bitsem.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://onebiztop.digital/b520
Effective URL:
https://bitsem.github.io/offbitbonus_106/
Submission: On December 28 via manual (December 28th 2023, 2:53:20 am UTC) from IN — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is bitsem.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.

This is the only time bitsem.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 5	2606:4700:303... 2606:4700:3030::ac43:859a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	190.115.19.162 190.115.19.162	59692 (IQWEB) (IQWEB)
29	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
44	9

5 2606:4700:3030::ac43:859a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

onebiztop.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

windayhome.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

windayhome.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.19.162 (Belize)

ASN59692 (IQWEB, AE)

e-pay.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

bitsem.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

privat-session.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	github.io bitsem.github.io privat-session.github.io	864 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	3 KB
5	onebiztop.digital 2 redirects onebiztop.digital	8 KB
3	windayhome.digital 1 redirects windayhome.digital	6 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	71 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 17920	257 B
1	e-pay.plus e-pay.plus	48 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	29 KB
44	8

	Domain	Requested by
29	bitsem.github.io	windayhome.digital bitsem.github.io
7	mc.yandex.com	2 redirects bitsem.github.io mc.yandex.ru
5	onebiztop.digital	2 redirects onebiztop.digital
3	windayhome.digital	1 redirects windayhome.digital
2	mc.yandex.ru	1 redirects bitsem.github.io
1	geolocation-db.com	bitsem.github.io
1	privat-session.github.io	bitsem.github.io
1	e-pay.plus	windayhome.digital
1	code.jquery.com	windayhome.digital
44	9

This site contains no links.

Subject Issuer	Validity	Valid
onebiztop.digital E1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
windayhome.digital GTS CA 1P5	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
e-pay.plus R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
geolocation-db.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://bitsem.github.io/offbitbonus_106/
Frame ID: 3B6930A01E60155AFA0BFC3C02C89463
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Биткоин Бонус

Page URL History Show full URLs

https://onebiztop.digital/b520 Page URL
https://onebiztop.digital/cdn-cgi/phish-bypass?atok=opZ2yJTpSqPjxDdUp8e0fbLqX1ilBc_aZ8HGdfJetAY-170373... HTTP 301
https://onebiztop.digital/b520 HTTP 302
http://windayhome.digital/b520?url_id=77442&url_full_id=1212 HTTP 301
https://windayhome.digital/b520?url_id=77442&url_full_id=1212 Page URL
https://bitsem.github.io/offbitbonus_106/ Page URL

Detected technologies

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

95 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1026 kB
Transfer

2581 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://onebiztop.digital/b520 Page URL
https://onebiztop.digital/cdn-cgi/phish-bypass?atok=opZ2yJTpSqPjxDdUp8e0fbLqX1ilBc_aZ8HGdfJetAY-1703731989-0-%2Fb520 HTTP 301
https://onebiztop.digital/b520 HTTP 302
http://windayhome.digital/b520?url_id=77442&url_full_id=1212 HTTP 301
https://windayhome.digital/b520?url_id=77442&url_full_id=1212 Page URL
https://bitsem.github.io/offbitbonus_106/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://onebiztop.digital/cdn-cgi/phish-bypass?atok=opZ2yJTpSqPjxDdUp8e0fbLqX1ilBc_aZ8HGdfJetAY-1703731989-0-%2Fb520 HTTP 301
https://onebiztop.digital/b520 HTTP 302
http://windayhome.digital/b520?url_id=77442&url_full_id=1212 HTTP 301
https://windayhome.digital/b520?url_id=77442&url_full_id=1212

Request Chain 43

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10230.n9hsitgUaxY8CLeVkEccJneoyV9EhxA30SmlLW4QQFz5nmAU3oRSsSZU527t4wB-.5jmoEJ6qRZCa5EQohle3jhVVIhQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10230.y-ECZvP1_hFiinBxgCGhn9wW2e3Ip8FnfvDC5jG9M64z5AnBzLtFLgGuUa0LsQWNLS4MdQQ7JhlPoSbc8Vube88oxpcD690U6StsyDGwGixK_ISPsGLRmelJ1GbnnKHDCMSnXwwP7SjtKX85Oq-eDTS50E_w1-7W68i83WC6LVkBFBXuivG81poegkDt74vK1BfVLnQ-HXyFNfmHXLjAGTwuUYPBzt1wjviLmEdxoI0%2C.TamJv-2hNHMo2D_PgrOkzMTig6s%2C

Request Chain 45

https://mc.yandex.com/watch/94337915?wmode=7&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&page-ref=https%3A%2F%2Fwindayhome.digital%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A377965376519%3Ahid%3A864678808%3Az%3A60%3Ai%3A20231228035316%3Aet%3A1703731996%3Ac%3A1%3Arn%3A679185707%3Arqn%3A1%3Au%3A1703731996845157082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C42%2C132%2C39%2C0%2C0%2C%2C331%2C0%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1703731995199%3Afp%3A409%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703731996%3At%3A%D0%91%D0%B8%D1%82%D0%BA%D0%BE%D0%B8%D0%BD%20%D0%91%D0%BE%D0%BD%D1%83%D1%81&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/94337915/1?wmode=7&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&page-ref=https%3A%2F%2Fwindayhome.digital%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A377965376519%3Ahid%3A864678808%3Az%3A60%3Ai%3A20231228035316%3Aet%3A1703731996%3Ac%3A1%3Arn%3A679185707%3Arqn%3A1%3Au%3A1703731996845157082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C42%2C132%2C39%2C0%2C0%2C%2C331%2C0%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1703731995199%3Afp%3A409%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703731996%3At%3A%D0%91%D0%B8%D1%82%D0%BA%D0%BE%D0%B8%D0%BD%20%D0%91%D0%BE%D0%BD%D1%83%D1%81&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

44 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 b520 Show response
onebiztop.digital/ 4 KB
2 KB 200ms
26ms Document
text/html 2606:4700:3030::ac43:859a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onebiztop.digital/b520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:859a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da59fd3a4706d2804648cf95efcd726e05013c6ebca10fdf156d8efe4ec7b274

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-ray: 83c682e4ead65d91-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 02:53:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQLh81%2FubfJaNg1bMb5hxK2L8L32g6j3XsR2JxTu127EZnaOtyM%2BI3JIPYugo4DxOthq8QjC%2F46GafWEJnqnhUKSbJ%2FwmqruriLpYn2Zr5C7jMi9WafP4hAIWG%2FS7x7BE%2FP2LY9PkdhsYcua%2BetrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
onebiztop.digital/cdn-cgi/styles/ 24 KB
5 KB 23ms
22ms Stylesheet
text/css 2606:4700:3030::ac43:859a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onebiztop.digital/cdn-cgi/styles/cf.errors.css

Requested by

Host: onebiztop.digital
URL: https://onebiztop.digital/b520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:859a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onebiztop.digital/b520
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:54 GMT
server: cloudflare
etag: W/"6581a432-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 83c682e51ae95d91-FRA
expires: Thu, 28 Dec 2023 04:53:09 GMT

GET
H2 200 icon-exclamation.png
onebiztop.digital/cdn-cgi/images/ 452 B
540 B 22ms
22ms Image
image/png 2606:4700:3030::ac43:859a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onebiztop.digital/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: onebiztop.digital
URL: https://onebiztop.digital/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:859a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onebiztop.digital/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:54 GMT
server: cloudflare
etag: "6581a432-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 83c682e54af55d91-FRA
content-length: 452
expires: Thu, 28 Dec 2023 04:53:09 GMT

GET
H2

200

b520 Show response
windayhome.digital/
Redirect Chain

https://onebiztop.digital/cdn-cgi/phish-bypass?atok=opZ2yJTpSqPjxDdUp8e0fbLqX1ilBc_aZ8HGdfJetAY-1703731989-0-%2Fb520
https://onebiztop.digital/b520
http://windayhome.digital/b520?url_id=77442&url_full_id=1212
https://windayhome.digital/b520?url_id=77442&url_full_id=1212

2 KB
1 KB

257ms
186ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windayhome.digital/b520?url_id=77442&url_full_id=1212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7cd3b296a83db2f982fb1506784ed2817e0dc9cfc8818b90d88da850866d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83c683084dfd04aa-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 02:53:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUuuL%2BoryM6TVeff8YyLoHPaxOYVBAwFI8gc1FieuEBUW2q7eI2%2BEtQ2bEujcQ977qULaOz1O%2FpqiaLZRzhHjTTEkEvJIAdHd0jhbXCh7NQIaJ%2BxD%2FRDLgflkQuCgYhvPh%2BWSTWJ%2FBhcSUoUHTEplH0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: ALLOWALL

Redirect headers

CF-RAY: 83c683079d989b34-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 28 Dec 2023 02:53:14 GMT
Expires: Thu, 28 Dec 2023 03:53:14 GMT
Location: https://windayhome.digital/b520?url_id=77442&url_full_id=1212
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvFRba%2Fc3jqPXFUoklQgWAxof7GxY7150eoOFpjWRjb5RX0rnyeYD5K5D3re6i285FbmQE3U9kRsKepopTF9e2L6Xj893%2FwiFMJGHEwhcITTg%2FE4dbMa%2F9ROxOH6T6xNpMhVU1%2Bdj68b%2FJbUt58aChc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.1.3.min.js Show response
code.jquery.com/ 82 KB
29 KB 61ms
20ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.3.min.js
Requested by: Host: windayhome.digital
URL: https://windayhome.digital/b520?url_id=77442&url_full_id=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windayhome.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8929794
x-cache: HIT, HIT
content-length: 29507
x-served-by: cache-lga21965-LGA, cache-fra-etou8220095-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703731995.148970,VS0,VE0
etag: W/"28feccc0-14960"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 414, 164966

GET
H2 200 jquery.syotimer.js Show response
windayhome.digital/js/ 10 KB
4 KB 100ms
99ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windayhome.digital/js/jquery.syotimer.js
Requested by: Host: windayhome.digital
URL: https://windayhome.digital/b520?url_id=77442&url_full_id=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windayhome.digital/b520?url_id=77442&url_full_id=1212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jun 2019 09:48:00 GMT
server: cloudflare
etag: W/"5d11edd0-286f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0faO04nDysILkKGa7FBG150okJE1hjzQ1fF8U2E8Ll%2B4r%2BwwWWGHl2SmFl5jqy22Y64nuD%2Fb%2B1rS2oVB1z7%2Fr5Ur6cdsel5EWz8xM65tcJXgsfW9nDyzxtwT7cA97lwsbUtmUHEYtl%2BagsFb%2By2dVY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=14400
cf-ray: 83c683097e6704aa-CDG
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 8536.jpg
e-pay.plus/i/product/853/ 48 KB
48 KB 136ms
43ms Image
image/jpeg 190.115.19.162
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-pay.plus/i/product/853/8536.jpg

Requested by

Host: windayhome.digital
URL: https://windayhome.digital/b520?url_id=77442&url_full_id=1212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.162 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://windayhome.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Thu, 28 Dec 2023 02:53:15 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubdomains; preload
last-modified: Tue, 03 Aug 2021 04:21:01 GMT
server: ddos-guard
age: 0
etag: "6108c42d-be94"
x-frame-options: ALLOWALL
content-type: image/jpeg
access-control-allow-origin: *
ddg-cache-status: MISS
accept-ranges: bytes
content-length: 48788

GET
H2 200 Primary Request / Show response
bitsem.github.io/offbitbonus_106/ 211 KB
96 KB 191ms
133ms Document
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus_106/

Requested by

Host: windayhome.digital
URL: https://windayhome.digital/b520?url_id=77442&url_full_id=1212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

a3e4b898cd7c982eedf0e5dca1ddf040e79f472fd3b89efd734fbd3c93851f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://windayhome.digital/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 98213
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 02:53:15 GMT
etag: W/"64e888ce-34ca9"
expires: Thu, 28 Dec 2023 03:03:15 GMT
last-modified: Fri, 25 Aug 2023 10:56:14 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: b35938d379ef233aee628cef86da003b046a58fa
x-github-request-id: E5AC:84D2F:33A749:34A538:658CE31B
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230052-FRA
x-timer: S1703731995.267430,VS0,VE113

GET
H2 200 init.js Show response
bitsem.github.io/offbitbonus/js/ 5 KB
2 KB 150ms
149ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/init.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

6f5928c8bb937d9b2a6589fe22bfc880163b2c0d56f3c131ee08d712bd1d6e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 1d4c31bf1ebf3c45d0b0fd6dfc26f5a398275d89
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 1916
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 60CA:3CDD4:36062F:3703F5:658CE31B
x-timer: S1703731995.406980,VS0,VE129
etag: W/"64e89630-15d2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-vendors.508d4aa5.css
bitsem.github.io/offbitbonus/css/ 0
179 B 128ms
127ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-vendors.508d4aa5.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: f489e0d32da075615fc82f6ffbef84b97d8210d0
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 0
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 378C:84D2F:33A77B:34A569:658CE31B
x-timer: S1703731995.406645,VS0,VE108
etag: "64e89630-0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 index.dcf47b9a.css
bitsem.github.io/offbitbonus/css/ 98 KB
26 KB 134ms
134ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/index.dcf47b9a.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

8481f332d540ce6342ac3a962b8d22716093c65ca20d29a88d899faa7c985a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 9cbdcb37394e1732e6bd346d9d6ebdb2c093305c
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 26770
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: D7B6:208613:326903:3365F6:658CE31B
x-timer: S1703731995.407053,VS0,VE114
etag: W/"64e89630-18747"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-vendors.81861318.js Show response
bitsem.github.io/offbitbonus/js/ 1 MB
440 KB 178ms
177ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-vendors.81861318.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

18587946ec9c975acf132ce84def1645d666cacbf9f88296a6981660c650d3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 1490c9d9205c4202abb4c4cb8262ff965379869c
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 450162
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: ED46:20A385:34B79F:35B585:658CE31B
x-timer: S1703731995.406965,VS0,VE157
etag: W/"64e89630-1620dc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 index.002d3e4a.js Show response
bitsem.github.io/offbitbonus/js/ 373 KB
90 KB 137ms
137ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/index.002d3e4a.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

22453797e78ae4a4ae23cb301a2b00ffa96eb3731dbe2154b192bf7603e93545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: aa6e34ef2c23100c41d7028b57530bef1114ba43
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 91570
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 2CE8:3BB9D:33F832:34F541:658CE31A
x-timer: S1703731995.407248,VS0,VE117
etag: W/"64e89630-5d32d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 font.css
bitsem.github.io/offbitbonus/css/ 0
125 B 132ms
132ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/font.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 5dea97ecd326103cbb3c878efe9cbeda02003c8f
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 0
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 6782:87034:33FAD7:34F7DF:658CE31B
x-timer: S1703731995.407021,VS0,VE112
etag: "64e89630-0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 ps.js Show response
bitsem.github.io/offbitbonus/js/ 304 B
338 B 136ms
136ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/ps.js?t=1703731995397

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

c328887c665cb8c1f7ffe9705bf609dd86cbb80570bd77457dc2dc30a8a0bd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: c812b5ba1e00e6a13d36036ddbcbf09ba6741bc0
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 130
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 721C:8FF19:335E74:345B3B:658CE31B
x-timer: S1703731995.407240,VS0,VE115
etag: W/"64e89630-130"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-0539d65c.45b4ef5b.css
bitsem.github.io/offbitbonus/css/ 1 KB
724 B 121ms
121ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-0539d65c.45b4ef5b.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

687ae01a0e00f4e3724ca0c7cf68d0027a174491ce9725e440947da149b65bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 0625a2fdce5b209407290840ae12f17d06d3fd50
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 539
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 67BE:36888F:3375C0:3472C0:658CE31B
x-timer: S1703731995.439794,VS0,VE101
etag: W/"64e89630-4ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-0539d65c.45341174.js Show response
bitsem.github.io/offbitbonus/js/ 15 KB
6 KB 118ms
118ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-0539d65c.45341174.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

da7721848196f3510ebd278c9a4ca6af2bb1406d4a808c9910b939339e287d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 349b1a34a0b3b64f05e4b7fc9d51f79debbb29a5
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 5722
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: E5E6:1CAA8F:32ED4D:33EA62:658CE31B
x-timer: S1703731995.439780,VS0,VE98
etag: W/"64e89630-3ae1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 font.css
bitsem.github.io/offbitbonus/css/ 0
110 B 99ms
99ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/font.css?t=9876544

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: d7f1a5fd500226f528bb1ea115f5247bc6c16ad8
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 0
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 6782:87034:33FAD7:34F7DF:658CE31B
x-timer: S1703731995.439917,VS0,VE79
etag: "64e89630-0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 404 email-decode.min.js
bitsem.github.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 119ms
119ms Script
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 77079984c5c4e414537f9fcb48f446178184a571
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
content-length: 5142
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: ABFE:3BB9D:33F841:34F548:658CE319
x-timer: S1703731995.439920,VS0,VE99
etag: W/"658c5eca-239b"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 deep.txt Show response
privat-session.github.io/com/ 1 B
418 B 188ms
128ms XHR
text/plain 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://privat-session.github.io/com/deep.txt

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus/js/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 494d8e06bfbbd76d6f8c954f08ef75b2a24f686d
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 1
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Fri, 15 Sep 2023 16:37:58 GMT
server: GitHub.com
x-github-request-id: F0C0:87034:33FB0C:34F808:658CE31A
x-timer: S1703731996.624729,VS0,VE106
etag: "65048866-1"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-0539d65c.45b4ef5b.css
bitsem.github.io/offbitbonus/css/ 0
846 B 43ms
43ms Other
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-0539d65c.45b4ef5b.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 649258d9bfab71a0e9cdf2a59889c6a1bb5b6bef
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: MISS
content-length: 539
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 67BE:36888F:3375C0:3472C0:658CE31B
x-timer: S1703731996.564912,VS0,VE0
etag: W/"64e89630-4ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-12c60cd5.b39bd494.css
bitsem.github.io/offbitbonus/css/ 0
14 KB 117ms
116ms Other
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-12c60cd5.b39bd494.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: bc254b2066d9c8ca8621c20ca44e501f3382b8cd
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 14139
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 3C68:28DEC3:33B9CB:34B63B:658CE31B
x-timer: S1703731996.569863,VS0,VE96
etag: W/"64e89630-a9e7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 404 chunk-66a337ad.ade4ca78.css
bitsem.github.io/offbitbonus/css/ 0
0 120ms
120ms Other
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-66a337ad.ade4ca78.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 5fc20516e31d161bd49c64e7d94c41ef8b841d7a
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: D2AA:3DFB89:330813:3404EB:658CE31B
x-timer: S1703731996.569836,VS0,VE100
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 chunk-70cef3d4.ce3cbca7.css
bitsem.github.io/offbitbonus/css/ 0
3 KB 118ms
117ms Other
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-70cef3d4.ce3cbca7.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 821433f1548026fec7db6bd0b06c386dbe6a2d69
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 2636
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 6F58:3DFB89:330813:3404EA:658CE31B
x-timer: S1703731996.569827,VS0,VE98
etag: W/"64e89630-249f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 404 chunk-a1ff7a80.96a44107.css
bitsem.github.io/offbitbonus/css/ 0
0 127ms
127ms Other
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/css/chunk-a1ff7a80.96a44107.css

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 7fc794eaa8c3ec145fb9f8546680185d11599517
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: 597E:8FF19:335E9A:345B5C:658CE31B
x-timer: S1703731996.570269,VS0,VE107
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-cache-hits: 0

GET
H2 200 chunk-0539d65c.45341174.js
bitsem.github.io/offbitbonus/js/ 0
6 KB 40ms
40ms Other
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-0539d65c.45341174.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 07da851fca5e02a7a95537b69da51695150eb2b0
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: MISS
content-length: 5722
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: E5E6:1CAA8F:32ED4D:33EA62:658CE31B
x-timer: S1703731996.570388,VS0,VE0
etag: W/"64e89630-3ae1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 chunk-12c60cd5.b8a7ce3b.js
bitsem.github.io/offbitbonus/js/ 0
29 KB 122ms
122ms Other
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-12c60cd5.b8a7ce3b.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: a3cbf5714846306c9d36051ff14b499018b3b6dd
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 29132
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 19BC:20A385:34B7C7:35B5AE:658CE31B
x-timer: S1703731996.570215,VS0,VE102
etag: W/"64e89630-18c3b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 404 chunk-66a337ad.7cf80618.js
bitsem.github.io/offbitbonus/js/ 0
0 119ms
119ms Other
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-66a337ad.7cf80618.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 3aee06d97659923c44975c8718837133007767d4
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: F03C:20A385:34B7C7:35B5AD:658CE31B
x-timer: S1703731996.570218,VS0,VE99
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 chunk-70cef3d4.9e3ce14a.js
bitsem.github.io/offbitbonus/js/ 0
77 KB 128ms
128ms Other
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-70cef3d4.9e3ce14a.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 887d6d53aaccd3517a7e031b2b2f90f2483947b1
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 02:53:15 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 78320
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 0800:1CAA8F:32ED6F:33EA82:658CE31B
x-timer: S1703731996.570187,VS0,VE108
etag: W/"64e89630-4c86d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 404 chunk-a1ff7a80.b8a2878e.js
bitsem.github.io/offbitbonus/js/ 0
0 121ms
121ms Other
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/js/chunk-a1ff7a80.b8a2878e.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 8d8087bf2d035b92cda425d01d31eaca2e8fac8d
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: 4926:28DEC3:33B9CC:34B63C:658CE31B
x-timer: S1703731996.570189,VS0,VE102
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be37de1a4ff4dfd03c7fad0e334fe607c38c845b05f52398c29e53c64dd5ea92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 863 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80251fd210894d7e2ce706e74c4635eec6638e74f23af223a7ed10de0466fd72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
geolocation-db.com/json/ 146 B
257 B 355ms
35ms XHR
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus/js/index.002d3e4a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 085bdd540553d5b6478e8f7f151cde40a6e3886b73df9a6924b3a872d51bf743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 02:53:16 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 404 svg-icons.83eea0c0.svg
bitsem.github.io/offbitbonus/img/ 0
0 117ms
117ms Other
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/img/svg-icons.83eea0c0.svg

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus/js/chunk-vendors.81861318.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 7032cb8288e454556431efc8e59fcd3664087c22
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: F6E6:1D238E:348D4F:358A3A:658CE31B
x-timer: S1703731996.707739,VS0,VE97
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6ca64f7a1610aeba93fe46453308b8956baed1da16c8104d7a8c192e687f759

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 bitkurs.php Show response
bitsem.github.io/offbitbonus/php/ 9 KB
6 KB 123ms
123ms XHR
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bitsem.github.io/offbitbonus/php/bitkurs.php

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus/js/chunk-vendors.81861318.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

Accept: application/json, text/plain, */*
Referer: https://bitsem.github.io/offbitbonus_106/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: ab4112b52749b085b9dfb2751af21b359c61fe02
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: F0C8:36888F:337601:3472FB:658CE31B
x-timer: S1703731996.739983,VS0,VE99
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-cache-hits: 0

GET
H2 200 bit-king.788650c6.png
bitsem.github.io/offbitbonus/img/ 15 KB
15 KB 118ms
117ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitsem.github.io/offbitbonus/img/bit-king.788650c6.png

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

46363c6474ed03ac5cc21bb80412074d9a40120ee7d05b722d8a3dd122a886a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 31e1a9a14f6ad51cb289a645716751ae1414abd4
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 15246
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 617A:3AF181:33175A:341406:658CE31B
x-timer: S1703731996.740589,VS0,VE93
etag: "64e89630-3b8e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 bitcoins.e59a5c84.png
bitsem.github.io/offbitbonus/img/ 20 KB
20 KB 132ms
132ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitsem.github.io/offbitbonus/img/bitcoins.e59a5c84.png

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

fc20e47712ad46c77bca8d311c1458395abc5510c7e3b0421aece61457323717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 2f7ca1f89dddbdb1c55917957f6816f82154c200
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 20124
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: B83A:20A709:33119C:340E85:658CE31B
x-timer: S1703731996.769209,VS0,VE105
etag: "64e89630-4e9c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16cf7df98faf3739958eff52f6fcd1480f41fcf1f5e22c6ac33a634038afb73b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 heading-icon-retina.6e9c36df.png
bitsem.github.io/offbitbonus/img/ 9 KB
10 KB 132ms
132ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitsem.github.io/offbitbonus/img/heading-icon-retina.6e9c36df.png

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

c31a52eaec20e008b996590e625e87e6e526a74f9131e2e9f2f24dbd8f116337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 269f9e244af24bea39b120d142619b3519bc4f07
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:15 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 9604
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: C61A:3AF181:33175A:34140C:658CE31B
x-timer: S1703731996.769209,VS0,VE107
etag: "64e89630-2584"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 265ms
130ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Thu, 28 Dec 2023 03:53:15 GMT

GET
H2 200 bit-magnet.c851cb06.png
bitsem.github.io/offbitbonus/img/ 13 KB
14 KB 128ms
128ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitsem.github.io/offbitbonus/img/bit-magnet.c851cb06.png

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

4af79f8eef7b22a73e4c531d87bcfc3e48f039f4e29d9b22e462c86b7159f9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus_106/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: e45b9f096de841ba74e54c90d972f0b6cac997da
strict-transport-security: max-age=31556952
date: Thu, 28 Dec 2023 02:53:16 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 13751
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Fri, 25 Aug 2023 11:53:20 GMT
server: GitHub.com
x-github-request-id: 1FE6:78E46:34FDD6:35FB20:658CE31B
x-timer: S1703731996.915158,VS0,VE108
etag: "64e89630-35b7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 03:03:15 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f937980b2be875ff0f7029016403f715a0796a43771b4c72947cddfd92851709

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 de.d6df0f57.svg
bitsem.github.io/offbitbonus/img/ 9 KB
9 KB 117ms
117ms Image
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitsem.github.io/offbitbonus/img/de.d6df0f57.svg

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus/css/index.dcf47b9a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/offbitbonus/css/index.dcf47b9a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: a94a3831a359af01c43489a93bd7c92d0e59d892
strict-transport-security: max-age=31556952
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
date: Thu, 28 Dec 2023 02:53:16 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5254
x-served-by: cache-fra-eddf8230052-FRA
server: GitHub.com
x-github-request-id: 8CF8:3CDD4:3606C2:37048A:658CE31C
x-timer: S1703731996.066584,VS0,VE98
etag: W/"64d39a40-24a3"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-cache-hits: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10230.n9hsitgUaxY8CLeVkEccJneoyV9EhxA30SmlLW4QQFz5nmAU3oRSsSZU527t4wB-.5jmoEJ6qRZCa5EQohle3jhVVIhQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10230.y-ECZvP1_hFiinBxgCGhn9wW2e3Ip8FnfvDC5jG9M64z5AnBzLtFLgGuUa0LsQWNLS4MdQQ7JhlPoSbc8Vube88oxpcD690U6StsyDGwGixK_ISPsGLRmelJ1GbnnKHDCMSnXwwP7S...

43 B
673 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10230.y-ECZvP1_hFiinBxgCGhn9wW2e3Ip8FnfvDC5jG9M64z5AnBzLtFLgGuUa0LsQWNLS4MdQQ7JhlPoSbc8Vube88oxpcD690U6StsyDGwGixK_ISPsGLRmelJ1GbnnKHDCMSnXwwP7SjtKX85Oq-eDTS50E_w1-7W68i83WC6LVkBFBXuivG81poegkDt74vK1BfVLnQ-HXyFNfmHXLjAGTwuUYPBzt1wjviLmEdxoI0%2C.TamJv-2hNHMo2D_PgrOkzMTig6s%2C

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:16 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10230.y-ECZvP1_hFiinBxgCGhn9wW2e3Ip8FnfvDC5jG9M64z5AnBzLtFLgGuUa0LsQWNLS4MdQQ7JhlPoSbc8Vube88oxpcD690U6StsyDGwGixK_ISPsGLRmelJ1GbnnKHDCMSnXwwP7SjtKX85Oq-eDTS50E_w1-7W68i83WC6LVkBFBXuivG81poegkDt74vK1BfVLnQ-HXyFNfmHXLjAGTwuUYPBzt1wjviLmEdxoI0%2C.TamJv-2hNHMo2D_PgrOkzMTig6s%2C
date: Thu, 28 Dec 2023 02:53:16 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
524 B 67ms
67ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: bitsem.github.io
URL: https://bitsem.github.io/offbitbonus_106/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:53:16 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 28 Dec 2023 03:53:16 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/94337915/
Redirect Chain

https://mc.yandex.com/watch/94337915?wmode=7&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&page-ref=https%3A%2F%2Fwindayhome.digital%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3...
https://mc.yandex.com/watch/94337915/1?wmode=7&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&page-ref=https%3A%2F%2Fwindayhome.digital%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv...

437 B
556 B

69ms
68ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/94337915/1?wmode=7&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&page-ref=https%3A%2F%2Fwindayhome.digital%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A377965376519%3Ahid%3A864678808%3Az%3A60%3Ai%3A20231228035316%3Aet%3A1703731996%3Ac%3A1%3Arn%3A679185707%3Arqn%3A1%3Au%3A1703731996845157082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C42%2C132%2C39%2C0%2C0%2C%2C331%2C0%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1703731995199%3Afp%3A409%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703731996%3At%3A%D0%91%D0%B8%D1%82%D0%BA%D0%BE%D0%B8%D0%BD%20%D0%91%D0%BE%D0%BD%D1%83%D1%81&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a8d23ffd009b6e8bd4c401c18906df6d926fd932474cca873da626e60c4259fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitsem.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:53:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 28-Dec-2023 02:53:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bitsem.github.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 437
x-xss-protection: 1; mode=block
expires: Thu, 28-Dec-2023 02:53:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:53:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 28-Dec-2023 02:53:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/94337915/1?wmode=7&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&page-ref=https%3A%2F%2Fwindayhome.digital%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A377965376519%3Ahid%3A864678808%3Az%3A60%3Ai%3A20231228035316%3Aet%3A1703731996%3Ac%3A1%3Arn%3A679185707%3Arqn%3A1%3Au%3A1703731996845157082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C42%2C132%2C39%2C0%2C0%2C%2C331%2C0%2C%2C%2C%2C561%3Aco%3A0%3Acpf%3A1%3Ans%3A1703731995199%3Afp%3A409%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703731996%3At%3A%D0%91%D0%B8%D1%82%D0%BA%D0%BE%D0%B8%D0%BD%20%D0%91%D0%BE%D0%BD%D1%83%D1%81&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://bitsem.github.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 28-Dec-2023 02:53:16 GMT

POST
H2 200 94337915
mc.yandex.com/webvisor/ 43 B
0 387ms
131ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/94337915?wv-part=1&wv-type=7&wmode=0&wv-hit=864678808&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&rn=895877282&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1703731999%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20231228035319%3Au%3A1703731996845157082%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1703731999&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bitsem.github.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:53:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 28-Dec-2023 02:53:19 GMT
content-type: image/gif
access-control-allow-origin: https://bitsem.github.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 28-Dec-2023 02:53:19 GMT

POST
H2 200 94337915
mc.yandex.com/webvisor/ 43 B
0 68ms
68ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/94337915?wv-part=1&wv-type=7&wmode=0&wv-hit=864678808&page-url=https%3A%2F%2Fbitsem.github.io%2Foffbitbonus_106%2F&rn=801195480&browser-info=we%3A1%3Aet%3A1703732000%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20231228035319%3Au%3A1703731996845157082%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1703732000&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bitsem.github.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 02:53:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 28-Dec-2023 02:53:19 GMT
content-type: image/gif
access-control-allow-origin: https://bitsem.github.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 28-Dec-2023 02:53:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onebiztop.digital/	1970-01-20 17:16:58	Name: __cf_mw_byp Value: opZ2yJTpSqPjxDdUp8e0fbLqX1ilBc_aZ8HGdfJetAY-1703731989-0-/b520
.windayhome.digital/	1970-01-20 17:58:43	Name: cookieID Value: 12631
.yandex.ru/	1970-01-21 02:51:31	Name: i Value: YrIWOZM2NBTRTLuO4tqav59aIwmcRnJkhBfc3CcnPYNyeURMZB7wsyzrdZSxrYQEmEghrgmn4H9SrvsH9escaxhWY6I=
.yandex.ru/	1970-01-21 02:51:31	Name: yandexuid Value: 7450568901703731995
.bitsem.github.io/	1970-01-21 02:01:07	Name: _ym_uid Value: 1703731996845157082
.bitsem.github.io/	1970-01-21 02:01:07	Name: _ym_d Value: 1703731996
.mc.yandex.com/	1970-01-20 17:15:32	Name: sync_cookie_csrf Value: 3992057767fake
.bitsem.github.io/	1970-01-20 17:16:43	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:15:32	Name: sync_cookie_csrf Value: 358764031fake
.yandex.com/	1970-01-21 02:01:07	Name: yandexuid Value: 7450568901703731995
.yandex.com/	1970-01-21 02:01:07	Name: yuidss Value: 7450568901703731995
.yandex.com/	1970-01-21 02:51:31	Name: i Value: YrIWOZM2NBTRTLuO4tqav59aIwmcRnJkhBfc3CcnPYNyeURMZB7wsyzrdZSxrYQEmEghrgmn4H9SrvsH9escaxhWY6I=
.yandex.com/	1970-01-21 02:51:31	Name: yp Value: 1703818396.yu.4251617001703731996
.mc.yandex.com/	1970-01-20 17:16:58	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1053540291703731996
.yandex.com/	1970-01-21 02:01:07	Name: ymex Value: 1706323996.oyu.4251617001703731996#1735267996.yrts.1703731996
.yandex.com/	1970-01-21 02:01:07	Name: bh Value: KgI/MA==
.bitsem.github.io/	1970-01-20 17:15:33	Name: _ym_visorc Value: w

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://bitsem.github.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/js/chunk-66a337ad.7cf80618.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/css/chunk-66a337ad.ade4ca78.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/js/chunk-a1ff7a80.b8a2878e.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/css/chunk-a1ff7a80.96a44107.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/img/svg-icons.83eea0c0.svg#search Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/php/bitkurs.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bitsem.github.io/offbitbonus/img/de.d6df0f57.svg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitsem.github.io
code.jquery.com
e-pay.plus
geolocation-db.com
mc.yandex.com
mc.yandex.ru
onebiztop.digital
privat-session.github.io
windayhome.digital
159.89.102.253
190.115.19.162
2606:4700:3030::ac43:859a
2606:50c0:8001::153
2606:50c0:8003::153
2a02:6b8::1:119
2a04:4e42::649
2a06:98c1:3120::3
2a06:98c1:3121::3
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
085bdd540553d5b6478e8f7f151cde40a6e3886b73df9a6924b3a872d51bf743
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
16cf7df98faf3739958eff52f6fcd1480f41fcf1f5e22c6ac33a634038afb73b
18587946ec9c975acf132ce84def1645d666cacbf9f88296a6981660c650d3fe
22453797e78ae4a4ae23cb301a2b00ffa96eb3731dbe2154b192bf7603e93545
46363c6474ed03ac5cc21bb80412074d9a40120ee7d05b722d8a3dd122a886a6
4af79f8eef7b22a73e4c531d87bcfc3e48f039f4e29d9b22e462c86b7159f9eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
687ae01a0e00f4e3724ca0c7cf68d0027a174491ce9725e440947da149b65bde
6f5928c8bb937d9b2a6589fe22bfc880163b2c0d56f3c131ee08d712bd1d6e98
80251fd210894d7e2ce706e74c4635eec6638e74f23af223a7ed10de0466fd72
8481f332d540ce6342ac3a962b8d22716093c65ca20d29a88d899faa7c985a60
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a3e4b898cd7c982eedf0e5dca1ddf040e79f472fd3b89efd734fbd3c93851f9e
a8d23ffd009b6e8bd4c401c18906df6d926fd932474cca873da626e60c4259fa
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
be37de1a4ff4dfd03c7fad0e334fe607c38c845b05f52398c29e53c64dd5ea92
c31a52eaec20e008b996590e625e87e6e526a74f9131e2e9f2f24dbd8f116337
c328887c665cb8c1f7ffe9705bf609dd86cbb80570bd77457dc2dc30a8a0bd15
c6ca64f7a1610aeba93fe46453308b8956baed1da16c8104d7a8c192e687f759
da59fd3a4706d2804648cf95efcd726e05013c6ebca10fdf156d8efe4ec7b274
da7721848196f3510ebd278c9a4ca6af2bb1406d4a808c9910b939339e287d57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f937980b2be875ff0f7029016403f715a0796a43771b4c72947cddfd92851709
fc20e47712ad46c77bca8d311c1458395abc5510c7e3b0421aece61457323717
ff7cd3b296a83db2f982fb1506784ed2817e0dc9cfc8818b90d88da850866d5e

bitsem.github.io Open in urlscan Pro 2606:50c0:8003::153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

78 %IPv6

8 Domains

9 Subdomains

9 IPs

4 Countries

1026 kBTransfer

2581 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bitsem.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1026 kB
Transfer

2581 kB
Size

18
Cookies

44 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!