd16c5b65885ce8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 445
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 17:03:18 GMT

GET
H2 200 airtime.bundle.js Show response
cdn.jsdelivr.net/gh/ipbc-dev/airtime-module-dist/ 180 KB
49 KB 44ms
28ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ipbc-dev/airtime-module-dist/airtime.bundle.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c32161aca15db788977c170a32e894320ff8cfd528294d0138068944aec040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 34785
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-ams21034-AMS, cache-fra19148-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2cf97-o8zcsfF5SVkEe5R9I7xoNG6rEPQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 583effdf4de8c295-FRA

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
4 KB 120ms
78ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=234753
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9db5462ce04f27b4d6089ceeefcc41e1c8de337c5174443c1a4dd8fa6ae3a1

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 583effdf9a121f4d-FRA

GET
H/1.1 200
OK lg.png
www.bestchange.ru/images/banners/ 4 KB
5 KB 391ms
87ms Image
image/png 85.119.149.6
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bestchange.ru/images/banners/lg.png

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.6 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

bestchange.ru

Software

nginx /

Resource Hash

55a958ef1dba404fb7cf098ca2932eac5118802231a9ea55ffedb84060263b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:19 GMT
Last-Modified: Wed, 11 May 2016 07:48:05 GMT
Server: nginx
ETag: "5732e3b5-11bc"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4540
Expires: Thu, 14 May 2020 17:03:19 GMT

GET
H/1.1 200
OK yt.png
www.bestchange.ru/images/banners/ 617 B
966 B 368ms
89ms Image
image/png 85.119.149.6
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bestchange.ru/images/banners/yt.png

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.6 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

bestchange.ru

Software

nginx /

Resource Hash

978d82f29e6b01b4a989318629e8d00187c4133976cd7af67db10508896ca8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:19 GMT
Last-Modified: Wed, 11 May 2016 07:48:05 GMT
Server: nginx
ETag: "5732e3b5-269"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 617
Expires: Thu, 14 May 2020 17:03:19 GMT

GET
H/1.1 200
OK / Show response
ads.people-group.net/324138/7/3/ 21 KB
7 KB 215ms
80ms Script
application/x-javascript 5.9.100.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.people-group.net/324138/7/3/

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

5.9.100.69 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx/1.12.2 /

Resource Hash

a9df7a3c6c2443062edbc871f9b71b26c8739b192366fcd3cbca060ebca3c1a8

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Apr 2020 17:07:52 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript;charset=UTF-8;
X-XSS-Protection: 0;

GET
H2 200 logo.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/ 76 KB
76 KB 115ms
93ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/logo.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: dee8ce4339579abe6eccdf4dcb1cb954ec93959166e1724b9154e02963d118e2

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Mon, 16 Oct 2017 13:41:04 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 77764
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 404 jquery-1.9.1.min.js
forum.bitmmgp.ru/ 0
0 172ms
149ms Script
text/html 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/jquery-1.9.1.min.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 17:03:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404

GET
H/1.1 200
OK 300x100-8.jpg
www.bestchange.net/images/banners/ 35 KB
35 KB 517ms
187ms Image
image/jpeg 85.119.149.9
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bestchange.net/images/banners/300x100-8.jpg

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.9 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

bestchange.net

Software

nginx /

Resource Hash

a14bdc091f88840621b6a744a9bdeca4f782fe991635a191b8e7af0fa8407f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:19 GMT
Last-Modified: Wed, 11 May 2016 07:47:45 GMT
Server: nginx
ETag: "5732e3a1-8a57"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35415
Expires: Thu, 14 May 2020 17:03:19 GMT

GET
H2 200 BitMMGP_Pravila.jpg
forum.bitmmgp.ru/img/banners/ 5 KB
5 KB 147ms
126ms Image
image/jpeg 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/img/banners/BitMMGP_Pravila.jpg
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 17bd7a08a95ae9bd6d0b531969903b9f8873d777934e1ae3d7c1c3fd447de983

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Wed, 19 Apr 2017 16:28:31 GMT
server: nginx
content-type: image/jpeg
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 5435
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 200 sf.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/ 2 KB
2 KB 148ms
127ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/sf.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 672f66db583e0d074292c36b36021b4fa4ec8a5f185b0ba0ccdd361e87a97587

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Sun, 25 Sep 2016 17:31:14 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 2179
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 200 st.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/ 1 KB
1 KB 148ms
127ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/st.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 7bb0c1ad35ec280697b816f0d2d877392ff0e3f8acfde611680cae16f27e8169

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Sun, 25 Sep 2016 17:30:53 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1097
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 200 sl.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/ 2 KB
2 KB 133ms
128ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/sl.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 7a13193b7a1c506dc7ad1900e5f4ef594c9f97a11d62bfb902b7dcfcc0fce0b7

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Fri, 30 Sep 2016 11:03:32 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1727
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 200 sg.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/ 2 KB
2 KB 133ms
128ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/social/sg.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 25b9af9ada7ed1c57f256288b2c82d866c0cf7078f49bab582035164e64d1dbd

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:18 GMT
last-modified: Fri, 30 Sep 2016 15:12:25 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 2050
expires: Sat, 13 Jun 2020 17:03:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 47ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 17:03:18 GMT
server: ESF
date: Tue, 14 Apr 2020 17:03:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Apr 2020 17:03:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 28ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=forum.bitmmgp.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 37ms
16ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=forum.bitmmgp.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/ 216 KB
81 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83076
x-xss-protection: 0
server: cafe
etag: 11284991114190924255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Apr 2020 17:03:18 GMT

GET
H2 200 arrow.cur
forum.bitmmgp.ru/styles/SvgCustomCursor/windows_like_mac/ 4 KB
4 KB 133ms
128ms Image
text/plain 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.bitmmgp.ru/styles/SvgCustomCursor/windows_like_mac/arrow.cur

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx /

Resource Hash

6dc741efe6eb76b479f32bcd68a7961d8b8132e61696f9fc9a4908cf01de4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.bitmmgp.ru/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1586883090
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Sep 2018 18:38:35 GMT
server: nginx
status: 200
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 4286
x-xss-protection: 1; mode=block

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/ Frame 72C6 0
0 32ms
31ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200408/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 09 Apr 2020 06:16:28 GMT
expires: Thu, 23 Apr 2020 06:16:28 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 470811
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75075110a49a4946124fa25470b9f84807f4352664c3ffc83a39935e7cdd6e2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 link.cur
forum.bitmmgp.ru/styles/SvgCustomCursor/windows_like_mac/ 4 KB
4 KB 144ms
141ms Image
text/plain 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.bitmmgp.ru/styles/SvgCustomCursor/windows_like_mac/link.cur

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx /

Resource Hash

a4335be9577bc449239cf2c24a6f190486bd0cd0c9bbe9a5ff3b457cfd88e0d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.bitmmgp.ru/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1586883090
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Sep 2018 18:38:35 GMT
server: nginx
status: 200
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 4286
x-xss-protection: 1; mode=block

GET
H2 200 xenforo-ui-sprite.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/ 9 KB
9 KB 144ms
142ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/xenforo-ui-sprite.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: dd0dc883382cb63d8ce466008ed65ecadda8d9a41d1c395aa610a8f0c93103db

Request headers

Referer: https://forum.bitmmgp.ru/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1586883090
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:19 GMT
last-modified: Sat, 17 Sep 2016 16:00:15 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 8934
expires: Sat, 13 Jun 2020 17:03:19 GMT

GET
H2 200 tab-selected-light.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/gradients/ 1006 B
1 KB 144ms
142ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/gradients/tab-selected-light.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: c5097da42217e110eb92e74d0834e712ea85c4795f54125cab5cd1c3d46103f7

Request headers

Referer: https://forum.bitmmgp.ru/css.php?css=BRC_message_user_info_extra,bb_code,genesis,login_bar,message,message_user_info,rank_user,rellect_favicon,share_page,si_links_footer,siropu_ads_manager_ad_common,siropu_ads_manager_ad_type_code,svg_adblock_detected,thread_view,topicstarter,ulogin,waindigo_navigation_links_threadnavigation,xengallery_tab_links&style=2&dir=LTR&d=1586883090
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:19 GMT
last-modified: Sat, 17 Sep 2016 16:00:35 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1006
expires: Sat, 13 Jun 2020 17:03:19 GMT

GET
H/1.1 200
OK providers-16-classic.png
ulogin.ru/version/3.0/img/ 13 KB
13 KB 174ms
172ms Image
image/png 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ulogin.ru/version/3.0/img/providers-16-classic.png?version=img.3.0.1
Requested by: Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: cfa9ae8680beb4f88ae1565cbc2bbfbfdaea917650c2fd975f8aafe0e947e842

Request headers

Referer: https://forum.bitmmgp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:20 GMT
Last-Modified: Tue, 05 Feb 2019 08:03:36 GMT
Server: nginx
ETag: "5c594358-3321"
Content-Type: image/png
Cache-Control: max-age=259200, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13089
Expires: Fri, 17 Apr 2020 17:03:20 GMT

GET
H/1.1 200
OK / Show response
cusok.ru/c/ 3 KB
1 KB 262ms
63ms Script
text/html 88.198.46.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cusok.ru/c/?id=41229&x=1600&y=1200&r=848379965211977&t=11730
Requested by: Host: texto.click
URL: https://texto.click/nx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.46.158 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: texto.click
Software: nginx/1.12.1 /
Resource Hash: 65c6f1830901c1e0094f318fedb7e5426f8c2038520a291c900a7fe9fb6eff7e

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:19 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 1150
Vary: Accept-Encoding
Content-Type: text/html

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
345 B 135ms
120ms XHR
text/html 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c9dad7dfdf95cbe3d5dfd5ced891ddda8da3a09dad91a28b989e939b889ba497999dcee1e2d0d4cfcc949fa09789a2ced3cbd0d6d7dad8d2ad87d2e8d5d7d487d5c4ce85d9e587e19a92a2c7989cc2a08e8ad3d7d9e6c6e9cdc9d3ccdf949fa59e97ad979290d2d0d7d8d19692d3d2e5c692cfcccbceda8e8ad5cfdbe9ced7979e9c919b939da999a2a892a8a187dbc4d1c6dcdb969ead98a09b9d8b979ddce1a4d3cde595e89a9798939b959aa29799aa91a2989798939b959aa2978caa8495999ca099a39d9da9a0a2b096a9
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 583effe3fc613237-FRA
content-length: 2

GET
H2 200 728x90.jpg
linkslot.ru/promo/dummy/ 17 KB
18 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/728x90.jpg
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5515a6d105fa252f987a7cb6f7b7a6a97cbbdca5b8c459f8dc45dd8821da30a4

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Jul 2015 17:32:24 GMT
server: cloudflare
age: 37346541
etag: "55ae8228-45db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 583effe3dddd1f4d-FRA
content-length: 17883
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9374 0
0 60ms
60ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3272108095515714&output=html&adk=1934523412&adf=3164131733&lmt=1586883797&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586883797812&bpp=1146&bdt=47&fdt=1857&idt=1858&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3767444251677&frm=20&pv=2&ga_vid=1444126634.1586883800&ga_sid=1586883800&ga_hid=16696151&ga_fc=0&iag=0&icsg=46909094912&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530312&oid=3&pvsid=3476101972763964&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=1873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3272108095515714&output=html&adk=1934523412&adf=3164131733&lmt=1586883797&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586883797812&bpp=1146&bdt=47&fdt=1857&idt=1858&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3767444251677&frm=20&pv=2&ga_vid=1444126634.1586883800&ga_sid=1586883800&ga_hid=16696151&ga_fc=0&iag=0&icsg=46909094912&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530312&oid=3&pvsid=3476101972763964&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=1873
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Apr 2020 17:03:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Apr-2020 17:18:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Tue, 14 Apr 2020 17:03:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 59ms
45ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e019e4dd3d8be298895ef632bb8e5083de16a01f55a1eb385b1e0efede2f3705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586777055770172"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28426
x-xss-protection: 0
expires: Tue, 14 Apr 2020 17:03:19 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.2/fonts/ 70 KB
70 KB 1698ms
1105ms Font
font/woff2 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.2/fonts/fontawesome-webfont.woff2?v=4.6.2

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.2/css/font-awesome.min.css
Origin: https://forum.bitmmgp.ru

Response headers

date: Tue, 14 Apr 2020 17:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 71715

GET
H/1.1 200
OK 951821
ad.a-ads.com/ Frame 2988 0
0 187ms
68ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/951821?size=728x90&background_color=6a6b45&text_color=11e827&title_color=cff008&link_color=d06bd9

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.239.209.209 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 14 Apr 2020 17:03:20 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 951827
ad.a-ads.com/ Frame 2A61 0
0 194ms
74ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/951827?size=728x90&background_color=373e46&text_color=00ff29&title_color=ebff00&title_hover_color=ff0000&link_color=00f0ff

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.239.209.209 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 14 Apr 2020 17:03:20 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK n.png
a.contextbar.ru/ 532 B
770 B 224ms
54ms Image
image/png 88.198.46.180
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.contextbar.ru/n.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.46.180 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nolix.ru
Software: nginx/1.12.1 /
Resource Hash: aa7e02c693c8e768e6e04e8e7ea2b58b9e896248cded9f27c150f09db1ac0ce0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:20 GMT
Last-Modified: Mon, 05 Feb 2018 14:46:20 GMT
Server: nginx/1.12.1
ETag: "5a786e3c-214"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 532

GET
H2 200 /
ad.bitmedia.io/pv/5d354c0f13fb0c9852b694cc/ 35 B
300 B 189ms
188ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/pv/5d354c0f13fb0c9852b694cc/?source=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ref=&ent=44&we=1&fid=7350885aabc814b9f670ddbdedcf468f&fidnoua=54d1b6c1d6f715ffe72d6c57c27ff7c4&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&sig=0x00000&blocksubid=0&impid=c940b4dcea67bad9afe702dde13ce574

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cf-ray: 583effe98c9a1f35-FRA
content-length: 35

GET
H2 200 / Show response
forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/ 64 KB
21 KB 259ms
258ms Fetch
text/html 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/ipbc-dev/airtime-module-dist/airtime.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

f279e85b5c0da551835995beee8e15c32583533ed516fc49522f97e72cce3bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Apr 2020 17:03:20 GMT
server: nginx
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, max-age=0
x-server-powered-by: Engintron
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 908429
ad.a-ads.com/ Frame A152 0
0 96ms
96ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/908429?size=200x200&background_color=261d1d&text_color=d9d119&title_color=ddd6f7&title_hover_color=ffffff&link_color=13e60f&link_hover_color=ffffff

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

213.239.209.209 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 14 Apr 2020 17:03:20 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK bg.png
www.bestchange.ru/images/banners/ 581 B
930 B 93ms
91ms Image
image/png 85.119.149.6
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bestchange.ru/images/banners/bg.png

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.6 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

bestchange.ru

Software

nginx /

Resource Hash

0796f9076e4cbf09312229053630e0101c0b89ce982e738b07aeeffcfdc63ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://forum.bitmmgp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:20 GMT
Last-Modified: Wed, 11 May 2016 07:48:04 GMT
Server: nginx
ETag: "5732e3b4-245"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 581
Expires: Thu, 14 May 2020 17:03:20 GMT

GET
H/1.1 200
OK bt.png
www.bestchange.ru/images/banners/ 182 B
530 B 91ms
89ms Image
image/png 85.119.149.6
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bestchange.ru/images/banners/bt.png

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.6 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

bestchange.ru

Software

nginx /

Resource Hash

356a3bd8b273fbc1fce70b80bdf7503a120f0e2b25e4dadec610711647ba1e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://forum.bitmmgp.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 14 Apr 2020 17:03:20 GMT
Last-Modified: Wed, 11 May 2016 07:48:04 GMT
Server: nginx
ETag: "5732e3b4-b6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182
Expires: Thu, 14 May 2020 17:03:20 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zItNOfzbrqVGbb4QFYpPpcrw/ 258 KB
92 KB 73ms
6ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zItNOfzbrqVGbb4QFYpPpcrw/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59810fde24ce60c80da277fc0a947e428ab733def8e8af97a5b480ac9e510ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 17:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Apr 2020 04:07:04 GMT
server: sffe
age: 86168
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94244
x-xss-protection: 0
expires: Tue, 13 Apr 2021 17:07:12 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
192 B 113ms
109ms XHR
text/html 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c9dad7dfdf95cbe3d5dfd5ced891ddda8da49a9db196a58b989e939b889ba497999dcee1e2d0d4cfcc949fa09789a2ced3cbd0d6d7dad8d2ad87d2e8d5d7d487d5c4ce85d9e587e19a92a2c7989cc2a08e8ad3d7d9e6c6e9cdc9d3ccdf949fa59e97ad979290d2d0d7d8d19692d3d2e5c692cfcccbceda8e8ad5cfdbe9ced7979e9c919b939da999a2a892a8a187dbc4d1c6dcdb969ead98a09b9d8b94ce95cfd4d89cab98a8d59f98939b959aa29799aa91a2989798939b959aa2978caa8495999ca099a39d9daa9799b09aa5
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 583effeabf963237-FRA
content-length: 2

GET
H2 200 200x200.jpg
linkslot.ru/promo/dummy/ 15 KB
15 KB 26ms
23ms Image
image/jpeg 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x200.jpg
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:20 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Jul 2015 17:31:56 GMT
server: cloudflare
age: 6604
etag: "55ae820c-3ad5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 583effeab8e41f4d-FRA
content-length: 15061

GET
H2 200 200x200.gif
new.skyway.capital/images/users-banners/ 58 KB
58 KB 288ms
178ms Image
image/gif 2606:4700:3033::6812:2f06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://new.skyway.capital/images/users-banners/200x200.gif
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:2f06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a635ffbbabf431bb8c96428f18a6e94cf5f7cdeac05fb370c9024be9bc01aa2a

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:20 GMT
cf-cache-status: BYPASS
last-modified: Sat, 04 Nov 2017 17:32:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=604800, private, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 583effeb6ad6c2ea-FRA
content-length: 59041
expires: Tue, 21 Apr 2020 17:03:20 GMT

GET
H2 200 freebitcoin_banner_logo_200_200.jpg
forum.bitmmgp.ru/img/banners/ 22 KB
22 KB 106ms
104ms Image
image/jpeg 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/img/banners/freebitcoin_banner_logo_200_200.jpg
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 2029b476e17a85b320559a218c9029faf084c90d58e66df33553411d51b9f548

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:20 GMT
last-modified: Wed, 11 Apr 2018 08:42:17 GMT
server: nginx
content-type: image/jpeg
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 22543
expires: Sat, 13 Jun 2020 17:03:20 GMT

GET
H2 200 freedogecoin%20faucet%20banner%20200%20200.gif
forum.bitmmgp.ru/img/banners/ 27 KB
27 KB 101ms
99ms Image
image/gif 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/img/banners/freedogecoin%20faucet%20banner%20200%20200.gif
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 07c6bcc5261ca23a723fffe3c0b24ecbc1c306177b7a5d54e2e70f72ce39afd1

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:20 GMT
last-modified: Wed, 11 Apr 2018 08:37:03 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 27891
expires: Sat, 13 Jun 2020 17:03:20 GMT

GET
H2 200 bh.png
forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/ 27 KB
27 KB 105ms
105ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/brivium/hydrogen/xenforo/bh.png
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/ipbc-dev/airtime-module-dist/airtime.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: 8fd371d98182f2de72524d0170932ccc3ac29003bb5ba0241e36cc2d176ad2db

Request headers

Referer: https://forum.bitmmgp.ru/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1586883090
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:20 GMT
last-modified: Sat, 17 Sep 2016 16:00:13 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 27908
expires: Sat, 13 Jun 2020 17:03:20 GMT

GET
H2 404 jquery-1.9.1.min.js
forum.bitmmgp.ru/ 0
0 180ms
180ms Script
text/html 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/jquery-1.9.1.min.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:21 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 17:03:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404

GET
H2 200 /
ad.bitmedia.io/p/5db7ec63494d9fac1309fd7b/ Frame 195D 0
0 424ms
423ms Document
text/html 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.bitmedia.io/p/5db7ec63494d9fac1309fd7b/?source=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ref=&ent=44&we=1&fid=7350885aabc814b9f670ddbdedcf468f&fidnoua=54d1b6c1d6f715ffe72d6c57c27ff7c4&impid=c940b4dcea67bad9afe702dde13ce574&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&sig=0x00000&blocksubid=0

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ad.bitmedia.io
:scheme: https
:path: /p/5db7ec63494d9fac1309fd7b/?source=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&ref=&ent=44&we=1&fid=7350885aabc814b9f670ddbdedcf468f&fidnoua=54d1b6c1d6f715ffe72d6c57c27ff7c4&impid=c940b4dcea67bad9afe702dde13ce574&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&sig=0x00000&blocksubid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: hid=149ed06344ad42d2962902978bfb7502
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
date: Tue, 14 Apr 2020 17:03:21 GMT
content-type: text/html
set-cookie: __cfduid=da90a659fcc364064a528429a317175ae1586883801; expires=Thu, 14-May-20 17:03:21 GMT; path=/; domain=.bitmedia.io; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 583effecbe431f35-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 5 KB
780 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/ipbc-dev/airtime-module-dist/airtime.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Apr 2020 17:03:21 GMT
server: ESF
date: Tue, 14 Apr 2020 17:03:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Apr 2020 17:03:21 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t38.3;r;s1600*1200*24;uhttps%3A//forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/;0.27872227181666487
https://counter.yadro.ru/hit?q;t38.3;r;s1600*1200*24;uhttps%3A//forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/;0.27872227181666487

438 B
817 B

102ms
102ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit?q;t38.3;r;s1600*1200*24;uhttps%3A//forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/;0.27872227181666487
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host216.rax.ru
Software: nginx/1.17.9 /
Resource Hash: 8cfc3e4c31668b5c2c650156c6b68e4626bf6a673738742b07fd91a8a46077d9

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Apr 2020 17:03:21 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 438
Expires: Sun, 14 Apr 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Apr 2020 17:03:21 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t38.3;r;s1600*1200*24;uhttps%3A//forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/;0.27872227181666487
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 14 Apr 2019 21:00:00 GMT

GET
H2 200 client:plusone.js Show response
plus.google.com/js/ 48 KB
19 KB 82ms
59ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.google.com/js/client:plusone.js

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/js/xenforo/xenforo.js?_v=19efdf29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0203a7103519bf8284142a5b1801614d28d3bbbfef8fb159b61b03cac2f14f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-0PHwaIgeOPAkzMPliA0xHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "035965161409a020c84b80761491f320"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Tue, 14 Apr 2020 17:03:21 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 227ms
47ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/js/xenforo/xenforo.js?_v=19efdf29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29121
x-served-by: cache-bwi5134-BWI, cache-fra19179-FRA
last-modified: Tue, 07 Apr 2020 20:48:50 GMT
etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 xtop.png
forum.bitmmgp.ru/styles/default/xenforo/widgets/ 1 KB
1 KB 73ms
73ms Image
image/png 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forum.bitmmgp.ru/styles/default/xenforo/widgets/xtop.png
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.165.29.121 , Lithuania, ASN16276 (OVH, FR),
Reverse DNS: bitmmgp.ru
Software: nginx /
Resource Hash: e994dc8e4c1c8f05a9efcdf809986903c3dd9fc5c771c6e6b9408fa07bf1655f

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Apr 2020 17:03:21 GMT
last-modified: Fri, 23 Sep 2016 18:36:06 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1130
expires: Sat, 13 Jun 2020 17:03:21 GMT

GET
H/1.1 200
OK stats.html
ulogin.ru/ Frame DADA 0
0 169ms
169ms Document
text/html 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/stats.html?r=79048&type=small&xdm_e=https%3A%2F%2Fforum.bitmmgp.ru&xdm_c=default6668&xdm_p=1
Requested by: Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash

Request headers

Host: ulogin.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ulogin_token=uec342bc009e81d4e8ae8ed1ce42dc418
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

Server: nginx
Date: Tue, 14 Apr 2020 17:03:22 GMT
Content-Type: text/html
Last-Modified: Tue, 07 Jun 2016 14:59:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK drop.html
ulogin.ru/version/3.0/html/ Frame C15D 0
0 371ms
201ms Document
text/html 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/version/3.0/html/drop.html?id=0&redirect_uri=https%3A%2F%2Fforum.bitmmgp.ru%2Fulogin%2F%26back%3DaHR0cHM6Ly9mb3J1bS5iaXRtbWdwLnJ1L3BsdXNidGMtb2ZpZ2VubnlqLXNlcnZpcy1zLWJvbnVzb20udDkzMjIv&callback=&providers=twitter,google,yandex,livejournal,openid,flickr,lastfm,linkedin,liveid,soundcloud,steam,webmoney,youtube,foursquare,tumblr,googleplus,instagram,wargaming&fields=first_name,last_name,email,photo,photo_big&force_fields=&popup_css=&optional=sex,bdate,country,city&othprov=vkontakte,odnoklassniki,mailru,facebook&protocol=https&host=forum.bitmmgp.ru&lang=en&verify=&sort=relevant&m=0&icons_32=&icons_16=&theme=classic&client=&page=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&version=3&xdm_e=https%3A%2F%2Fforum.bitmmgp.ru&xdm_c=default6669&xdm_p=1
Requested by: Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash

Request headers

Host: ulogin.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ulogin_token=uec342bc009e81d4e8ae8ed1ce42dc418
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

Server: nginx
Date: Tue, 14 Apr 2020 17:03:23 GMT
Content-Type: text/html
Last-Modified: Wed, 20 Feb 2019 15:11:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 5504 0
0 61ms
61ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEhVEUAAAAAK0KLjVcaHGeKyKDL6hW3-1udtUw&co=aHR0cHM6Ly9mb3J1bS5iaXRtbWdwLnJ1OjQ0Mw..&hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&size=normal&cb=z038ubhswtvt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zItNOfzbrqVGbb4QFYpPpcrw/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bp5UgJklEx0MF2eZDbKipg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfEhVEUAAAAAK0KLjVcaHGeKyKDL6hW3-1udtUw&co=aHR0cHM6Ly9mb3J1bS5iaXRtbWdwLnJ1OjQ0Mw..&hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&size=normal&cb=z038ubhswtvt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 14 Apr 2020 17:03:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-bp5UgJklEx0MF2eZDbKipg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10151
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/ 292 KB
100 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_0

Requested by

Host: plus.google.com
URL: https://plus.google.com/js/client:plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4242dd3964225b197397772404b7c5433cf364ec3c48fd525a92cae4eac3bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 18:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 19:43:27 GMT
server: sffe
age: 513602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 101958
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:23:19 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/ 71 B
168 B 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=auth/exm=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_1

Requested by

Host: plus.google.com
URL: https://plus.google.com/js/client:plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 18:24:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 19:43:27 GMT
server: sffe
age: 513557
vary: Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:24:04 GMT

GET
H2 404 fastbutton
apis.google.com/se/0/_/+1/ Frame E8E7 0
0 46ms
42ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=ru-RU&origin=https%3A%2F%2Fforum.bitmmgp.ru&url=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__

Requested by

Host: plus.google.com
URL: https://plus.google.com/js/client:plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=ru-RU&origin=https%3A%2F%2Fforum.bitmmgp.ru&url=https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=202=kRfctElmOtsfBtsqeWTJtn4XTM442Gu9ZUJVc4wtjYx7mzvwwE_FfBE_vd-9fynegg--qEcZkBawO24f6xZkK1N8GfWTdtoahiTd8HpbI8RLdS6XeATFqRXh2DWYMzdccpmCkmv1Edwy2Q1qcXYAV2FczHRRp2hbrjHA3H6fcK0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 14 Apr 2020 17:03:21 GMT
content-security-policy-report-only: script-src 'report-sample' 'nonce-KcKz0JfQXwzkFcqMCvX98Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

POST
H2 200 deferred.php Show response
forum.bitmmgp.ru/ 21 B
381 B 400ms
397ms XHR
application/json 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/deferred.php

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/js/jquery/jquery-1.11.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

f6a2579476da6093987dc5ce9f580306583f856ba51d0fd1b6a68c61b7e2ac39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
X-Ajax-Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Apr 2020 17:03:21 GMT
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 771A 0
0 17ms
15ms Document
text/html 2a00:1450:4001:817::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fforum.bitmmgp.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.ebk8EhJxLu4.O/m=client,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/WfsrWfFXHYR3T82K17tDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fforum.bitmmgp.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ebk8EhJxLu4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP6GuLd1aTsaaFO6Zp_Rjnyu1Wv5g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=202=kRfctElmOtsfBtsqeWTJtn4XTM442Gu9ZUJVc4wtjYx7mzvwwE_FfBE_vd-9fynegg--qEcZkBawO24f6xZkK1N8GfWTdtoahiTd8HpbI8RLdS6XeATFqRXh2DWYMzdccpmCkmv1Edwy2Q1qcXYAV2FczHRRp2hbrjHA3H6fcK0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 14 Apr 2020 17:03:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-/WfsrWfFXHYR3T82K17tDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame B588 0
0 78ms
78ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fforum.bitmmgp.ru
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fforum.bitmmgp.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:47:48 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 14 Apr 2020 17:03:21 GMT
x-served-by: cache-bwi5127-BWI, cache-fra19179-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 6B78 0
0 94ms
94ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&k=6LfEhVEUAAAAAK0KLjVcaHGeKyKDL6hW3-1udtUw&cb=670w8awsobxg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zItNOfzbrqVGbb4QFYpPpcrw/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EuM7wGTDfoYovxCZnSHWiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&k=6LfEhVEUAAAAAK0KLjVcaHGeKyKDL6hW3-1udtUw&cb=670w8awsobxg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=202=kRfctElmOtsfBtsqeWTJtn4XTM442Gu9ZUJVc4wtjYx7mzvwwE_FfBE_vd-9fynegg--qEcZkBawO24f6xZkK1N8GfWTdtoahiTd8HpbI8RLdS6XeATFqRXh2DWYMzdccpmCkmv1Edwy2Q1qcXYAV2FczHRRp2hbrjHA3H6fcK0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 14 Apr 2020 17:03:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-EuM7wGTDfoYovxCZnSHWiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1183
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
278 B 277ms
199ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583efff2ce8a1f35-FRA
content-length: 35

GET
H2 200 button.93a0c25c2d2f3081c705c98c2d9dec0e.js Show response
platform.twitter.com/js/ 7 KB
2 KB 75ms
74ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.93a0c25c2d2f3081c705c98c2d9dec0e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:22 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2298
x-served-by: cache-bwi5149-BWI, cache-fra19179-FRA
last-modified: Tue, 07 Apr 2020 20:47:38 GMT
etag: "0745fc0bb127ba13d716d66761b4628d+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

POST
H2 200 deferred.php Show response
forum.bitmmgp.ru/ 22 B
382 B 171ms
171ms XHR
application/json 188.165.29.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.bitmmgp.ru/deferred.php

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/js/jquery/jquery-1.11.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.165.29.121 , Lithuania, ASN16276 (OVH, FR),

Reverse DNS

bitmmgp.ru

Software

nginx / PHP/5.6.40

Resource Hash

af541be18714cc89f5f29cfb86b4d8fd3ae8eb19e07427575b9ab281fc052e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
X-Ajax-Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Apr 2020 17:03:22 GMT
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 tweet_button.6787510241df65d128e2b60207ad4c25.ru.html
platform.twitter.com/widgets/ Frame 25E4 0
0 85ms
84ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.ru.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.6787510241df65d128e2b60207ad4c25.ru.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:47:47 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "ceead2dfb2ac3ae13bc7af36767404c8+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 14 Apr 2020 17:03:22 GMT
x-served-by: cache-bwi5140-BWI, cache-fra19179-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12778

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
338 B 177ms
177ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fforum.bitmmgp.ru%2Fplusbtc-ofigennyj-servis-s-bonusom.t9322%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1586883802372%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a2aa63b%3A1586240908307%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Tue, 14 Apr 2020 17:03:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 77433c6746c798ee5cad04d48ed5b428
x-transaction: 002f544900a85d8d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 31ms
19ms XHR
application/json 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200408&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

614640e722540a7b183a54ed7abeae69717fd76f46fbfcf0735a2b7b624ea9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Apr 2020 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5196
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 14 Apr 2020 17:03:22 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 9699 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 14 Apr 2020 16:57:35 GMT
expires: Wed, 14 Apr 2021 16:57:35 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 347
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
134 B 187ms
187ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=750c877e-9e19-43ef-a37e-b0cac0850fe0&token=03AHaCkAasz7ONYwgPqPwDcNcNyf5duAxOPNwSNDklxdihueufyOa-MzxfUMJCmn5fzEPgFVKS7cEIJfGXCcTK1Muj9zL2DYA_Plv62rmYOh4uSgp7wj4QyKLfXSQDId1wopW2A5EQ8rCwoWOnPozL3kvsnuKGVa3btVsX5rcwMf8Q5TFp5bkYYmPQ10Mt0tHvv_TjyvaQVD_ZW_mbF3YUJTxK2IUP97lSD93IGbbEZMNFKXKcDc2j5Wl7HrLlY-iBYtkfoSkk7-ezPAaniwzf_6l38hk7-cfcLDd2mQH9tLE2p0gCqExagtEaKHXtqX7S919ud-IjsZBxehj5bD2tWKLa2imXEwbFTj74zsMYAPkEfktvmlq0Jj1NbkI3g5xCnTg_jJW_Qw_rRdzs47ep6a2-6SZ6KLwL4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1800, public
cf-ray: 583efff6c9a81f35-FRA
content-length: 35
expires: Tue, 14 Apr 2020 17:33:22 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
68 B 15ms
14ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200408&jk=3476101972763964&bg=!cHOlc2tYkR39CyL_bisCAAAANlIAAAAJmQFc3vtfO3RYDo1yIiNyOEahKWKSyK83c-XZRwXipb0sUxKcPKOMuPVlSxfLRJM-e56NDcRn_hq0BFnkpa5N6T7mtO4slJIPY9-2c4D5bSKQxjFMzLtNrLzbhtKeDfPeRes-kAjAk3rzPMidAr6puq1iOf8p4GJ2rn6g7-YdKOJdHl6dIJbJVJ_lByU_CXZ7nFp5lCMvGEqnntE2dXA5ePCTDiinVzHsEt6EU7r3KO1mWA-7Ih-F2njNAuqGomhCY_6coYUZ5ALxq0EBAKRUxmfoQdcF01Bt58kQbxmE6vTU4amajNtEL_0TdVQDEpT0gYRhGrnn8JGIHZVE_r3cMLKKKP_gW2L79GQo9tuBcyPb4NXlYcKpzDE7K067IaFY7Kzo-rl2SnczD_9ZfCNPGDMFtU-0GjeEETPLkJ4MVGD-ZuX3Gt0jQI26tp4ygycwBHCBBnij1SE3vTcqeapy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
227 B 129ms
129ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583f00008c291f35-FRA
content-length: 35

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
192 B 59ms
58ms XHR
text/html 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=c9dad7dfdf95cbe3d5dfd5ced891ddda9da3a09dad91a29b979b939e959da39ca1b099aa9b9f9893a19e9d
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 583f00031be13237-FRA
content-length: 2

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
192 B 97ms
91ms XHR
text/html 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=c9dad7dfdf95cbe3d5dfd5ced891ddda9da49a9db196a59b979b939e959da39ca1b099aa9b9f9893a19e9d
Requested by: Host: forum.bitmmgp.ru
URL: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 17:03:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 583f0009fe8d3237-FRA
content-length: 2

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
227 B 149ms
149ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:26 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583f000d0fc71f35-FRA
content-length: 35

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
227 B 146ms
146ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583f00199c611f35-FRA
content-length: 35

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
228 B 170ms
170ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:30 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583f00260dcc1f35-FRA
content-length: 35

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
227 B 143ms
143ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583f0032882c1f35-FRA
content-length: 35

GET
H2 200 /
ad.bitmedia.io/reconfirm/ 35 B
228 B 141ms
141ms Image
image/gif 2606:4700:20::681a:b4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Requested by

Host: ad.bitmedia.io
URL: https://ad.bitmedia.io/js/adbybm.js/5db7ec63494d9fac1309fd7b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b4a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forum.bitmmgp.ru/plusbtc-ofigennyj-servis-s-bonusom.t9322/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 17:03:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 583f003f0c021f35-FRA
content-length: 35

GET /
ad.bitmedia.io/reconfirm/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.bitmedia.io
URL: https://ad.bitmedia.io/reconfirm/?clickid=undefined&token=undefined

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://forum.bitmmgp.ru/js/xenforo/xenforo.js?_v=19efdf29(Line 222) Message: XenForo.activate(%o) [object HTMLDocument]
console-api	log	URL: https://forum.bitmmgp.ru/js/xenforo/xenforo.js?_v=19efdf29(Line 224) Message: console.groupEnd
console-api	info	URL: https://forum.bitmmgp.ru/js/xenforo/xenforo.js?_v=19efdf29(Line 209) Message: XenForo.init() %dms. jQuery %s/%s 94 1.11.0 1.2.8-dev
console-api	info	URL: https://ulogin.ru/js/ulogin.js(Line 70) Message: [uLogin] ulogin.js received message: ready

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.contextbar.ru
accounts.google.com
ad.a-ads.com
ad.bitmedia.io
ads.people-group.net
adservice.google.com
adservice.google.de
apis.google.com
cdn.jsdelivr.net
counter.yadro.ru
cusok.ru
fonts.googleapis.com
forum.bitmmgp.ru
googleads.g.doubleclick.net
linkslot.ru
maxcdn.bootstrapcdn.com
new.skyway.capital
pagead2.googlesyndication.com
platform.twitter.com
plus.google.com
syndication.twitter.com
texto.click
tpc.googlesyndication.com
ulogin.ru
vk.com
www.bestchange.net
www.bestchange.ru
www.google.com
www.googletagservices.com
www.gstatic.com
ad.bitmedia.io
104.244.42.8
151.101.12.157
188.165.29.121
2001:4de0:ac19::1:b:2a
213.239.209.209
2606:4700:20::681a:1c9
2606:4700:20::681a:b4a
2606:4700:3033::6812:2f06
2606:4700::6810:5914
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2002
2a00:1450:4001:817::200d
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
5.9.100.69
85.119.149.6
85.119.149.9
88.198.46.158
88.198.46.180
88.212.201.216
93.186.225.208
95.163.118.168
0203a7103519bf8284142a5b1801614d28d3bbbfef8fb159b61b03cac2f14f84
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0796f9076e4cbf09312229053630e0101c0b89ce982e738b07aeeffcfdc63ed8
07c6bcc5261ca23a723fffe3c0b24ecbc1c306177b7a5d54e2e70f72ce39afd1
101258d5a715cebf03e663d8a30b6e5c6cc260089e7da452fbd16c5b65885ce8
17bd7a08a95ae9bd6d0b531969903b9f8873d777934e1ae3d7c1c3fd447de983
18c32161aca15db788977c170a32e894320ff8cfd528294d0138068944aec040
2029b476e17a85b320559a218c9029faf084c90d58e66df33553411d51b9f548
22e506dd2404ae9da01876a137afe7cdef2419dd64b353cea5f44b5eb18b2958
25b9af9ada7ed1c57f256288b2c82d866c0cf7078f49bab582035164e64d1dbd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
2dd467b68fe5e457aaaa6e85389d9322c31db6a4e57612ecf09478edaf1d7dda
2de83f2e770c760404a8ebfde9a4cd6b4f0de99760abaa5a734f28a022ff705a
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
356a3bd8b273fbc1fce70b80bdf7503a120f0e2b25e4dadec610711647ba1e5d
4c47b1139344ea5252493318938ae272692e437e93394d4375efcca0b0294602
5515a6d105fa252f987a7cb6f7b7a6a97cbbdca5b8c459f8dc45dd8821da30a4
55a958ef1dba404fb7cf098ca2932eac5118802231a9ea55ffedb84060263b37
585581050cdc676502b8823efe15798a8b22a37af8d46781a18139b228f4c6a5
586a4abfe9225dbb5521b32799d3b346da9e997452fec205a0812a360dd470ab
59810fde24ce60c80da277fc0a947e428ab733def8e8af97a5b480ac9e510ca2
614640e722540a7b183a54ed7abeae69717fd76f46fbfcf0735a2b7b624ea9d1
65c6f1830901c1e0094f318fedb7e5426f8c2038520a291c900a7fe9fb6eff7e
672f66db583e0d074292c36b36021b4fa4ec8a5f185b0ba0ccdd361e87a97587
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
6dc741efe6eb76b479f32bcd68a7961d8b8132e61696f9fc9a4908cf01de4645
6ddf790abc1581dd25bc7a2d9e2e2b69c8bc72a7bd84feeb6b62023a5de78dfd
6e5cffe0c4b5b538465bc2cad04134bf235ff3837357ee1c23fa2fce33c2ec55
6fdae2f5b5be637bb3c98c04b2dc825a44b6d0e0cfd48348b9e21ee887ef9a4f
73f764531b45d861525c181c819c0f7fc97afc8b5a8e3e527e3f8bd8491109a9
7450185e942b0f16212641afd3714c8ca474e9963c304a39b43935f0b1ba83e3
75075110a49a4946124fa25470b9f84807f4352664c3ffc83a39935e7cdd6e2c
7a13193b7a1c506dc7ad1900e5f4ef594c9f97a11d62bfb902b7dcfcc0fce0b7
7bb0c1ad35ec280697b816f0d2d877392ff0e3f8acfde611680cae16f27e8169
7d9d02b627bbf10dba162c842420abf30bd549f2dd6c9d0b97409e1162ead64f
80cd69c9d9190b156246346218ba82f4639d9f0d4583a86184285b5af06659a9
8cfc3e4c31668b5c2c650156c6b68e4626bf6a673738742b07fd91a8a46077d9
8fd371d98182f2de72524d0170932ccc3ac29003bb5ba0241e36cc2d176ad2db
978d82f29e6b01b4a989318629e8d00187c4133976cd7af67db10508896ca8db
a060511a784b091928b94f7eaa6d596801d703ab889abd43901af16c09fa06ad
a14bdc091f88840621b6a744a9bdeca4f782fe991635a191b8e7af0fa8407f0c
a4242dd3964225b197397772404b7c5433cf364ec3c48fd525a92cae4eac3bde
a4335be9577bc449239cf2c24a6f190486bd0cd0c9bbe9a5ff3b457cfd88e0d4
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a635ffbbabf431bb8c96428f18a6e94cf5f7cdeac05fb370c9024be9bc01aa2a
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a9df7a3c6c2443062edbc871f9b71b26c8739b192366fcd3cbca060ebca3c1a8
aa7e02c693c8e768e6e04e8e7ea2b58b9e896248cded9f27c150f09db1ac0ce0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af541be18714cc89f5f29cfb86b4d8fd3ae8eb19e07427575b9ab281fc052e91
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
b990748ef3bf77ccebc3af529f80b05aa5c449a28ba150c9f1fd58cae99900a2
c5097da42217e110eb92e74d0834e712ea85c4795f54125cab5cd1c3d46103f7
c75140c598c2289f2a91fa8a8e684ad0807dcfc47e0c41624cfeeee4a1a0e08c
ca75fd7bdad5c586aa293fadab3799e3737f1802ec9744841e6dfec121c8ff3c
cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169
cfa9ae8680beb4f88ae1565cbc2bbfbfdaea917650c2fd975f8aafe0e947e842
d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0
d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4
dd0dc883382cb63d8ce466008ed65ecadda8d9a41d1c395aa610a8f0c93103db
dd9db5462ce04f27b4d6089ceeefcc41e1c8de337c5174443c1a4dd8fa6ae3a1
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
dee8ce4339579abe6eccdf4dcb1cb954ec93959166e1724b9154e02963d118e2
e019e4dd3d8be298895ef632bb8e5083de16a01f55a1eb385b1e0efede2f3705
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e994dc8e4c1c8f05a9efcdf809986903c3dd9fc5c771c6e6b9408fa07bf1655f
ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0
f279e85b5c0da551835995beee8e15c32583533ed516fc49522f97e72cce3bd3
f6a2579476da6093987dc5ce9f580306583f856ba51d0fd1b6a68c61b7e2ac39

forum.bitmmgp.ru Open in urlscan Pro 188.165.29.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

99 %HTTPS

54 %IPv6

24 Domains

30 Subdomains

27 IPs

5 Countries

1126 kBTransfer

2610 kBSize

0 Cookies

23 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

forum.bitmmgp.ru Open in urlscan Pro
188.165.29.121 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

99 %
HTTPS

54 %
IPv6

24
Domains

30
Subdomains

27
IPs

5
Countries

1126 kB
Transfer

2610 kB
Size

0
Cookies

103 HTTP transactions
1 data transactions