urlscan.io logo urlscan.io
SecurityTrails logo

bimaster.cc Open in urlscan Pro
147.45.198.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://godprox.cc/topay.php?price=1394w2
Effective URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Submission: On September 17 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 147.45.198.137, located in Frankfurt am Main, Germany and belongs to HOSTINUX-AS Hostinux Limited, GB. The main domain is bimaster.cc.
TLS certificate: Issued by R12 on September 2nd 2025. Valid for: 3 months.
This is the only time bimaster.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 147.45.198.137 212701 (HOSTINUX-...)
1 142.250.185.106 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
3 142.250.186.99 15169 (GOOGLE)
18 4
Apex Domain
Subdomains		 Transfer
12 bimaster.cc
bimaster.cc
349 KB
3 gstatic.com
fonts.gstatic.com
23 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 244
56 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 godprox.cc
godprox.cc
487 B
18 5
Domain Requested by
12 bimaster.cc bimaster.cc
3 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com bimaster.cc
cdnjs.cloudflare.com
1 fonts.googleapis.com bimaster.cc
1 godprox.cc 1 redirects
18 5

This site contains links to these domains. Also see Links.

Domain
www.moonpay.com
buy.coingate.com
wallet.bitcoin.com
trustwallet.com
Subject Issuer Validity Valid
bimaster.cc
R12		 2025-09-02 -
2025-12-01		 3 months crt.sh
upload.video.google.com
WE2		 2025-09-08 -
2025-12-01		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2025-07-20 -
2025-10-18		 3 months crt.sh
*.gstatic.com
WE2		 2025-09-08 -
2025-12-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Frame ID: 11CED8441947C3D61CE835E3C8BBB2FC
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitcoin Payment

Page URL History Show full URLs

  1. https://godprox.cc/topay.php?price=1394w2 HTTP 302
    https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

429 kB
Transfer

852 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://godprox.cc/topay.php?price=1394w2 HTTP 302
    https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bimaster.cc/payform/y2d433/13c4/1394w2/
Redirect Chain
  • https://godprox.cc/topay.php?price=1394w2
  • https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
a8a32aed518ddba34af40351b5aeca33fae1164774837e319111ff0ccebc7b94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Sep 2025 12:44:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Sep 2025 12:44:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
85b127500fbea6c91effbeff2ff9e7e66ba7e6fc5de1ff0bd1b43a66192daa18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 12:44:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 17 Sep 2025 12:44:13 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 17 Sep 2025 12:38:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/css/ 		45 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/css/ionicons.min.css
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb25b72286b5daaebd9758183f196cfc7ded15748acb610bd4ba266e95fd1e1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03eae-b5ff"
age
1109093
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fexfkmcPaHI2YUf3fqTNvrClfXY%2Fr06bfzMAF%2B7CO0mbTqFGLBrUVrzr3BUaOZY9ozA1XSleQXf4jXgs15zrFQEIfeyZmBW3ANtBCbVwSHZlF9ik3S3bl5hpDP%2BD5W9uY5%2FGceSq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Sep 2026 12:44:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 17 Sep 2025 12:44:13 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9808b19a8f15eecb-WAW
accept-ranges
bytes
access-control-allow-origin
*
content-length
5229
server
cloudflare
font-awesome.min.css
bimaster.cc/forms/form_1/fonts/fa/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/fonts/fa/css/font-awesome.min.css
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
ef4a33d556a5df50abff40403449d9bb1bffedd91c49070523f8383b59a51f33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-7873"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:13 GMT
Date
Wed, 17 Sep 2025 12:44:13 GMT
Content-Type
text/css
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
style.css
bimaster.cc/forms/form_1/css/ 		245 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/css/style.css
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
a7d9561733b4a082b5418215d3855d7bbc1b1e9e832a824d1fc0fce357ba0e3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-3d4a9"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:13 GMT
Date
Wed, 17 Sep 2025 12:44:13 GMT
Content-Type
text/css
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
intlTelInput.css
bimaster.cc/forms/form_1/css/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/css/intlTelInput.css
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
8a2a1047a328888af25265ea5845d575e902dfffe5c99ab5241a7a979cfa1e02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-646f"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:13 GMT
Date
Wed, 17 Sep 2025 12:44:13 GMT
Content-Type
text/css
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
jquery.js
bimaster.cc/forms/form_1/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/js/jquery.js
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-1538e"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:13 GMT
Date
Wed, 17 Sep 2025 12:44:13 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
loading.gif
bimaster.cc/forms/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bimaster.cc/forms/loading.gif
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
3391de7c934a7aa127b80da74e1533cfea3b0dbc694b1e7f67dabb3144de9f53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Cache-Control
max-age=86400
ETag
"685a729e-2ae76"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:13 GMT
Accept-Ranges
bytes
Content-Length
175734
Date
Wed, 17 Sep 2025 12:44:13 GMT
Content-Type
image/gif
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
popper.js
bimaster.cc/forms/form_1/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/js/popper.js
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-520b"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:13 GMT
Date
Wed, 17 Sep 2025 12:44:13 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
bootstrap.min.js
bimaster.cc/forms/form_1/js/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/js/bootstrap.min.js
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-f708"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:14 GMT
Date
Wed, 17 Sep 2025 12:44:14 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
main.js
bimaster.cc/forms/form_1/js/ 		248 B
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/js/main.js
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
aec9aaddae24889e006bfd4354cd33d06ca34de32b7fd532233e1bf5c198919d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"685a729e-f8"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:14 GMT
Date
Wed, 17 Sep 2025 12:44:14 GMT
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://bimaster.cc
Referer
https://fonts.googleapis.com/

Response headers

age
63055
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 16 Sep 2026 19:13:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 16 Sep 2025 19:13:19 GMT
last-modified
Mon, 15 Sep 2025 16:35:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
bimaster.cc/forms/form_1/fonts/fa/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/forms/form_1/fonts/fa/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/forms/form_1/fonts/fa/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://bimaster.cc
Referer
https://bimaster.cc/forms/form_1/fonts/fa/css/font-awesome.min.css

Response headers

Cache-Control
max-age=86400
ETag
"685a729e-12d68"
Connection
keep-alive
Expires
Thu, 18 Sep 2025 12:44:14 GMT
Accept-Ranges
bytes
Content-Length
77160
Date
Wed, 17 Sep 2025 12:44:14 GMT
Content-Type
font/woff2
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://bimaster.cc
Referer
https://fonts.googleapis.com/

Response headers

age
63546
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 16 Sep 2026 19:05:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 16 Sep 2025 19:05:08 GMT
last-modified
Mon, 15 Sep 2025 16:36:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v24/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://bimaster.cc
Referer
https://fonts.googleapis.com/

Response headers

age
62894
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 16 Sep 2026 19:16:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 16 Sep 2025 19:16:00 GMT
last-modified
Mon, 15 Sep 2025 16:34:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
ionicons.woff2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/fonts/ionicons.woff2?v=4.5.5
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/css/ionicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Origin
https://bimaster.cc
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/css/ionicons.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03eae-c57c"
age
44678
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3wQ62pstwZ%2FpwRBH6l8G3W5wFFivCI5ix6Ey8CzaepHzkiVY7ZT2HWf8DUM1qsuEydgHrCht6dCMhf3DSgVy5%2FjhcKrXHVjDanduJ2WMoQP06N99AnnbdzQas3E87kx9ATRzNDW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 07 Sep 2026 12:44:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 17 Sep 2025 12:44:14 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9808b19bfea5ecb8-WAW
accept-ranges
bytes
access-control-allow-origin
*
content-length
50556
server
cloudflare
check_ispaid.php
bimaster.cc/ 		1 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/check_ispaid.php
Requested by
Host: bimaster.cc
URL: https://bimaster.cc/forms/form_1/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Wed, 17 Sep 2025 12:44:14 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
favicon.ico
bimaster.cc/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bimaster.cc/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.45.198.137 Frankfurt am Main, Germany, ASN212701 (HOSTINUX-AS Hostinux Limited, GB),
Reverse DNS
vm10684.hostinux.com
Software
nginx /
Resource Hash
0cef4cefd488462bc17f408fc48a73c2842dadc77f9cfe869eb5ad284c87f61e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Referer
https://bimaster.cc/payform/y2d433/13c4/1394w2/?csrf=82dd8

Response headers

ETag
"685a729e-8be"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2238
Date
Wed, 17 Sep 2025 12:44:14 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 24 Jun 2025 09:40:46 GMT
Server
nginx

Verdicts & Comments Add Verdict or Comment

5 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| Popper object| bootstrap

6 Cookies

Domain/Path Name / Value
.godprox.cc/ Name: PHPSESSID
Value: 818a24d23e3195dbd8615e3a2eb30bd8
.bimaster.cc/ Name: PHPSESSID
Value: d4044a5e3c4fb58408b9d72b2a6e8941
.bimaster.cc/ Name: u
Value: y2d433
.bimaster.cc/ Name: o
Value: 13c4
.bimaster.cc/ Name: p
Value: 1394w2
bimaster.cc/ Name: backl
Value: https%3A%2F%2Fbimaster.cc%2Fpayform%2Fy2d433%2F13c4%2F1394w2%2F%3Fcsrf%3D82dd8