bitc-offers.com Open in urlscan Pro
2606:4700:3037::ac43:a645 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://raviral.com/k_fac.php
Effective URL:
https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0
Submission: On October 07 via api (October 7th 2024, 7:03:46 am UTC) from IN — Scanned from NL

Summary HTTP 66 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3037::ac43:a645, located in United States and belongs to CLOUDFLARENET, US. The main domain is bitc-offers.com.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time bitc-offers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	162.19.58.156 162.19.58.156	16276 (OVH) (OVH)
3	99.198.106.197 99.198.106.197	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.82.147 51.68.82.147	16276 (OVH) (OVH)
2	37.114.46.212 37.114.46.212	58087 (FLORIANKOLB) (FLORIANKOLB)
5	139.45.196.64 139.45.196.64	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2 9	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1 1	176.97.112.149 176.97.112.149	6698 (VIRTUALSY...) (VIRTUALSYSTEMS)
38	2606:4700:303... 2606:4700:3037::ac43:a645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::107	60068 (CDN77 _) (CDN77 _)
1	198.211.98.91 198.211.98.91	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
66	13

3 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

raviral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.onclckmn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.106.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

update.suntech-dz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.82.147 (United Kingdom) 2 redirects

ASN16276 (OVH, FR)

www.primarkingfun.giving	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.114.46.212 (Germany)

ASN58087 (FLORIANKOLB, DE)
PTR: 212.46.114.37.in-addr.arpa

tencheckit.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS, GB)

gribeorlneka.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.242 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

whinairith.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.97.112.149 (Ukraine) 1 redirects

ASN6698 (VIRTUALSYSTEMS, UA)
PTR: dedicated.vsys.host

nl-trkk.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:3037::ac43:a645 (United States)

ASN13335 (CLOUDFLARENET, US)

bitc-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::107 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.211.98.91 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

amos-mamaya.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	bitc-offers.com bitc-offers.com	559 KB
9	whinairith.net 2 redirects whinairith.net — Cisco Umbrella Rank: 254284	18 KB
5	gribeorlneka.net gribeorlneka.net — Cisco Umbrella Rank: 164687	15 KB
3	primarkingfun.giving 2 redirects www.primarkingfun.giving	5 KB
3	suntech-dz.com update.suntech-dz.com	5 KB
3	raviral.com 1 redirects raviral.com	4 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10912	982 B
2	tencheckit.org tencheckit.org	942 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	amos-mamaya.fun amos-mamaya.fun	402 B
1	webpushs.com web.webpushs.com — Cisco Umbrella Rank: 83210	37 KB
1	nl-trkk.live 1 redirects nl-trkk.live	323 B
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 12145	61 KB
1	onclckmn.com js.onclckmn.com — Cisco Umbrella Rank: 191860	1 KB
66	14

	Domain	Requested by
38	bitc-offers.com	bitc-offers.com web.webpushs.com
9	whinairith.net	2 redirects gribeorlneka.net whinairith.net
5	gribeorlneka.net	gribeorlneka.net
3	www.primarkingfun.giving	2 redirects update.suntech-dz.com
3	update.suntech-dz.com	raviral.com
3	raviral.com	1 redirects
2	my.rtmark.net	gribeorlneka.net whinairith.net
2	tencheckit.org	www.primarkingfun.giving
2	fonts.googleapis.com	raviral.com
1	amos-mamaya.fun	bitc-offers.com
1	web.webpushs.com	bitc-offers.com
1	nl-trkk.live	1 redirects
1	i.ibb.co	raviral.com
1	js.onclckmn.com	raviral.com
66	14

This site contains links to these domains. Also see Links.

Domain
money.yahoo.com
www.forextb.com

Subject Issuer	Validity	Valid
raviral.com WE1	`2024-10-02` - `2024-12-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
js.onclckmn.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh
ibb.co E5	`2024-08-22` - `2024-11-20`	3 months	crt.sh
update.suntech-dz.com E6	`2024-09-21` - `2024-12-20`	3 months	crt.sh
www.primarkingfun.giving R11	`2024-09-29` - `2024-12-28`	3 months	crt.sh
tencheckit.org E5	`2024-08-27` - `2024-11-25`	3 months	crt.sh
gribeorlneka.net R10	`2024-09-26` - `2024-12-25`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
whinairith.net R10	`2024-07-23` - `2024-10-21`	3 months	crt.sh
bitc-offers.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-16`	a year	crt.sh
amos-mamaya.fun R10	`2024-08-24` - `2024-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0
Frame ID: EEA07E6454466E8B6AB8B64F3D6D1EF3
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

amazon d

Page URL History Show full URLs

http://raviral.com/k_fac.php HTTP 307
https://raviral.com/k_fac.php HTTP 302
https://raviral.com/index.php?code=_blog Page URL
https://update.suntech-dz.com/?utm_medium=171f991f11515dfa0c00df8fe87eecaf468d5397&utm_campaign=post_back&... Page URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_... Page URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_... HTTP 302
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_... HTTP 302
https://tencheckit.org/go/4995/3?subid2=902&subid1=33000560bb47c1cd9b7264e7b4d59ee7ff9901007-202410... Page URL
https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2 Page URL
https://whinairith.net/?z=7512770&syncedCookie=true&rhd=false HTTP 302
https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x Page URL
https://whinairith.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://nl-trkk.live/click?key=90a4548c4643e2d587de&visitor_id=867051156927689347&cost=0.003500&z... HTTP 307
https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0 Page URL

Detected technologies

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<div class=(?:"|')[^"']*elementor
<section class=(?:"|')[^"']*elementor

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

29 %
IPv6

14
Domains

14
Subdomains

13
IPs

5
Countries

705 kB
Transfer

1869 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://money.yahoo.com/money/amazon-reports-5-2b-net-222400898.html
Title: *Source: Yahoo money, Jul 2020

Search URL Search Domain Scan URL

URL: https://www.forextb.com/eu/terms-and-conditions/company-information/
Title: Impressum

Search URL Search Domain Scan URL

URL: http://www.forextb.com/eu
Title: www.forextb.com/eu

Search URL Search Domain Scan URL

URL: https://www.forextb.com/eu/terms-and-conditions/risk-disclosure/
Title: Risk Disclosure

Search URL Search Domain Scan URL

URL: https://www.forextb.com/eu/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.forextb.com/eu/what-is-a-cryptocurrency/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://raviral.com/k_fac.php HTTP 307
https://raviral.com/k_fac.php HTTP 302
https://raviral.com/index.php?code=_blog Page URL
https://update.suntech-dz.com/?utm_medium=171f991f11515dfa0c00df8fe87eecaf468d5397&utm_campaign=post_back&cid=2024-10-07+08%3A03__blog Page URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607 Page URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607&eyeg=bb5f978cd97be19e074da271ea98a8cd&eyer=0.10144827474586382&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=update.suntech-dz.com HTTP 302
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607&eyeg=3&eyer=0.10144827474586382&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=update.suntech-dz.com HTTP 302
https://tencheckit.org/go/4995/3?subid2=902&subid1=33000560bb47c1cd9b7264e7b4d59ee7ff9901007-202410-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0** Page URL
https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2 Page URL
https://whinairith.net/?z=7512770&syncedCookie=true&rhd=false HTTP 302
https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x Page URL
https://whinairith.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://nl-trkk.live/click?key=90a4548c4643e2d587de&visitor_id=867051156927689347&cost=0.003500&zoneid=6118780&campaignid=8653855&banner=22109385&zone_type={zone_type}&user_activity=high&subzone_id=122806 HTTP 307
https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://raviral.com/k_fac.php HTTP 307
https://raviral.com/k_fac.php HTTP 302
https://raviral.com/index.php?code=_blog

Request Chain 10

https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607&eyeg=bb5f978cd97be19e074da271ea98a8cd&eyer=0.10144827474586382&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=update.suntech-dz.com HTTP 302
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607&eyeg=3&eyer=0.10144827474586382&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=update.suntech-dz.com HTTP 302
https://tencheckit.org/go/4995/3?subid2=902&subid1=33000560bb47c1cd9b7264e7b4d59ee7ff9901007-202410-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0**

Request Chain 18

https://whinairith.net/?z=7512770&syncedCookie=true&rhd=false HTTP 302
https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.php Show response
raviral.com/
Redirect Chain

http://raviral.com/k_fac.php
https://raviral.com/k_fac.php
https://raviral.com/index.php?code=_blog

9 KB
3 KB

140ms
139ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raviral.com/index.php?code=_blog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22037230752cce079f61a83da52b4c15a53fae47b2d546cde94bf9fd66b9d2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8cec08652bea0b52-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 07 Oct 2024 07:03:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNt0lk79lZFyb%2BChVetykatS1Wt8fH3LEMiE%2FV6L47lSx0719mx8qX88exQrIb8cz2gp%2BxeGEserzr8rZSA25fNP1rcycm6INymvC94lQF2OL5aUlhSr9T69WlewZRBTV8Jo2CF8lP%2FWLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8cec0863998b0b52-AMS
content-type: text/html; charset=UTF-8
date: Mon, 07 Oct 2024 07:03:41 GMT
location: /index.php?code=_blog
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdiJSOR3CEtROO85Jv%2FrfGUfaRUfHWtQiykFL6Yd8msrRLNNfGpg4DdAZxxsT50DsZAJ2pbR%2F2NZ%2FgzFewAh85haqM%2FdUJ%2F1a79oUKfmzR7J%2B8Bj57x40Q997621YaSezRXTNUFB%2BxyhKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"

GET
H2 200 speculation
raviral.com/cdn-cgi/ 128 B
460 B 24ms
22ms Other
application/speculationrules+json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raviral.com/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://raviral.com
Referer: https://raviral.com/index.php?code=_blog

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5B0u19rAMoGiws1FTvS7gixacRLAb3OQ3iuFmLFfL6FdRHSgzQTra0aWZwMjoIONYJzxEGyLFz8v7caRmks3gi421JLykwLKtE2JluKFOPyVpAAZVVsy4LN335rqy1B46skFNe7kmJFeBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec08661d6b0b52-AMS
access-control-allow-origin: https://raviral.com
content-length: 128
date: Mon, 07 Oct 2024 07:03:41 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 5 KB
680 B 175ms
65ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans+Semi+Condensed:100,200,300,400

Requested by

Host: raviral.com
URL: https://raviral.com/index.php?code=_blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

479d0e7ddd072e36d98db9eace0383003a729c3278497a8390505d7900e033c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://raviral.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 07:03:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 07:03:41 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Oct 2024 07:03:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 3 KB
981 B 173ms
64ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700

Requested by

Host: raviral.com
URL: https://raviral.com/index.php?code=_blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ef29b090ac22870a47de3ca172fedd0b9eff1ab0abd66ee8f0c139a575273da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://raviral.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 07 Oct 2024 07:03:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 07 Oct 2024 07:03:41 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 07 Oct 2024 05:06:23 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 onclicka.js
js.onclckmn.com/static/ 2 KB
1 KB 81ms
15ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.onclckmn.com/static/onclicka.js
Requested by: Host: raviral.com
URL: https://raviral.com/index.php?code=_blog
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://raviral.com/

Response headers

cache-control: max-age=300
content-encoding: gzip
etag: W/"66f4018f-6c6"
expires: Mon, 07 Oct 2024 07:08:42 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Mon, 07 Oct 2024 07:03:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 Sep 2024 12:26:55 GMT
server: nginx/1.18.0
x-cdn-host-id: ah1742

GET
H2 200 image.jpg
i.ibb.co/sy3d872/ 60 KB
61 KB 96ms
27ms Image
image/jpeg 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/sy3d872/image.jpg
Requested by: Host: raviral.com
URL: https://raviral.com/index.php?code=_blog
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: f416b7bc2cad67dec7ddf9d4f2c35debaaf5099f6d9e8adfcbc44a90fb0e84b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://raviral.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61880
date: Mon, 07 Oct 2024 07:03:41 GMT
content-type: image/jpeg
last-modified: Tue, 08 Oct 2019 20:41:21 GMT
server: nginx

GET
H2 200 / Show response
update.suntech-dz.com/ 9 KB
3 KB 474ms
108ms Document
text/html 99.198.106.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://update.suntech-dz.com/?utm_medium=171f991f11515dfa0c00df8fe87eecaf468d5397&utm_campaign=post_back&cid=2024-10-07+08%3A03__blog

Requested by

Host: raviral.com
URL: https://raviral.com/index.php?code=_blog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.198.106.197 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

7cc87d114ce221da0fd17e16da9607b5d9e25aa0ed85521197da2de91a0206fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://raviral.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc: h3=":443"; ma=604800; persist=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 07 Oct 2024 07:03:42 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 favicon.ico
update.suntech-dz.com/ 1 KB
1 KB 105ms
105ms Other
image/x-icon 99.198.106.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://update.suntech-dz.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.198.106.197 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://update.suntech-dz.com/?utm_medium=171f991f11515dfa0c00df8fe87eecaf468d5397&utm_campaign=post_back&cid=2024-10-07+08%3A03__blog

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400
etag: "64d60f4e-47e"
expires: Tue, 08 Oct 2024 07:03:42 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=604800; persist=1
content-length: 1150
date: Mon, 07 Oct 2024 07:03:42 GMT
content-type: image/x-icon
last-modified: Fri, 11 Aug 2023 10:37:02 GMT
server: nginx

GET
H2 200 favicon.ico
update.suntech-dz.com/ 1 KB
0 0ms
0ms Other
image/x-icon 99.198.106.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://update.suntech-dz.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.198.106.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx /
Resource Hash: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://update.suntech-dz.com/?utm_medium=171f991f11515dfa0c00df8fe87eecaf468d5397&utm_campaign=post_back&cid=2024-10-07+08%3A03__blog

Response headers

cache-control: max-age=86400
etag: "64d60f4e-47e"
expires: Tue, 08 Oct 2024 07:03:42 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=604800; persist=1
content-length: 1150
date: Mon, 07 Oct 2024 07:03:42 GMT
content-type: image/x-icon
last-modified: Fri, 11 Aug 2023 10:37:02 GMT
server: nginx

GET
H/1.1 200
OK /
www.primarkingfun.giving/ 4 KB
4 KB 87ms
25ms Document
text/html 51.68.82.147
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607
Requested by: Host: update.suntech-dz.com
URL: https://update.suntech-dz.com/?utm_medium=171f991f11515dfa0c00df8fe87eecaf468d5397&utm_campaign=post_back&cid=2024-10-07+08%3A03__blog
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.82.147 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://update.suntech-dz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Mon, 07 Oct 2024 07:03:43 GMT
Transfer-Encoding: chunked

GET
H/1.1

200
OK

3 Show response
tencheckit.org/go/4995/
Redirect Chain

https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607&eyeg=bb5f978cd97be19e074da271ea98a8cd&eyer=0.10144827474586382&eyei=0&eyew=...
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607&eyeg=3&eyer=0.10144827474586382&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=u...
https://tencheckit.org/go/4995/3?subid2=902&subid1=33000560bb47c1cd9b7264e7b4d59ee7ff9901007-202410-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0**

292 B
772 B

94ms
39ms

Document
text/html

37.114.46.212
FLORIANKOLB

General

Check archive.org

Show headers Download Go to

Full URL: https://tencheckit.org/go/4995/3?subid2=902&subid1=33000560bb47c1cd9b7264e7b4d59ee7ff9901007-202410-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0**
Requested by: Host: www.primarkingfun.giving
URL: https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.114.46.212 , Germany, ASN58087 (FLORIANKOLB, DE),
Reverse DNS: 212.46.114.37.in-addr.arpa
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 2460ce2e0ce7e40ab269841f6c02976375dfbeedb9ac9e08e3726ca1fa91c0d7

Request headers

Referer: https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7422925929686499368&site=13607-9f9982bz&pub_sub_id=13607
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 292
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Oct 2024 07:03:44 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 07 Oct 2024 07:03:44 GMT
Pragma: no-cache
Server: nginx/1.24.0 (Ubuntu)

Redirect headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 0
Date: Mon, 07 Oct 2024 07:03:44 GMT
Location: https://tencheckit.org/go/4995/3?subid2=902&subid1=33000560bb47c1cd9b7264e7b4d59ee7ff9901007-202410-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0**

GET
H2 200 link Show response
gribeorlneka.net/ 29 KB
14 KB 68ms
31ms Document
text/html 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7649d88b8d275bb2007326fc310ce3e8b729a79c92103cbe2f1ffc4eed2bdc25

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Mon, 07 Oct 2024 07:03:44 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 86def660ec5a88d9561158a00d8aeb08

GET
H/1.1 200
OK favicon.ico
tencheckit.org/ 0
170 B 24ms
24ms Other
text/html 37.114.46.212
FLORIANKOLB

General

Check archive.org

Show headers Download Go to

Full URL: https://tencheckit.org/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.114.46.212 , Germany, ASN58087 (FLORIANKOLB, DE),
Reverse DNS: 212.46.114.37.in-addr.arpa
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Date: Mon, 07 Oct 2024 07:03:44 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx/1.24.0 (Ubuntu)
Connection: keep-alive

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 84ms
16ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080ee69e34b437eee951a92de275920&z=7512770&p_rid=c08ac5cb-efc7-445c-bd0b-258341f63d2c&p_src=sf

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Mon, 07 Oct 2024 07:03:44 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H2 200 sftouch
whinairith.net/ 43 B
653 B 57ms
17ms Image
image/gif 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whinairith.net/sftouch?userId=0080ee69e34b437eee951a92de275920&z=7512770&p_rid=c08ac5cb-efc7-445c-bd0b-258341f63d2c&p_src=sf&branchId=0&rb=t-_Imj53cAPM23RIWJ0EgPgvHnkVGyJRCf35IEC7KiIRidwN2kvecoN6acSeBDQvMCDw77GPSnYfe-6wrXDscnsb5OXVl5YIZutordxR7hW_ecYQeMZ7XRoXbvvA_MM_7CaYCJko9xQ4QMKqfgiEP9R2HiS-hqRy4yeWebK9SDLbaFUxNZnJYRaz5j7-XypBPwmBUXvIiQGJ1-gUwA8fHNg8R8cfU1CYWYbHbbCIB0gwyEl22_La-ch4e0478qsf_5IcQFlFLPGWxv5lslNgb5DXeFg_S-zTkpXGbP8eMVGjwVePEqwsJD6jpcbR86x01HUc9KNicUIk9hceqCfKIg==&w_img=1

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Mon, 07 Oct 2024 07:03:44 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 5c5d7b25658aadd8ce183ae4a7577d85
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 add Show response
gribeorlneka.net/log/ 12 B
385 B 19ms
17ms XHR
application/json 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gribeorlneka.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c08ac5cb-efc7-445c-bd0b-258341f63d2c

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gribeorlneka.net
content-length: 12
date: Mon, 07 Oct 2024 07:03:44 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
gribeorlneka.net/async_log/ 0
339 B 18ms
17ms XHR
text/plain 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gribeorlneka.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c08ac5cb-efc7-445c-bd0b-258341f63d2c

Requested by

Host: gribeorlneka.net
URL: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://gribeorlneka.net
content-length: 0
date: Mon, 07 Oct 2024 07:03:44 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
gribeorlneka.net/ 0
150 B 16ms
16ms Other
text/plain 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gribeorlneka.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/link?z=7512769&var=4995_902&ymid=14nnpq05g00g2

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Mon, 07 Oct 2024 07:03:44 GMT
pragma: public
server: nginx

GET
H2

200

6118780 Show response
whinairith.net/4/
Redirect Chain

https://whinairith.net/?z=7512770&syncedCookie=true&rhd=false
https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

29 KB
14 KB

35ms
35ms

Document
text/html

139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a79d605d3a4665bacac8db2503fabb8ef68516cede8f51add4f5b422464e12d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gribeorlneka.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Mon, 07 Oct 2024 07:03:44 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 1167b2b6eef788cc6832106b12bc25aa

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gribeorlneka.net
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Mon, 07 Oct 2024 07:03:44 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://whinairith.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 4fa510ddde929526544681046cee2fea

GET
H2 204 favicon.ico
gribeorlneka.net/ 0
0 0ms
0ms Other
text/plain 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gribeorlneka.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gribeorlneka.net/afu.php?zoneid=7512770&var=7512770&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Mon, 07 Oct 2024 07:03:44 GMT
pragma: public
server: nginx

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 48ms
17ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080eebd629849b7f44a0e1ede5593eb&z=6118780&p_rid=f8e1151c-4983-4686-af3e-2b5abfb643d4&p_src=sf

Requested by

Host: whinairith.net
URL: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://whinairith.net/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Mon, 07 Oct 2024 07:03:44 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H2 200 sftouch
whinairith.net/ 43 B
652 B 18ms
17ms Image
image/gif 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whinairith.net/sftouch?userId=0080eebd629849b7f44a0e1ede5593eb&z=6118780&p_rid=f8e1151c-4983-4686-af3e-2b5abfb643d4&p_src=sf&branchId=0&rb=qfNojc1vq3LGJhlQUew_Lu3pGK2m6LWDQnfwTNhtwykWkwlHCfMco173-dn8h8VXWA4-1upvTDUA2UPddy05g28aFkl8VveJXNO0fuZJtFYrBbNX4usdu1IpeWhz_B0xZLBpwzcoysZXgYevEyKPZR03x8DaIcwTZ3r83iy-fnZvqJxSHInpu9b2i7HAOsLwDWSEmYogz06jGJ2nAhHDe-nFFDXu6JsQjXIL5_NwOphTDPHywt3-Cc_blWF4OK6G0vFQJPxXndMIsDTkKA5Mh-BgGVXZrugUbmjxJPp3314t4DWETTi7YA==&w_img=1

Requested by

Host: whinairith.net
URL: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Mon, 07 Oct 2024 07:03:44 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 11df2fe6a9faca990a627a8c7343e77d
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 add Show response
whinairith.net/log/ 12 B
384 B 19ms
18ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whinairith.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f8e1151c-4983-4686-af3e-2b5abfb643d4

Requested by

Host: whinairith.net
URL: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://whinairith.net
content-length: 12
date: Mon, 07 Oct 2024 07:03:44 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
whinairith.net/async_log/ 0
338 B 19ms
17ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://whinairith.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f8e1151c-4983-4686-af3e-2b5abfb643d4

Requested by

Host: whinairith.net
URL: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://whinairith.net
content-length: 0
date: Mon, 07 Oct 2024 07:03:44 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
whinairith.net/ 0
150 B 16ms
16ms Other
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whinairith.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://whinairith.net/4/6118780?var=7512770&btz=Europe/Amsterdam&bto=-120&bar=x

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Mon, 07 Oct 2024 07:03:44 GMT
pragma: public
server: nginx

GET
H2

200

Primary Request index.html Show response
bitc-offers.com/amzn/english/v4/
Redirect Chain

https://whinairith.net/?z=6118780&syncedCookie=true&rhd=false
https://nl-trkk.live/click?key=90a4548c4643e2d587de&visitor_id=867051156927689347&cost=0.003500&zoneid=6118780&campaignid=8653855&banner=22109385&zone_type={zone_type}&user_activity=high&subzone_id...
https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

114 KB
11 KB

167ms
113ms

Document
text/html

2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4c23728eb4ee1b43397d442e4128ee37a0ee7d4b4b1298c019f4010f6d5448f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whinairith.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8cec087a8bac4266-AMS
content-encoding: br
content-type: text/html
date: Mon, 07 Oct 2024 07:03:45 GMT
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xIrGscfTRwindETE60LLuCAbOPUgz0%2Fk5XrVhlS3%2FaglfUDSxCgCzJQJwYPexj6iVG9e1LtkN4au0mVJIaanEYUsLxfV4VZTiYBlhZ9ouoF0gsrFS39Oy%2FCx8e8J22EmCNF2MoGoXU5tz%2BKMcA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000
vary: accept-encoding

Redirect headers

content-length: 0
date: Mon, 07 Oct 2024 07:03:44 GMT
location: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0
server: Caddy
x-request-id: 94e82002-1146-438b-b5cc-7cb413e2d265

GET
H2 204 favicon.ico
whinairith.net/ 0
0 0ms
0ms Other
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whinairith.net/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://whinairith.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Mon, 07 Oct 2024 07:03:44 GMT
pragma: public
server: nginx

GET
H2 200 speculation
bitc-offers.com/cdn-cgi/ 128 B
468 B 34ms
34ms Other
application/speculationrules+json 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitc-offers.com/cdn-cgi/speculation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bitc-offers.com
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0K4FpRNW1o%2BiZQA8H8ua2eUnL%2Bwgtu834FROYcbU6BXAbgXatPjFflS0bURRJCZQONgomfdDO8GZqEgG1SVZ20H7iVdLSQQ26gnOllUwnX3el5UfJAENzNO%2Fz53pR6Tb9VLgGov1YQI0yJylLR0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c5a4266-AMS
access-control-allow-origin: https://bitc-offers.com
content-length: 128
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 head-190f3c7528b9ebb950a12a26914c110780453f8a.css
bitc-offers.com/amzn/english/v4/css/ 614 KB
80 KB 52ms
50ms Stylesheet
text/css 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/css/head-190f3c7528b9ebb950a12a26914c110780453f8a.css

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e3a2cd9b8616ac1f355404110ac91cc667fa0af40378cae7a5f01770623075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-996d5"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0bXtqJ58E2xBhMoaPfn4XeMcbIova%2FCWs1oi3fd%2BFKh3lkxIRuMKlfEr9CIRVO1Czkj4T5qV6aTCF3YusXzuGm1OVpScMtWQ7VkDt%2BIodhhezcKRMw%2BmyISc0%2B67OgR3%2BcQ55wDF69xU%2BfXIsQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c644266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css.css
bitc-offers.com/amzn/english/v4/css/ 44 KB
2 KB 50ms
49ms Stylesheet
text/css 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/css/css.css

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a5d4230307c1b140b5677e7daf4123a9393b4347dd3c0c857126cb42f641df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-af22"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpEOCo81Kx94iXO%2BP3WbUh89sxsrmd%2FNdkNskPUlPJ9bR8e7VP18VxexpWOa2uMdEVJ5MOfL097j2jst4g2Ys0r%2BnNQI67nNU9KEHHfj0u%2BC%2FFHarsena99DYR6i28lUTgXtooZAiuhSimiY8lc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c664266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style-2.css
bitc-offers.com/amzn/english/v4/css/ 13 KB
3 KB 52ms
51ms Stylesheet
text/css 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/css/style-2.css

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bbc5355e7ac0f12609b74302c2abcad3b98f50c1e44f2f35e526727b5fe5b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-35e7"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3CQHXNA7VgFs1OeLPj%2BY101cIW577GQresx1kWCYfQhpQWJgSZP8jkqHG8FZxBMDKilh7NuagMGakjj9766bV2j5QDAkhJmaY145SRE3Xivn1MOYlNTG1JFfsrT5cStEawxlj5Mv2FloEsS9IU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c674266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 intlTelInput.css
bitc-offers.com/amzn/english/v4/css/ 24 KB
3 KB 70ms
69ms Stylesheet
text/css 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/css/intlTelInput.css

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27db4fb1736bde1232f4ba438c9853a5a44c009f26b9e0a7deaa18c2c1c99489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-5edc"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBWV4FK0hGEZTbrjvGxG61oVVVGNxdyF%2FyEaULPMSjd97pU16IlDdardRXnZgwkYH9auVRA29MgKWiA5zNUmI%2FF1e4EXspjRzlcouBe1Z3WWQMwrKbq6nYrIUJMEwMOlAFjheAjKeMEamrneOvg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c684266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style-1.css
bitc-offers.com/amzn/english/v4/css/ 5 KB
2 KB 31ms
30ms Stylesheet
text/css 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/css/style-1.css

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db13a57267ee3650e6e2e99c922ea1653cace36672e33ea3db8fdf3d6b958ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-15ac"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzQQk8rIK5dpqDLSao88OvZCxudlc5OOwFSZpK8ThakLWG0Di5Xg1vRTVM%2Bt4t23JIuU5zxq0V82NVyoyr3lfEfZY8RZdZo1NjHj%2FiHyRnz7FsIin6gpEcmcSBqHQQui7pIQ5rvmtM2IEwpTIQ8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c694266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 checkbox-svg.css
bitc-offers.com/amzn/english/v4/css/ 2 KB
883 B 34ms
33ms Stylesheet
text/css 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/css/checkbox-svg.css

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee32dee4f11a191783af562e9587f19ed239005602736be13ccb9c9bd2d3cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-764"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmQ2d6urJ4SO0LRixBH%2BouUHtW%2BQUuFS%2FCm%2B5Xnk70KbvKn7njlFxHBxU5MMrUdLwYxg2UmWBDpA8WnUKWGJWfX6RUxZWCGJzOgBLmGXio2s9ajhslzAUNQ3uqBiCCvtgyo1O2fhD%2Fu99gzz444%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c6a4266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 74db37c8eba9b06120be0f0b8255872a_1.js Show response
web.webpushs.com/js/push/ 115 KB
37 KB 130ms
48ms Script
application/javascript 2a02:6ea0:c700::107
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/74db37c8eba9b06120be0f0b8255872a_1.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::107 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ba1f4ab0b9150d9a5ce866bc37f9a791d83af0f2df7de19013f2dc3e68d9a141

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 wss://ws.binotel.com:9002 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se trckln.com .loginsrc.com .routee.net .routee.net:444 .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua https://google.com/pay .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com revisionme.pages.dev .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com dl-media.viber.com .braintree-api.com vk.com api.telegram.org .webformscr.com .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .cdninstagram.com s3.eu-central-1.amazonaws.com .googleoptimize.com .sppopups.com .privatbank.ua .cardinalcommerce.com viacep.com.br .wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org .2checkout.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/

Response headers

content-encoding: gzip
etag: W/"1cd3f-5bc2f0010104e"
x-sp-ma: sp-ma-0
x-77-cache: HIT
x-content-type-options: nosniff
expires: Tue, 24 Sep 2024 10:02:21 GMT
x-cache: HIT
x-age: 500686
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
x-77-nzt-ray: 43862e24ee047bb1d1870367670e1510
last-modified: Thu, 25 Feb 2021 20:28:54 GMT
x-77-nzt: EgwBz9PTGQHXzqMHAAwBw7WvAgG3VBsAAA
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua https://google.com/pay *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com dl-media.viber.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.cdninstagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.sppopups.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org *.2checkout.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
cache-control: max-age=604800
x-sp-pr: lpr-04
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-accel-date-max: 1726567341
x-xss-protection: 1; mode=block
x-77-age: 500686
x-accel-date: 1727783939
server: CDN77-Turbo
x-accel-expires: @1728381743

GET
H2 200 spinner-circle.gif
bitc-offers.com/amzn/english/v4/images/ 75 KB
75 KB 34ms
34ms Image
image/gif 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/spinner-circle.gif

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ad252f4fd0ad646c97874ab6f29c6a21deadda6144ca495e5169853cc2e05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-12bca"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qz9SbWW6Ef9iVU3igsyJRJNE9ZNYp7U2suqMraAlYcoYa89MLtTxUS5prm0SY%2BrdaShDV1nCAd%2ByBdS6JCHqMIV1UcSPUcAqhCKAvha6bBD1DQDz3a%2Be78O6XcnCLQyx5a2nEUzETBXMU3M%2BueM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c6b4266-AMS
accept-ranges: bytes
content-length: 76746
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/gif
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 visa-2-e1600085409463.png
bitc-offers.com/amzn/english/v4/images/ 2 KB
2 KB 56ms
54ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/visa-2-e1600085409463.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc4755809a62166dc6754f2eda6515d9a4ad7bdbce1d90e63d4c092132ce0f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-72a"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbuu93JzPB7xdL2K4rHrt%2FVAB%2F55gge5yDMW9ObKsQ5T0XfnesihJhG%2FyicOScqMg%2Fmzy%2BJZcysrF%2F2Hn7t90tOSjMJ36kVHf9G4p0GYpiW4zb7cUAuS0tvF4DIP04BI4s34oGWw71E2XhaaNlg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c874266-AMS
accept-ranges: bytes
content-length: 1834
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 master-2-e1600085290198.png
bitc-offers.com/amzn/english/v4/images/ 2 KB
3 KB 57ms
55ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/master-2-e1600085290198.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a2e182ba1a497774066eb85a54cd690ad890993308e0b679eae1590de93b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-917"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amM6hLVScaL7JJrzuBQlfGWygsj3P2FTf3fmT6i88BfJzsykwfm4Nql25fS7kO7FGWVryDCs9%2FqSkVwmbBP8qfAt2bXfiRwQJBpULn4cgUtK05s8ndk2IvX4tO5%2Bsu5kcLhVDTR1XqNa6hPcoHI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c884266-AMS
accept-ranges: bytes
content-length: 2327
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 wire-2-e1600085326895.png
bitc-offers.com/amzn/english/v4/images/ 2 KB
2 KB 37ms
36ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/wire-2-e1600085326895.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f5f7653f16d2de3008ba98666ccd5ca0232ce0edd0e2aa8f20f53b76f8799cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-6f9"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJF57kCVcRWKzW2ISq7APcp2xqlMrwJ6A9bHo2R6s7RflmG9nR5MA5s7ffL2dgZ0Y1qnDXfAjF2NhLXZF9xvip26GOx%2BRfZXu2HVq98jY0KCr9J4EFFPQp0RqskvT55A9HoKDgmDMQuzzh6GwlA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c894266-AMS
accept-ranges: bytes
content-length: 1785
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 net-2-e1600085356976.png
bitc-offers.com/amzn/english/v4/images/ 1 KB
1 KB 38ms
37ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/net-2-e1600085356976.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b93b490578d47b49124a45cde551b9fd09362dfbd9d8772b5c0a6fa23a01b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-471"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6sWQMnqKpjMHVbJLmVOAYGD2%2FZcbuyeA7Sev2%2BoBakqOTGZKcV35CNkX8JzrS4rzjcn4GyU7sxDjDazR0H%2F83P4cdb91oGvIju2Th25yaQfg6Ka1NQhZrICHaSeQU%2FGvGbqzzCcUb0ZDtEhsCs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c8a4266-AMS
accept-ranges: bytes
content-length: 1137
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 PCI_Logo_Large-1-e1600085244281.png
bitc-offers.com/amzn/english/v4/images/ 2 KB
2 KB 37ms
37ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/PCI_Logo_Large-1-e1600085244281.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f2e93d6f7d74903eb9cca6a54be881076e615f5488543b66428930b3fba039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-76b"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2q%2BNwgOQM%2F%2FvtpII8xTbYgaOfvhmdPePipKnbtrCmkO%2Fq11nnq83nY26cMR6jyweHQDfHoyfLRhxCbn%2BXfiDm8DXJ%2F9wYj%2FVEkCp3vH3PIAiNTffO%2FjmKsyR%2BQdTcxS7fXkccyqIJryMRsUuIk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c8b4266-AMS
accept-ranges: bytes
content-length: 1899
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1-1-1.png
bitc-offers.com/amzn/english/v4/images/ 7 KB
7 KB 50ms
50ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/1-1-1.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c160ac036033660c06cfa9a917a9c02612b436627f5d657018f8f8461b33dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-1c3a"
age: 5440
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGRDJ10qYc15uLn21AH6xAHFnCyyFHxW0Fc%2Fhjjs%2B2VmaGnoGW9XKYzwbAVHpYByAVMflbICIFbfH0Ec8DhZYcSz3W%2FtroW5nFFlVSzgvACdzd3R936Rx36YCqgD8EYgOIsg3sF93D2NPpM74I0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b5c6d4266-AMS
accept-ranges: bytes
content-length: 7226
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 2-1-1.png
bitc-offers.com/amzn/english/v4/images/ 8 KB
9 KB 37ms
35ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/2-1-1.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b64f36df4cf6366a3be439963be3b3f87e29e67f58f4edaf7ee154937452e3a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-21c2"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtkWvNrsEaSB6M23FyijFtMVjX9xvYDEPAcH17PiYalRGcC%2BcmHYVF1LY2hYvqdwtSz2i754AbjDICpBIIM2gsLXCXgxBPc6uq2k1r7UWKcY6VVo3y%2BJrQJUD29n0irR15Ai3LG%2BPVb23C3uuVI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b6c804266-AMS
accept-ranges: bytes
content-length: 8642
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 3-1-1.png
bitc-offers.com/amzn/english/v4/images/ 8 KB
9 KB 38ms
36ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/3-1-1.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a528420676873a4cbd42c7386e89a5e65aa8ff62ce84b3297cb4033e475b44b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-21b4"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGHNfKQ7Zq6OCZF%2FBbLuPCAIsrDtEZT4DS%2FAIwAvitc%2FaAlmZHGgawPciw6FQeLof7KJNI6ArAWxRdtPN84G4PI7EvpDx9QGT5c54lVkgVbVrSRZefad03%2Bz1%2B5q%2FBm0s0XhlbC4nAanWYpQCGA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b6c824266-AMS
accept-ranges: bytes
content-length: 8628
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 imgw.webp
bitc-offers.com/amzn/english/v4/images/ 9 KB
10 KB 37ms
36ms Image
image/webp 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/imgw.webp

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d642289112e0922d0a92bca3cae1c64fff6ac36ec23b018fd17c5d686303fbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-2592"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3uZ3ur%2F%2FXQw58%2BnO0VO%2FvJn8wc1%2FEs%2BZ1wZQuXDVBwPjUUm%2Fs0vuj7aKnxixVgULYThEXQprEuW8zqF9XRkiD8vMdjblVV9t%2FfI%2BihQBe77hKt4Y7YVFYJmy0gUGYBHi5BeHXA3OZZlktwHfwI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b6c854266-AMS
accept-ranges: bytes
content-length: 9618
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/webp
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 forecast.6f888dfa-1.jpg
bitc-offers.com/amzn/english/v4/images/ 25 KB
25 KB 56ms
56ms Image
image/jpeg 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/forecast.6f888dfa-1.jpg

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-6293"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FU5qib24jXAR85gspNHwLZQOc5u2UfFItfPttwG82KX5Q7nDY40kXoQTABgElOUXx2j2FuVRWQu6yzXCym4LIeeu%2BXIZvnP16kCvGfXhdA4QaRCB5R6F5ii%2FAKtXKnLbllLxB5sCWsjkRxL0BkM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c8c4266-AMS
accept-ranges: bytes
content-length: 25235
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/jpeg
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 chart2w.webp
bitc-offers.com/amzn/english/v4/images/ 35 KB
35 KB 37ms
36ms Image
image/webp 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/chart2w.webp

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330a63ec22d504c811096ebf4a3346bb2549583bef9f8de0e3d5c9471ca096dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-8b6c"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKw3l4JOudyye7NYSfsEwQHT9fnvyxA%2BkGWAjVWSStSL0vhdYMcRKj4edebX6oH03rDTzUZItfXhtRuyp40Fr01NyL2vsvsyMjYRZ%2BFdKIKpmBTnxTWKxPugCdRM3Bh5ViA5M1XLGjIzJAb0BJU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c8e4266-AMS
accept-ranges: bytes
content-length: 35692
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/webp
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 PCI_Logo_Large-1.png
bitc-offers.com/amzn/english/v4/images/ 7 KB
7 KB 56ms
55ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/PCI_Logo_Large-1.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8bb382f4aa24f5c719d2bb30b1bcbbd70967a8d80c6a927bf70833b6c8dddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-1c73"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXeu1dGxOYA%2F9arSwhx%2BxynB7hPJXk6QM2zRzAEDTNrhcQUZ44h%2BLbD8BDaEn5q8eTiK41s1XM9khULvOvKBQn%2BFJcA%2BbfiShexc35SkOu3lO%2F1RuXbWmUpneGkpGtKr72AsyUdHwLdtXAk37Lg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c8f4266-AMS
accept-ranges: bytes
content-length: 7283
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.5.1.min.js Show response
bitc-offers.com/amzn/english/v4/js/ 87 KB
32 KB 55ms
54ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/jquery-3.5.1.min.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-15d84"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyNEXh05bEiPeYkUVsXsV%2BdakILQjyz9HKIrJeNvi4SDUIYvMuZuijUCph9Tz11zXVEvC1lgFHEKRr0Vz2HvIhGl5jHEJIyI3pJ0OsWOcWnlQawl%2FrEVIZ8FSAScNaFzkMMnOw%2FBf76WA041mt4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c914266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 script.js Show response
bitc-offers.com/amzn/english/v4/js/ 168 B
436 B 53ms
52ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/script.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f9f366acc1e9f23510f6aac1ebd7b1a0136974a06ccfa82906d38ebfee0698a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-a8"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1GIqpqQLIe0wA%2BWSvO8ja7ICVDtsf3Xr5O8OUqmReVMrX%2BUkQutubqFyRdcpE8qK%2F86wUki2%2F5e5ZS24LDV%2FxcbwrhY7Tg%2BC9aRaWJIsGbqLlUpq3Aex8kIvZFCbdJ6q37fH2PfMJ%2FaQok%2FPQw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c924266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 getdetector.js Show response
bitc-offers.com/amzn/english/v4/js/ 216 B
448 B 54ms
53ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/getdetector.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-d8"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTTPqeR8IznzdNw1FOjm5Lm%2BqQCC05ZCm2u5QO4lHjGtyWNYjWlGkDZljZ5iMZJmoGzQKapio8vm3g56%2BNz8YohqIGpaQTSVpeDi2zSBNtU0Acbl%2BfwBy%2BLwTHIv%2BKqyOjUlaSXgpK7P0ZXMVMs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c944266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 intlTelInput.js Show response
bitc-offers.com/amzn/english/v4/js/ 82 KB
20 KB 69ms
69ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/intlTelInput.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

117dbaf176701074ba3523e8f4cd40f0164e1e4f3fdd6e4182c246c42dd9aaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-14996"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fQ0wjF5qmleg7Qlc8OjZJsKzXXvAUGoxWqlOBvhNIw2j48JO6fA7tSpH4LXP%2Bo%2F8M5NsDIRvyuMuxwvb2IMPQ2n7XfgixFaM8k7SVCWGHyS03XrqKDBymJsSGhBsepb2vKikYec5D03Q6bfRO8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c954266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.validate.min.js Show response
bitc-offers.com/amzn/english/v4/js/ 22 KB
8 KB 54ms
54ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/jquery.validate.min.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad2df085f23b047f5de23b2d503da16f265f180d96e8da72a6cfc1b40251ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-58a7"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1KNs%2ByWlsGttPcGW60uMP4NlZZXjyHJu1cdPxI1U3a95Z3QEH5aqSA5QjXWKvSSH0YbeV2cVmxVyxNGjEwvsbTkOCFwKDI80gWrFzMBMbm14vfvjGFjlTQg5rlkEi9RYHzgQCoXu3gJl%2F6RKtM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c964266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 valid.js Show response
bitc-offers.com/amzn/english/v4/js/ 11 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/valid.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b518bfd22cfd2ca90c380ab3b2452f961e20f251e74386de6079d95961c497e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-2ab9"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWkuk4I18LubQaEQXPYlFJd0NmTbBRfIo7eSQHqQvqyuZUVpOvAvyA%2FzbakB8rBPoyMqWXaw2z9MJ4Yn0gJu9NPhMbm0QgAai8Mg5azlaPeZNmZ7%2BDTc3fzBAk90LHGqHLRsdJm4EfE4bkvCkX4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c974266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 device.min.js Show response
bitc-offers.com/amzn/english/v4/js/ 3 KB
1 KB 52ms
52ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/device.min.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-a2d"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V09mM9w3bI6%2FhkdjIoVyGw8IrqJdB%2BjaD2WRmcRiKwrXdIyNL7Ftfd7fsY3z3wRA99c5q3rzYYNkjEvTNL8nha2q%2FPfvt274%2BPTwQHG1etcTioKDmDQTEoOw%2Bw25UFVqIbFclxXD6r0QbUTNgzQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c994266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 default.js Show response
bitc-offers.com/amzn/english/v4/js/ 6 KB
2 KB 54ms
54ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/default.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b78fcf45ad4211da560de4c1a43ad672a13a6683af6636d2e2e68560df600704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-186e"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuPo4lIIeOTjVDeBGQQRi1wzh3hMka%2FdLuLo8pua3NPg7u2dgja0VTdDflYBF0nAlE5NhDJJuLHmQWyFFoiGbssYI5Uz4S98jn0fKvm9VvRXJ7ZLOUAQaRnzNdWXxtK0uLs2eq3C9FdzlutcHUA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c9b4266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 commonJs.js Show response
bitc-offers.com/amzn/english/v4/js/ 19 KB
6 KB 53ms
53ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/commonJs.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aef133f9a38cdb00d6390af69038498bb2ae89b979f4bc717c00757f1931eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-4d26"
age: 5439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOVlPrxh%2FRUJ0rQO9XtHkbyVoxLiZ1ryzlsAlMpNnqrn2PV4KYuM%2BxgTSGk4d%2BZvucOzZ7icxywCIhGEQf%2BvFi0jQ%2FXhyrTuTkfMky2%2F1Pv5Npi%2FNpGR6Pf8XVnmV%2F8Kg5ibFIn1lTjAO1P6TC4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087b7c9d4266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 amazon-1-1.jpg
bitc-offers.com/amzn/english/v4/images/ 101 KB
102 KB 27ms
27ms Image
image/jpeg 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/amazon-1-1.jpg

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/css/head-190f3c7528b9ebb950a12a26914c110780453f8a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/css/head-190f3c7528b9ebb950a12a26914c110780453f8a.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-195bd"
age: 5437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fC6eFSFnt3ZvpoGROAVkn4aCKn5CseRjChX7WN3WMi17Wc4ADEvDcLHIL%2FXB3p71qXZYAZQuNopcWYjJiqPraHRss1SGP%2FoZaCZyZaLU89dka%2FjsyQ3Dr8tczIycvJnOhoSyA%2FbZQSLLy3etYZ4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087c0d234266-AMS
accept-ranges: bytes
content-length: 103869
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/jpeg
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 form-valid.svg
bitc-offers.com/amzn/english/v4/images/ 216 B
514 B 32ms
32ms Image
image/svg+xml 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/form-valid.svg

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/css/style-2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8953a72e2f08c511a3702f0aa1c365d241dc02375d426de9a78a88960680a4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/css/style-2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc854-d8"
age: 5437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPeLhqAx20hWUAOAK1%2FDjzRTQabTf0B2NMWdF3Oi6n2zihjpjCfcBH9mOLvdeUCSZ%2Fm8IljuZhhbrYasmuSzBAnD%2ByX%2FfnvXlKg0rcSTdEAHc%2BeS8cyXiIXfoikB7Avfo0hzrM67g8SbXyUc%2BxA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087c0d264266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 uK_w4ruaZus72nbNDycQGvw.woff
bitc-offers.com/amzn/english/v4/fonts/ 12 KB
13 KB 27ms
26ms Font
font/woff 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/fonts/uK_w4ruaZus72nbNDycQGvw.woff

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/css/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7b09202924c9eb634eb425ac2637ae782bdcac49f98b7b8131f58f7b21fc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bitc-offers.com
Referer: https://bitc-offers.com/amzn/english/v4/css/css.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-3150"
age: 4851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCfw5TuApV9CpDa%2BZNBTpRqHrC9V%2B7G0x%2F9un4llVGg6wj98%2BQ3Y%2Fj%2FEw%2BUXDynazUaUKzXz%2BQKJijPCQjWDw1%2Fr8cMw3QZAi0AQ5on0IPjcnnSgMxR6cpROk2dceRZvd6bWlUYo2j5n5f2d1Og%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087c3d474266-AMS
accept-ranges: bytes
content-length: 12624
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: font/woff
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Poppins6.woff2
bitc-offers.com/amzn/english/v4/fonts/ 8 KB
8 KB 31ms
31ms Font
font/woff2 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/fonts/Poppins6.woff2

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/css/style-1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bitc-offers.com
Referer: https://bitc-offers.com/amzn/english/v4/css/style-1.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-1edc"
age: 4851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D70kYRyBMut8ZY84yC2JQ6j8szyqiMeMM2OUqU9t9Pu4mSuU%2FE%2BjbH0fp1el26PwcQtR47cJBnMzbdU9Y1pcCT9hQqrwSsidIMx3uNZTYx7XCnlnuLyo6XPb%2BpcaEi0ENoXj4nBPtuaqrrqw%2FXw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087c3d4a4266-AMS
accept-ranges: bytes
content-length: 7900
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: font/woff2
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK geo Show response
amos-mamaya.fun/ 70 B
402 B 284ms
91ms XHR
text/plain 198.211.98.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://amos-mamaya.fun/geo
Requested by: Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.98.91 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5a60b8aa2fdfd2a82f31bb96679e4a64cb03a48b08529808cec9a6669aec6dba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bitc-offers.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Content-Length: 77
Keep-Alive: timeout=5, max=100
Date: Mon, 07 Oct 2024 07:03:45 GMT
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)

GET
H2 200 flags.png
bitc-offers.com/amzn/english/v4/images/ 18 KB
18 KB 32ms
31ms Image
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitc-offers.com/amzn/english/v4/images/flags.png

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/css/intlTelInput.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050d599f234d8ce89a43076e8b678890ebc9a401724d9ac1195a880d784fe7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/css/intlTelInput.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-462c"
age: 5436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7QQf4w1ZJSaYNDcxRD3FtdEyPf5bk8Ia%2Bp%2Fmk4SCn9YRj6jVKYIvBsILtuMIP6AseuSDcsxFz5aZFavTn9vVeio2DqCB%2FV4lvwAFb5EdziYbIoHobN%2BNc6CfVqiqRhsWW0nGQxCmLpLZzu0OUM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087c7da34266-AMS
accept-ranges: bytes
content-length: 17964
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 utils.js Show response
bitc-offers.com/amzn/english/v4/js/ 228 KB
54 KB 32ms
32ms Script
application/javascript 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/js/utils.js

Requested by

Host: bitc-offers.com
URL: https://bitc-offers.com/amzn/english/v4/js/intlTelInput.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5277eaf274835757d6682660675f6c3af0d95f8462d007483c881730f1a95e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"634fc856-391c8"
age: 5433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhPbT0h7v%2FviXpJqMHARwW8UKdK9ep3XYGOlqOw0d9UZ8amDH87L%2FbE6N6Zp5OVGgh5UrIs1skCiMP94EZU%2Bx7zDHpDO5U6LGT%2B94RQmBDuLuXFwItD1EjzMXXMVzxPqk%2BlEqXkH44znrF88tso%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087cbdd04266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 09:50:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 404 sp-push-worker-fb.js Show response
bitc-offers.com/ 555 B
474 B 27ms
27ms XHR
text/html 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitc-offers.com/sp-push-worker-fb.js
Requested by: Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/74db37c8eba9b06120be0f0b8255872a_1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 33
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99tNqKufWtYgKc3k6P1cZO%2BlYzXkDQcewbswSNU3%2F4qGVAtrxqLlDya3JK%2BC9H9pjyWEcqeN1V4%2BFfmAtdfYh2540j1uvCO2XinSIyOi%2F12DD2VdP51gT0myVRZE%2BhBY3Zjbp25j1Ay9EGrghqY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087cbdcd4266-AMS
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 favicon.png
bitc-offers.com/amzn/english/v4/images/ 753 B
1 KB 29ms
29ms Other
image/png 2606:4700:3037::ac43:a645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bitc-offers.com/amzn/english/v4/images/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:a645 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a4ed2dfc39a04a29e7ea380a36a39ead1592975d0b49c046b2e01714f2b5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bitc-offers.com/amzn/english/v4/index.html?aff_sub=cs1ofk5a6vts7391ujv0

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "634fc854-2f1"
age: 5436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uJayP990vjVngRUFAxhs%2ByhgtbUan3FOmp6%2BKrdU162W861dcrwO%2FcbuFayxtWRAJ%2F6VdzGRD8VcFmoqO6GCX2qLwBFyiWir0U%2BLo3uBEAfs0LpnIniJwDC8L7AGFaiG%2F5526UdW5yUfxgz8lY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cec087cbdd14266-AMS
accept-ranges: bytes
content-length: 753
date: Mon, 07 Oct 2024 07:03:45 GMT
content-type: image/png
last-modified: Wed, 19 Oct 2022 09:50:12 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tencheckit.org/	1970-01-21 00:05:45	Name: mobitck Value: 1
gribeorlneka.net/	1970-01-21 08:50:20	Name: OAID Value: 0080ee69e34b437eee951a92de275920
gribeorlneka.net/	1970-01-21 08:50:20	Name: oaidts Value: 1728284624
gribeorlneka.net/	1970-01-21 00:04:48	Name: captcha Value: player
gribeorlneka.net/	1970-01-21 08:50:20	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 08:50:20	Name: ID Value: 0080ee69e34b437eee951a92de275920
whinairith.net/	1970-01-21 08:50:20	Name: oaidts Value: 1728284624
whinairith.net/	1970-01-21 00:04:48	Name: captcha Value: player
whinairith.net/	1970-01-21 08:50:20	Name: OAID Value: 0080ee69e34b437eee951a92de275920
whinairith.net/	1970-01-21 00:14:49	Name: syncedCookie Value: true
nl-trkk.live/	1970-01-21 08:50:20	Name: uclick Value: n+6Cwlheb4g10bKgOmCYv1rymP6OtWtYj08mgPuXGitSDovZXVKIPy6gmnLgOcul5tN/gng=
nl-trkk.live/	1970-01-21 08:50:20	Name: bcid Value: cs1ofk5a6vts7391ujv0
nl-trkk.live/	1970-01-21 08:50:20	Name: cid Value: cs1ofk5a6vts7391ujv0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://bitc-offers.com/amzn/english/v4/js/jquery-3.5.1.min.js(Line 1) Message: Listener added for a 'DOMSubtreeModified' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
network	error	URL: https://bitc-offers.com/sp-push-worker-fb.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amos-mamaya.fun
bitc-offers.com
fonts.googleapis.com
gribeorlneka.net
i.ibb.co
js.onclckmn.com
my.rtmark.net
nl-trkk.live
raviral.com
tencheckit.org
update.suntech-dz.com
web.webpushs.com
whinairith.net
www.primarkingfun.giving
139.45.195.8
139.45.196.64
139.45.197.242
162.19.58.156
176.97.112.149
198.211.98.91
2606:4700:3037::ac43:a645
2a00:1450:4001:82b::200a
2a02:6ea0:c700::107
2a06:98c1:3120::3
37.114.46.212
45.133.44.52
51.68.82.147
99.198.106.197
050d599f234d8ce89a43076e8b678890ebc9a401724d9ac1195a880d784fe7b8
117dbaf176701074ba3523e8f4cd40f0164e1e4f3fdd6e4182c246c42dd9aaa5
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2460ce2e0ce7e40ab269841f6c02976375dfbeedb9ac9e08e3726ca1fa91c0d7
27db4fb1736bde1232f4ba438c9853a5a44c009f26b9e0a7deaa18c2c1c99489
2ad2df085f23b047f5de23b2d503da16f265f180d96e8da72a6cfc1b40251ce7
2d7b09202924c9eb634eb425ac2637ae782bdcac49f98b7b8131f58f7b21fc8a
2db13a57267ee3650e6e2e99c922ea1653cace36672e33ea3db8fdf3d6b958ed
330a63ec22d504c811096ebf4a3346bb2549583bef9f8de0e3d5c9471ca096dc
35ad252f4fd0ad646c97874ab6f29c6a21deadda6144ca495e5169853cc2e05d
3aef133f9a38cdb00d6390af69038498bb2ae89b979f4bc717c00757f1931eb9
3c160ac036033660c06cfa9a917a9c02612b436627f5d657018f8f8461b33dc5
3f5f7653f16d2de3008ba98666ccd5ca0232ce0edd0e2aa8f20f53b76f8799cd
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
44427cb2a51e54cca2cb648212f313ce64433ce7454e3df0c386c0156e98e36a
46e3a2cd9b8616ac1f355404110ac91cc667fa0af40378cae7a5f01770623075
479d0e7ddd072e36d98db9eace0383003a729c3278497a8390505d7900e033c8
4b93b490578d47b49124a45cde551b9fd09362dfbd9d8772b5c0a6fa23a01b60
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a60b8aa2fdfd2a82f31bb96679e4a64cb03a48b08529808cec9a6669aec6dba
5f9f366acc1e9f23510f6aac1ebd7b1a0136974a06ccfa82906d38ebfee0698a
7649d88b8d275bb2007326fc310ce3e8b729a79c92103cbe2f1ffc4eed2bdc25
7bbc5355e7ac0f12609b74302c2abcad3b98f50c1e44f2f35e526727b5fe5b41
7cc87d114ce221da0fd17e16da9607b5d9e25aa0ed85521197da2de91a0206fe
8953a72e2f08c511a3702f0aa1c365d241dc02375d426de9a78a88960680a4f6
8a5d4230307c1b140b5677e7daf4123a9393b4347dd3c0c857126cb42f641df5
8ef29b090ac22870a47de3ca172fedd0b9eff1ab0abd66ee8f0c139a575273da
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
9b518bfd22cfd2ca90c380ab3b2452f961e20f251e74386de6079d95961c497e
9ee32dee4f11a191783af562e9587f19ed239005602736be13ccb9c9bd2d3cb2
a4c23728eb4ee1b43397d442e4128ee37a0ee7d4b4b1298c019f4010f6d5448f
a528420676873a4cbd42c7386e89a5e65aa8ff62ce84b3297cb4033e475b44b7
a79d605d3a4665bacac8db2503fabb8ef68516cede8f51add4f5b422464e12d3
a8bb382f4aa24f5c719d2bb30b1bcbbd70967a8d80c6a927bf70833b6c8dddc6
aa4fe92e09f94671f24e453a8cf9527c0851f65b608c7f9fab304608353ae354
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
b64f36df4cf6366a3be439963be3b3f87e29e67f58f4edaf7ee154937452e3a1
b78fcf45ad4211da560de4c1a43ad672a13a6683af6636d2e2e68560df600704
b8a4ed2dfc39a04a29e7ea380a36a39ead1592975d0b49c046b2e01714f2b5d1
ba1f4ab0b9150d9a5ce866bc37f9a791d83af0f2df7de19013f2dc3e68d9a141
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
d642289112e0922d0a92bca3cae1c64fff6ac36ec23b018fd17c5d686303fbf0
d7a2e182ba1a497774066eb85a54cd690ad890993308e0b679eae1590de93b51
d9f2e93d6f7d74903eb9cca6a54be881076e615f5488543b66428930b3fba039
dc4755809a62166dc6754f2eda6515d9a4ad7bdbce1d90e63d4c092132ce0f18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5277eaf274835757d6682660675f6c3af0d95f8462d007483c881730f1a95e2
f22037230752cce079f61a83da52b4c15a53fae47b2d546cde94bf9fd66b9d2c
f416b7bc2cad67dec7ddf9d4f2c35debaaf5099f6d9e8adfcbc44a90fb0e84b4
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

bitc-offers.com Open in urlscan Pro 2606:4700:3037::ac43:a645 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

29 %IPv6

14 Domains

14 Subdomains

13 IPs

5 Countries

705 kBTransfer

1869 kBSize

13 Cookies

6 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

bitc-offers.com Open in urlscan Pro
2606:4700:3037::ac43:a645 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

29 %
IPv6

14
Domains

14
Subdomains

13
IPs

5
Countries

705 kB
Transfer

1869 kB
Size

13
Cookies

66 HTTP transactions
0 data transactions